[milters] Archive

Lists Index Date Thread Search

Article: 1035
From: Ken A
Date: 2006-07-14 18:11:52 -0400
Subject: Re: Once written in the stars... Snert milters

Removal...........: milters-request@milter.info?subject=remove
More information..: http://www.milter.info/#Support
--------------------------------------------------------

`p0f -l 'dst port 25' | grep "Windows\|UNKNOWN"` matches a most xbl 
spam. Very nice. They can spam from newly trojaned windows boxes, but 
they can't change the o/s fingerprint.

In combination with MailScanner/SA, it's giving me some new IPs, that 
aren't in any DNSRBLs. I suppose I could create a local rbl, but would 
rather share (lazy). Any suggestions?

Thanks,
Ken A.
Pacific.Net

Anthony Howe wrote:
> SnertSoft (me) is happy to announce the latest updates for libsnert, all 
> 17 Snert milters, roundhouse, and 3 *NEW* milters! Below are the 
> highlights from the change logs:
> 
>     http://www.snertsoft.com/solutions.php
> 
> -- NEW milter-p0f   
> 
> A sendmail / p0f interface that allows for passive OS finger-printing 
> analyses of SMTP connections and adds a report header to each message 
> for future action by downstream filters.
> 
> 
> -- NEW milter-ns
> 
> A utility milter that adds a report header to each message containing 
> the sender's NS records, suitable for downstream processing.
> 
> 
> -- NEW milter-null
> 
> A mail filter to help with DSN backscatter and null address abuse.
> 
> 
> -- ALL milters
> 
> All the milters have been updated to use a new option syntax and 
> built-in option summaries. Essentially single letter options are out, 
> descriptive option names are in. For example now:
> 
>     milter-NAME -help
> 
> Shows a summary of everything to standard output. This output can be 
> saved into a file like:
> 
>     milter-NAME -help >/etc/mail/milter-NAME.cf
> 
> If the options are changed from their defaults, the original values 
> appear commented in the -help output.
> 
> Other notables:
> 
>     milter-NAME -quit
>     milter-NAME -restart
>     milter-NAME -daemon
> 
> The option syntax comes in 3 flavours:
> 
>     +option -option        boolean on/off or command (ie. help)
>     option=value        numerical or string or list
>     option+=value        append to list
> 
> Also all the previous hidden and/or experimental options (old -Z 
> options) are now exposed, though they will probably not be documented 
> outside the help summary.
> 
> 
> -- milter-ahead/1.4
> 
> Added new facility that incorporates some ideas from milter-error with 
> respect to call-ahead failures, aimed at dealing with dictionary 
> attacks. Fixed possible cache update race condition. PLEASE DISCARD THE 
> OLD CACHE BEFORE RESTARTING as the format has been changed.
> 
> 
> -- milter-link/0.2
> 
> New option to handle in-line content such as stock spam images, testing 
> sub-domains, and some bug fixes to for HTTP link checking, MIME boundary 
> parsing, etc. Most of these fixes are in libsnert/1.61 uri.c.
> 
> 
> -- milter-gris/0.18
> 
> Fixed possible cache update race condition.
> 
> 
> -- milter-length/0.6
> 
> Fixed smfAccessClient() argument bug.
> 
> 
> -- milter-report/0.9
> 
> With the new SMTP API in libsnert/1.61, reports are no longer restricted 
> to 64KB in size, therefore no more off-schedule reporting.
> 
> 
> -- milter-sender/1.11
> 
> Add several null pointer guards for the sendmail macros like 
> {rcpt_addr}, {rcpt_host}, and {rcpt_mailer} that fail to be passed to 
> the milter because of a broken sendmail.mc configuration with respect to 
> confMILTER_MACROS_* values. Fixed DNS MX handling of domains that use 
> the root domain to indicate "does not accept mail."
> 
> 
> -- milter-spamc/1.9
> 
> Add several null pointer guards for the sendmail macros like 
> {rcpt_addr}, {rcpt_host}, and {rcpt_mailer} that fail to be passed to 
> the milter because of a broken sendmail.mc configuration with respect to 
> confMILTER_MACROS_* values.
> 
> 
> -- milter-siq/0.18
> 
> Fixed broken caching support; fixed UDP packet length bug.
> 
> 
> -- libsnert/1.61
> 
> This is a major update of fixes and enhancements. One of the major 
> changes has been a complete overhaul of the smf API & Snert milter 
> option syntax and naming. Fixed many compiler warnings & errors 
> generated by gcc -Wall. SMTP API replaced. Fixed DNS MX handling of 
> domains that use the root domain to indicate "does not accept mail."; 
> Dns.c supports /etc/hosts directly.
> 
> 
> -- milter-7bit, -abook, -date
> 
> With the change in option handling, added support for a consistent set 
> of policies across all milters, which means these older milters now 
> support temp. fail and quarantine policies.
> 
> 
> -- roundhouse/0.5
> 
> Fixed dropping of privileges with respect to saved IDs. Can now be built 
> as a process forking daemon, instead of the default threaded model.
> 
> 
> So much has been updated, you should read libsnert's change log and that 
> of the milters you use.
> 
> 

Lists Index Date Thread Search