From: Stephane L. <Ste...@an...> - 2004-02-13 22:13:38
|
Lars, On Mon, Feb 09, 2004 at 09:16:07AM +0000, Lars Hecking wrote: > > > This patched version is based on the most recent version of amavis-milter.c . > > As I use amavisd-new I used : > > amavisd-new-20030616/helper-progs/amavis-milter-based-on-1.1.2.3.2.40.c > > (this version include some small changes compared to the latest amavis-milter > > CVS version such as usage & backward-compatibility arguments features. I > > guess that Lars will update the CVS version quite soon). > > I have made some changes already, but I'm not adding usage(), as the clients > are essentially not run interactively. Man page is sufficient. > > Lars, The amavis-milter CVS version is still locked at : 1.1.2.3.2.40 (last changes done 8 months ago). Any estimate time for a new CVS version with the changes you mentioned and the man-page ? I'm ready to do a new version of the patch adding the Received header and sending peer IP header. After some second thoughts and some comments I got, I now believe, these 2 features should be activated by default - not off by default or dependant on some configure option. We could use some WITHOUT_SYNTHESIS_RECEIVED_HEADER and DWITHOUT_CLIENT_IP_HEADER defines to remove this code if some people don't want IP (though I don't see the point now - any opposite opinion from amavis-tech subscribers ?). I'm also willing to work on better amavis <--> sendmail log correlation. As I mentioned making the link between the amavis.log and sendmail.log entries is for the time being rather difficult (different timestamps sometimes, not the same ids being used by sendmail and amavisd). One clever idea that Mark proposed was to use the sendmail-quid for the amavisd-id too (D_TEMPLATE) The sendmail id is unique for several days in sendmail 8.12.x .... It can be accessed through : smfi_getsymval(ctx, "i"); Wouldn't it be nice to find out quickly the client IP sending a given virus by just looking at the logs based on this common id ? regards, SL/ |