Re: [Exim] p0f integration

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
MJeremy Harris at <-
MPeter Bowyer at ->
Delete this message
Reply to this message
Author: Peter Bowyer
Date:  
To: exim-users
Subject: Re: [Exim] p0f integration
Christian Vogel <chris@???> wrote:
> Hi,
>
> On Fri, Jun 25, 2004 at 10:08:37AM -0100, Peter Bowyer wrote:
>> p0f has a useful-looking 'query' mode, which listens on a named pipe
>> and returns details of a connection given the source and destination
>> IP address and port.
>
> If your "names pipe" is a unix-domain stream socket, then the
> exim ${readsocket} expansion probably is for you.
>
> http://www.exim.org/exim-html-4.30/doc/html/spec_11.html

Yes, I know it well, but the p0f daemon needs the IP address and port of
each end of the connection, which isn't available in Exim-land. Needs some
smarter stuff.

Peter



This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [Exim] p0f integrationRe: [Exim] New Metod to Control SPAM : Mail Online Listing->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)