Date: Sat, 21 Oct 2006 19:00:44 -0400 From: "Michael W. Lucas" <mwlucas@blackhelicopters.org> To: questions@freebsd.org Subject: pfspamd greylisting stuttering at everything Message-ID: <20061021230043.GA24969@bewilderbeast.blackhelicopters.org>
next in thread | raw e-mail | index | archive | help
Hi,
I hear greylisting is wonderful, and yet it's being unkind to me. Any
help would be appreciated.
According to spamd(8), addresses that are not in the spamd table
should not be stuttered at when spamd(8) is running in greylisting
mode; rather they should just get a 451 and watch for more incoming
connections.
I'm set up just like the man page, but every incoming connection is
being stuttered at. This plays havoc with incoming legit mail, of
course, and I've been forced to fall back on older antispam tools.
spamd is running as:
spamd -v -G7:4:864 -r451
My pf.conf is just:
---
int="vr0"
my_address="198.22.63.8"
table <spamd> persist
table <spamd-white> persist
table <whitelist> persist file "/usr/local/etc/spamd/whitelist"
no rdr on {lo0} from any to any
rdr pass inet proto tcp from <whitelist> to $my_address port smtp -> $my_address port smtp
rdr pass inet proto tcp from <spamd> to any port smtp -> 127.0.0.1 port 8025
rdr pass inet proto tcp from !<spamd-white> to any port smtp -> 127.0.0.1 port 8025
pass in on $int proto tcp from any to $int port 22 flags S/SA keep state
---
(OK, the last rule should not be necessary, but I'm being careful.)
My spamd.conf is very textbook:
--
all:\
:spamhaus:spews1:china:korea:whitelist:
spamhaus:\
:black:\
:msg="SPAM. Your address %A is in the Spamhaus Block List\n\
See http://www.spamhaus.org/sbl and\
http://www.abuse.net/sbl.phtml?IP=%A for more details":\
:method=http:\
:file=www.openbsd.org/spamd/SBL.cidr.gz:
spews1:\
:black:\
:msg="SPAM. Your address %A is in the spews level 1 database\n\
See http://www.spews.org/ask.cgi?x=%A for more details":\
:method=http:\
:file=www.openbsd.org/spamd/spews_list_level1.txt.gz:
spews2:\
:black:\
:msg="SPAM. Your address %A is in the spews level 2 database\n\
See http://www.spews.org/ask.cgi?x=%A for more details":\
:method=http:\
:file=www.openbsd.org/spamd/spews_list_level2.txt.gz:
china:\
:black:\
:msg="SPAM. Your address %A appears to be from China\n\
See http://www.okean.com/asianspamblocks.html for more details":\
:method=http:\
:file=www.openbsd.org/spamd/chinacidr.txt.gz:
korea:\
:black:\
:msg="SPAM. Your address %A appears to be from Korea\n\
See http://www.okean.com/asianspamblocks.html for more details":\
:method=http:\
:file=www.openbsd.org/spamd/koreacidr.txt.gz:
whitelist:\
:white:\
:file=/usr/local/etc/spamd/whitelist:
relaydb-black:\
:black:\
:msg="SPAM. Your address %A is in my relaydb list.":\
:method=exec:\
:file=relaydb -4lb:
relaydb-white:\
:white:\
:method=exec:\
:file=relaydb -4lw:
---
I'm missing something obvious, I'm sure... something so obvious that
everyone else has caught it. Any suggestions?
Thanks,
==ml
--
Michael W. Lucas mwlucas@FreeBSD.org, mwlucas@BlackHelicopters.org
http://www.BlackHelicopters.org/~mwlucas/
Latest book: PGP & GPG -- http://www.pgpandgpg.com
"The cloak of anonymity protects me from the nuisance of caring." -Non Sequitur
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20061021230043.GA24969>