John, > checking the p0f website last developments date back to 2006. > No visible activity ever since.
Yes. That's a pitty. > Does it make sense today to use p0f to find out about the clients that > connect to port 25? Or are p0f signatures completely outdated? Depends what you use them for. I mostly agree with Giampaolo. It still distinguishes Windows from Unix rather well. In this role it is still of help when a SA Botnet plugin (also outdated) is in use, as the p0f can save Unix/Linux hosts from Botnet false positives. In our part of the world (non-US) its TTL distance information is a bit of a help, as we rarely receive spam from hosts close to us (being in an academic network, connected to the rest of the internet via GEANT). Mark ------------------------------------------------------------------------------ Special Offer-- Download ArcSight Logger for FREE (a $49 USD value)! Finally, a world-class log management solution at an even better price-free! Download using promo code Free_Logger_4_Dev2Dev. Offer expires February 28th, so secure your free ArcSight Logger TODAY! http://p.sf.net/sfu/arcsight-sfd2d _______________________________________________ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user Please visit http://www.ijs.si/software/amavisd/ regularly For administrativa requests please send email to rainer at openantivirus dot org
