Yahoo Groups archive

Milter-greylist

Index last updated: 2026-04-28 23:32 UTC

Thread

postfix and p0f support - no {if_addr}

postfix and p0f support - no {if_addr}

2008-09-08 by Greg Troxel

With the new p0f code and postfix I get:

smfi_getsymval failed for {if_addr}

It seems this is not supported in postfix:

http://www.postfix.org/MILTER_README.html

I have hard-coded by if_addr in the source for testing for now, but it
seems the only real fix is to add if_addr to postfix. A kludge or
workaround would be to have wildcard support in p0f and use INADDR_ANY
for my adddr.

Re: [milter-greylist] postfix and p0f support - no {if_addr}

2008-09-08 by manu@netbsd.org

Greg Troxel <gdt@...> wrote:

> I have hard-coded by if_addr in the source for testing for now, but it
> seems the only real fix is to add if_addr to postfix.  A kludge or
> workaround would be to have wildcard support in p0f and use INADDR_ANY
> for my adddr.

Can p0f answer a query that has a wildcard? Won't you get an answer for
another connexion instead of the one you are looking for?

IMO, a configuration option to set IP and port could help, at list on
non-multihomed setups. Another approach would be to contribute {if_addr}
and {daemon_port} macros to Postfix: these should not be very difficult
to implement.

-- 
Emmanuel Dreyfus
http://hcpnet.free.fr/pubz
manu@...

Re: [milter-greylist] postfix and p0f support - no {if_addr}

2008-09-08 by Greg Troxel

manu@... writes:

> Greg Troxel <gdt@...> wrote:
>
>> I have hard-coded by if_addr in the source for testing for now, but it
>> seems the only real fix is to add if_addr to postfix. A kludge or
>> workaround would be to have wildcard support in p0f and use INADDR_ANY
>> for my adddr.
>
> Can p0f answer a query that has a wildcard? Won't you get an answer for
> another connexion instead of the one you are looking for?

If the wildcard is for my address, then it's pretty likely it will be
the right one. Guaranteed if I have one address, and pretty good if
this is in response to a connection even if I have a few. But, the answer for a wrong connection from THEM to US (for wildcarded US) is still the right answer for milter-greylist's purposes,

> IMO, a configuration option to set IP and port could help, at list on
> non-multihomed setups. Another approach would be to contribute {if_addr}

That would be good to add because a lot of people will be running in
environments without patched postfix for quite a a while.

> and {daemon_port} macros to Postfix: these should not be very difficult
> to implement.

Indeed - one wonders why they don't exist - seems like really obvious
information to provide to a milter.

Re: [milter-greylist] postfix and p0f support - no {if_addr}

2008-09-09 by Patrick Domack

The p0f daemon requires source ip, port, and dest ip and port.

There is an option to make it allow wildcard source ports, but not  
wildcard ip's.

Every implementation I have seen so far, allows you to configure a  
source ip in their config to use if it's unknown, atleast to give it a  
best chance guess.

Quoting Greg Troxel <gdt@...>:
Show quoted textHide quoted text
>
> manu@... writes:
>
>> Greg Troxel <gdt@...> wrote:
>>
>>> I have hard-coded by if_addr in the source for testing for now, but it
>>> seems the only real fix is to add if_addr to postfix.  A kludge or
>>> workaround would be to have wildcard support in p0f and use INADDR_ANY
>>> for my adddr.
>>
>> Can p0f answer a query that has a wildcard? Won't you get an answer for
>> another connexion instead of the one you are looking for?
>
> If the wildcard is for my address, then it's pretty likely it will be
> the right one.  Guaranteed if I have one address, and pretty good if
> this is in response to a connection even if I have a few.  But, the   
> answer for a wrong connection from THEM to US (for wildcarded US) is  
>  still the right answer for milter-greylist's purposes,
>
>> IMO, a configuration option to set IP and port could help, at list on
>> non-multihomed setups. Another approach would be to contribute {if_addr}
>
> That would be good to add because a lot of people will be running in
> environments without patched postfix for quite a a while.
>
>> and {daemon_port} macros to Postfix: these should not be very difficult
>> to implement.
>
> Indeed - one wonders why they don't exist - seems like really obvious
> information to provide to a milter.
>

Move to quarantaine

This moves the raw source file on disk only. The archive index is not changed automatically, so you still need to run a manual refresh afterward.