Postgrey is a Postfix policy server implementing greylisting. This patch adds p0f support to Postgrey based on p0fq.pl from p0f, like the patch by Fedux. P0f is a fingerprint tool, to identify operating systems. The difference between Fedux’s patch and mine is that his patch requires p0f-analyzer. See the image below.
My patch uses p0f’s socket created with the ‘-Q’ option. Because Postgrey doesn’t know what the source port is of the sender, p0f must also be configured with the ‘-0’ option.
Example usage:
# p0f
p0f -u postgrey -Q /var/run/p0f-sock -0 -N -i eth0 'tcp dst port 25'
# postgrey options
--p0f --p0f-service=/var/run/p0f-sock --p0f-ip=<ip-of-eth0>
Postgrey version: 1.32
Download: pommi.nethuis.nl/..