Hi Mark, hi list, On Tue, Nov 28, 2006 at 08:37:21PM +0100, Mark Martinec told us: > Not so. > > - p0f and p0f-analyzer.pl need to be running on your MX host, > > - spamd with a plugin (or amavisd-new with its own client code > to query p0f-analyzer.pl) can be running on another host. > > The communication between the p0f-analyzer.pl daemon and > the client code is via UDP, very quick.
sorry to get more OT here, but may I ask two questions regarding p0f, as we seem to some knowledgable people here :-) 1. does anybody know if there are any problems regarding running the mail server with p0f behind a Cisco PIX firewall?? I have two locations (where I just wanted to do some fingerprint logging for now) where I only get "UNKNOWN" in the p0f logs...on the other hand, connecting from the local net (no firewall in between) gives me correct results in the logs...could there be some options on the pix to twiddle to turn off some kind of traffic normalization?? 2. as this is OT here, is there any p0f mailing list?? I haven't been able to find one... Thanks!! have a nice day :-) Sven -- Linux zion.homelinux.com 2.6.18-1.2849.fc6xen #1 SMP Fri Nov 10 13:56:52 EST 2006 i686 athlon i386 GNU/Linux 21:32:21 up 12 days, 22:50, 1 user, load average: 0.17, 0.35, 0.32
pgpBmtxHGpsJY.pgp
Description: PGP signature
