Bartek, > I am building new mail infrastructure in my company, and I have came to > place where it seems that os fingerprinting technique cannot be used. > > This is how the situation looks like: I have couple of smtpd servers > which are collecting mails from Internet, they are working with CARP > under one IP and then they are load balanced via haproxy. They got the > mail, and send it for checks to other CARP group of servers with amavis > installed. All of them are meant to run p0f-analyzer to give other hosts > which are doing AS&AV checks bit more info, but... amavis can ask only > one host for information about IP/OS. > > The problem is - how to make those > amavis boxes to ask the proper one, this is, the one who actually > handled the connection? This is serious issue as it is rendering the > p0f functionality totally unusable in real life scenario - separated > and load balanced hosts for receiving, checking and delivering mail.
amavisd can send a p0f query to the same IP address the SMTP connection came from: $os_fingerprint_method = 'p0f:[*]:2345' Doesn't each MTA have its own IP address on the inside? Mark ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ AMaViS-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
