From owner-freebsd-questions@FreeBSD.ORG Tue Jan 15 13:49:03 2008 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B6EAE16A417 for ; Tue, 15 Jan 2008 13:49:03 +0000 (UTC) (envelope-from jalmberg@identry.com) Received: from mta1.srv.hcvlny.cv.net (mta1.srv.hcvlny.cv.net [167.206.4.196]) by mx1.freebsd.org (Postfix) with ESMTP id AF4F313C474 for ; Tue, 15 Jan 2008 13:49:03 +0000 (UTC) (envelope-from jalmberg@identry.com) Received: from [192.168.1.110] (ool-4b7f8e42.static.optonline.net [75.127.142.66]) by mta1.srv.hcvlny.cv.net (Sun Java System Messaging Server 6.2-8.04 (built Feb 28 2007)) with ESMTP id <0JUO00HNXUD5XOH0@mta1.srv.hcvlny.cv.net> for freebsd-questions@freebsd.org; Tue, 15 Jan 2008 08:48:43 -0500 (EST) Date: Tue, 15 Jan 2008 08:48:32 -0500 From: John Almberg In-reply-to: <200801150237.m0F2bqEg000116@banyan.cs.ait.ac.th> To: freebsd-questions@freebsd.org Message-id: <360AB6AE-B3C1-4CA6-AFC1-378B48B3C6DF@identry.com> MIME-version: 1.0 X-Mailer: Apple Mail (2.752.3) Content-type: text/plain; charset=US-ASCII; delsp=yes; format=flowed Content-transfer-encoding: 7BIT References: <87A9631B-EAC5-41B8-B4C2-001C3ADBA486@identry.com> <200801150237.m0F2bqEg000116@banyan.cs.ait.ac.th> Subject: Re: No spam??? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Jan 2008 13:49:03 -0000 I've been doing some more digging since my last post, and have figured out that the spam is not being blocked by pf, as I suspected (since it wasn't showing up in my spam folder), but by spamassassin blacklists. The smtp log file has lots of entries like: 2008-01-14 09:30:37.074087500 rblsmtpd: 123.20.89.67 pid 72121: 451 http://www.spamhaus.org/query/bl?ip=123.20.89.67 2008-01-14 09:31:05.271514500 rblsmtpd: 58.227.241.97 pid 72122: 451 Dynamic IP Addresses See: http://www.sorbs.net/lookup.shtml? 58.227.241.97 2008-01-14 09:31:17.404943500 rblsmtpd: 41.196.155.56 pid 72123: 451 http://www.spamhaus.org/query/bl?ip=41.196.155.56 2008-01-14 09:31:18.304682500 rblsmtpd: 123.20.89.67 pid 72124: 451 http://www.spamhaus.org/query/bl?ip=123.20.89.67 So raises the same point that Oliver makes: how trustworthy are these blacklists? -- John On Jan 14, 2008, at 9:37 PM, Olivier Nicole wrote: >> I know this is an odd thing to worry about, but is this normal? Since >> the spam doesn't even seem to be reaching spamd, I'm guessing that >> the real hero is pf, which must be blocking 99.99% of spam at the >> packet level. > > I don't know how you configured pf, but since I use the black list > fromhttp://www.sa-blacklist.stearns.org/sa-blacklist/sa- > blacklist.current.sendmail-access, > I reduced drastically the spam that reaches SpamAssassin. > > The key point with such black list is that you must trust the list, as > there is no place for false positive. > > Bests, > > Olivier > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions- > unsubscribe@freebsd.org" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Websites for On-line Collectible Dealers ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Identry, LLC John Almberg (631) 546-5079 jalmberg@identry.com www.identry.com ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~