Date: Fri, 9 Feb 2007 00:10:46 +0300 From: Vladimir Kapustin <msgs_for_me@mail.ru> To: freebsd-pf@freebsd.org Subject: SPAMD stop passing mail from WHITE-list Message-ID: <48171004.20070209001046@mail.ru> References: E1HE6sC-000Ht1-00.msgs_for_me-mail-ru@f22.mail.ru
next in thread | raw e-mail | index | archive | help
>> Nothing unusual, but that the mail stops forwarding from the >> whitelist. i.e. the sender resends the mail, gets in WHITE-list in >> spamd, but the mail does not actually pass the router. > >That and the sheer size of your spamdb is weird. > I have about 1000 users behind each router, and many of them have malware on theirs PCs. >> pfctl -sn >> rdr pass inet proto tcp from <spamd> to any port smtp -> 127.0.0.1 port 8025 >> rdr pass inet proto tcp from ! <spamd-white> to any port smtp -> 127.0.0.1 port 8025 > >try making your rdr interface specific, ie rdr pass on $ext_if and see >if it makes a difference > Now all is OK. Should I change rdr-rules only if the situation repeats to see if it really helps? Is there any way to combine the spamd functionality with max-src-conn-rate limitation? I worried only about spam FROM my LOCAL NET. And the spamd itself doesn't save me from getting into different spam-lists. If only I could limit the spam-rate on $int_if by PF-rules and then use spamd on $ext_if, I think it would be a good help. >> No...not malware...suppose that a user doesn't know about malware >> and uses Outlook to send his mail. He'll get into THE WHITE-list >> and spamd can't stop HIS malware? > >Mail from a whitelisted IP address will pass. > >Please contact me off-list (the address works, with greylisting ;)) if >you want me to see if I can reproduce the problem here, I'll probably >need larger chunks of your config than you would sensibly put on a >public list. Jeg vil gjerne sende deg hvilke som helst stykker av min configs. Kan du spesifisere hva jeg bor sende?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?48171004.20070209001046>