Re: [milter-greylist] milter-greylist 4.5.5 is available
2013-08-30 by Jim Klimov
... Nay, tested it again - works as should, does not cause extra recompilations of sequential-only files (although does call MAKE_SEQ to find that there is
Messages
Browse messages
Page 20 of 144 · 7199 messages matched
Re: [milter-greylist] milter-greylist 4.5.5 is available
2013-08-30 by Jim Klimov
Hello all, ... Since this is my feature, I ll take the blame and try to explain ;) ... In the Makefile.in (and subsequently in Makefile) there is this
RE: [milter-greylist] milter-greylist 4.5.5 is available
2013-08-30 by Bruncsak, Attila
... I have to be a bit more precise. My make does not even recognise the -j flag: make -j make: illegal option -- j usage: make [-CceFiNnqrstUux] [-p | -Tp]
RE: [milter-greylist] milter-greylist 4.5.5 is available
2013-08-30 by Bruncsak, Attila
... Hello, My old make does not support parallel builds. Which is the configure option that I can use to disable that special build feature? ( Instead do the
milter-greylist 4.5.5 is available
2013-08-29 by manu@...
Here is milter-greylist 4.5.5: ftp://ftp.espci.fr/pub/milter-greylist/milter-greylist-4.5.5.tgz MD5 (milter-greylist-4.5.5.tgz) =
Re: [milter-greylist] Submitter DNS name resolution and forgery detection
2013-08-16 by manu@...
... Right, I fixed it. -- Emmanuel Dreyfus http://hcpnet.free.fr/pubz manu@netbsd.org
Re: [milter-greylist] Submitter DNS name resolution and forgery detection
2013-08-16 by Johann Klasek
... Got the same result on Solaris 8, Linux Fedora 15. In my opinion this is ok (see below). ... Looks ok to me. ... A bug? No, getnameinfo() has no sense
Re: [milter-greylist] Submitter DNS name resolution and forgery detection
2013-08-16 by Hajimu UMEMOTO
Hi, ... manu I tried the test program published earlier on NetBSD, ::1 is resolved manu to localhost , IPv6:::1 is not. I guess IPv6: shall be stripped.
Re: [milter-greylist] Submitter DNS name resolution and forgery detection
2013-08-16 by manu@...
... I tried the test program published earlier on NetBSD, ::1 is resolved to localhost , IPv6:::1 is not. I guess IPv6: shall be stripped. I get it
Re: [milter-greylist] Submitter DNS name resolution and forgery detection
2013-08-16 by Hajimu UMEMOTO
Hi, ... manu You mean we first have to strip [ or [IPv6: ? JFYI, RFC 5321 defines address-literal as follows: address-literal = [ (
Re: [milter-greylist] Submitter DNS name resolution and forgery detection
2013-08-16 by Johann Klasek
... Right, just in case of [IPv6: the starting pointer of the string to unbracket can be advanced to the position beyond the : ... However, this would make
Re: [milter-greylist] Submitter DNS name resolution and forgery detection
2013-08-16 by manu@...
... You mean we first have to strip [ or [IPv6: ? -- Emmanuel Dreyfus http://hcpnet.free.fr/pubz manu@netbsd.org
Re: [milter-greylist] Submitter DNS name resolution and forgery detection
2013-08-16 by manu@...
... Ok, I added that. -- Emmanuel Dreyfus http://hcpnet.free.fr/pubz manu@netbsd.org
Re: [milter-greylist] Submitter DNS name resolution and forgery detection
2013-08-16 by Jim Klimov
... I am afraid I can not answer that responsibly - there is no IPv6 anywhere I have access too. So far it is only a theoretical construct for us ;) ...
Re: [milter-greylist] Submitter DNS name resolution and forgery detection
2013-08-16 by Johann Klasek
... Just want to note, that the bracketed version sendmail provides may look like [IPv6:2a01:1b0:7999:446:0:2:8ed:2c78] This is the form sendmail falls back to
Re: [milter-greylist] Submitter DNS name resolution and forgery detection
2013-08-16 by manu@...
... If it is not broken, do not fix it. The situation you think about is usually worded in standards as the buffer content in case of failure is undefined ,
Re: [milter-greylist] Submitter DNS name resolution and forgery detection
2013-08-16 by Jim Klimov
... The way I read it, the standard only determines the actions about success, and not about failure - which is implementation-dependent (replace the original
Re: [milter-greylist] Contribution: regex rules for "bad" hostname patterns [1 Attachment]
2013-08-16 by manu@...
... I started writing code to support that. Stay tuned. -- Emmanuel Dreyfus http://hcpnet.free.fr/pubz manu@netbsd.org
Re: [milter-greylist] Submitter DNS name resolution and forgery detection
2013-08-16 by manu@...
... Thank you for digging that out. Let us start with assuming the standard are honoured, we will add workaround later if they are not. -- Emmanuel Dreyfus
Re: [milter-greylist] Submitter DNS name resolution and forgery detection
2013-08-15 by Hajimu UMEMOTO
Hi, ... manu Good question. Anyone has an experience of that? If NI_NAMEREQD is not specified, getnameinfo(3) copies a result on success, and copies a numeric
Re: [milter-greylist] Submitter DNS name resolution and forgery detection
2013-08-15 by Jim Klimov
... Well, the one experience I had with my code led to separate char[] arrays and inspection of the return code - and if was a success, I copied the string
Re: [milter-greylist] SPF SELF without known local address
2013-08-15 by manu@...
... No idea, look at the code. -- Emmanuel Dreyfus http://hcpnet.free.fr/pubz manu@netbsd.org
Re: [milter-greylist] Submitter DNS name resolution and forgery detection
2013-08-15 by manu@...
... Good question. Anyone has an experience of that? -- Emmanuel Dreyfus http://hcpnet.free.fr/pubz manu@netbsd.org
Re: [milter-greylist] Submitter DNS name resolution and forgery detection
2013-08-15 by manu@...
... Right. ... I prefer to address real problems rather than potential ones. ... Updated version: http://ftp.espci.fr/shadow/manu/unbracket2.patch -- Emmanuel
Re: [milter-greylist] Crash in p0f handler - PATCH [1 Attachment]
2013-08-15 by Jim Klimov
... Just wanted to report that since I made and used this patch (to return instead of exit), the milter s uptime is uninterrupted for a couple of days now.
Re: [milter-greylist] Submitter DNS name resolution and forgery detection
2013-08-15 by Jim Klimov
... Addon to previous review: I do not quite see how this routine does NOT change the original string in addr in case of any lookup errors? Did I miss
Re: [milter-greylist] Submitter DNS name resolution and forgery detection
2013-08-15 by Jim Klimov
... I did not compile and test it yet, but from code review: # This is in wrong order by a couple of lines - you should first set the priv- priv_hostname value
Re: [milter-greylist] SPF SELF without known local address
2013-08-15 by Jim Klimov
... Possibly not... at least, as long as we remind the admin to set a more correct value for the option than we can guess and hardcode beforehand ;) //Jim
Re: [milter-greylist] Submitter DNS name resolution and forgery detection
2013-08-15 by Jim Klimov
... I used -lresolv -lsocket instead, but yes, errx() is absent and can be replaced by a macro to do the error reporting (yes, there is more to a correct
Re: [milter-greylist] Submitter DNS name resolution and forgery detection
2013-08-15 by manu@...
... Here is a patch that does it using getaddrinfo/getnameinfo http://ftp.espci.fr/shadow/manu/unbracket.patch Please tell me if it fits your needs. --
Re: [milter-greylist] SPF SELF without known local address
2013-08-15 by manu@...
... Well, I am not sure we need to add black magic in order to catch the situation where the admin forgot to set an option. -- Emmanuel Dreyfus
Re: [milter-greylist] Submitter DNS name resolution and forgery detection
2013-08-14 by Johann Klasek
... That s what I am wondering about too. But as mentioned in a posting before, the below solution under Solaris may suffer from the resolve- double-checking
Re: [milter-greylist] Submitter DNS name resolution and forgery detection [1 Attachment]
2013-08-14 by manu@...
... I was reading it and it seemed a bit overkill to me to do the a.b.c.d - d.c.b.a.in-addr.arpa transformation on your own. That adds many lines and still
Re: [milter-greylist] Contribution: regex rules for "bad" hostname patterns [1 Attachment]
2013-08-14 by manu@...
... I said in another message, I think we can do better, with a mecanism to set variables. We can already do this: racl blacklist domain evil.com msg ask
Re: [milter-greylist] SPF SELF without known local address
2013-08-13 by Jim Klimov
... No, that is a different crash in a different location for different reasons. Unlike p0f, it left no clues in the log, so it is my guess from
Re: [milter-greylist] SPF SELF without known local address
2013-08-13 by Jim Klimov
... I ve seen a number of strange entries like the one below after enabling the rule as suggested above. The domain s SPF does include this IP address as a
Re: [milter-greylist] SPF SELF without known local address
2013-08-13 by Emmanuel Dreyfus
... I discover that command clause are not accepted if there are no filter clauses. This will work: racl continue from /.*/ addheader X-Greylist: inspected
Re: [milter-greylist] Crash in p0f handler
2013-08-13 by Emmanuel Dreyfus
... Please send code snippet? I do not see what part you talk about. ... milter-greylist was built without Ipv6 support? -- Emmanuel Dreyfus manu@netbsd.org
Re: [milter-greylist] SPF SELF without known local address
2013-08-13 by Jim Klimov
... I ve traced the crash to the recipient domain - format string macros %r (empty in spf addheader) and %sr (causes the crash). This does happen with both
Re: [milter-greylist] Crash in p0f handler - PATCH
2013-08-13 by Jim Klimov
... So here s a patch which I hope would help me :) This includes two fixes: 1) Do not abort the program on bad address family, but just exit the routine -
Re: [milter-greylist] config.h included twice - PATCH
2013-08-13 by Jim Klimov
... PS: All this said, I am more comfortable and certain with just removing the stock config.h file from the source directory as part of my build procedure...
Re: [milter-greylist] SPF SELF without known local address
2013-08-13 by Jim Klimov
... For some reason, this gives me an error with whatever I try, from trivial racl continue msg Test to racl continue addheader X-Greylist: inspected by %V
Re: [milter-greylist] config.h included twice - PATCH
2013-08-13 by Jim Klimov
... The trivial patch to avoid this conflict is inline below (make the current directory a higher priority for headers than the source directory), tested to
Re: [milter-greylist] SPF SELF without known local address
2013-08-13 by Jim Klimov
... Sorry for the noise, my tools have failed me. The keyword is described in the source manpage. For some reason, the Midnight Commander viewer did not find
Re: [milter-greylist] Crash in p0f handler
2013-08-13 by Jim Klimov
Hello all, This p0f bug does need more attention, from myself at least, to produce some workarounds. It hit my setup a few more times, with such queue
Re: [milter-greylist] SPF SELF without known local address
2013-08-13 by Jim Klimov
... Thanks, not yet, I ll give it a shot. Now I d have to also forge a very permissive SPF domain (which is not pre-whitelisted as the server s $self ), I
Re: [milter-greylist] SPF SELF without known local address
2013-08-13 by manu@...
... Have you tried this? rcpt whitelist not spf self spf pass ... I beleive you can with format strings: %i sender IP address %h HELLO string %d sender DNS
Re: [milter-greylist] Re: Patches to use localaddr if there is no if_addr, and some more SPF verbosity
2013-08-13 by manu@...
... Right, I fixed it and checked the patch in. -- Emmanuel Dreyfus http://hcpnet.free.fr/pubz manu@netbsd.org
Crash in p0f handler
2013-08-12 by Jim Klimov
Hello Manu et al, Today I ve caught a crash of milter-greylist, here are some details. The last entries in log were: Aug 12 16:16:23 ucs milter-greylist: [ID
Re: [milter-greylist] Submitter DNS name resolution and forgery detection
2013-08-12 by Jim Klimov
... This would not be even SPF defense, but rather classic (though IMHO not yet obsolete) DNS Sanity Check - that the registered reverse (PTR) and