Re: obspamd - greyreader failed - spamd not honoring whitelist

Tue, 16 Jun 2015 20:07:46 -0700 

On 06/16/15 18:53, Joshua Lokken wrote:
> On Jun/13 08:51PM, Craig Skinner wrote:
>> On 2015-06-12 Fri 15:24 PM |, Joshua Lokken wrote:
>>> I also see, in /var/log/spamd, whenever obspamd is started:
>>>
>>> Jun 12 13:35:14 fusor spamd[21599]: greyreader failed (No such file or
> directory)
>>> % ll /var/db/override.txt
>>> -rw-r--r--  1 _spamd  _spamd  382 Jun 12 12:39 /var/db/override.txt
>> Maybe try these:
>>
>> $ ls -ld /var/db
>> $ sudo su -l -s /bin/sh _spamd -c 'ls -l /var/db/override.txt;
>> $ sudo su -l -s /bin/sh _spamd -c 'head /var/db/override.txt'
> Ok, but let's look at those commands...
>
> $ ls -ld /var/db
> drwxr-xr-x  17 root  wheel  1024 Jun  9 23:32 /var/db
>
> $ ls -ld /usr/local/etc
> drwxr-xr-x  51 root  wheel  2560 Jun 14 20:47 /usr/local/etc
>
> $ sudo su -l -s /bin/sh _spamd -c 'ls -l /var/db/override.txt;
> Error, looks like there may be a ' missing
>
> $ sudo su -l -s /bin/sh _spamd -c 'ls -l /var/db/override.txt'
> su: unknown login: /bin/sh
>
> $ sudo su -l -s /bin/sh _spamd -c 'head /var/db/override.txt'
> su: unknown login: /bin/sh
>
> $ man su
>       -l      Simulate a full login...
>
> However, the _spamd user does not have a login shell, so I would
> expect this to fail.
>
> I appreciate the list of commands.  Can someone advise what the
> responder is trying to get at?  If someone provides a hint at what
> the root cause of the issue is, I can likely find a solution.
>
> Thanks again.
>
>
> --
> Joshua
>
> [demime 1.01d removed an attachment of type application/pgp-signature]

*spamd*  regularly scans the//var/db/spamd/  database and configures all
      whitelist addresses as the        pf(4)  
<http://www.freebsd.org/cgi/man.cgi?query=pf&sektion=4&apropos=0&manpath=FreeBSD+10.1-RELEASE+and+Ports>
  <spamd-white> table, allowing connec-
      tions to pass to the real MTA.  Any addresses not found in        
<spamd-white>
      are redirected to*spamd*.  The followingpf.conf(5)  
<http://www.freebsd.org/cgi/man.cgi?query=pf.conf&sektion=5&apropos=0&manpath=FreeBSD+10.1-RELEASE+and+Ports>
 example is suggested:

         table <spamd-white> persist
         rdr pass inet proto tcp from !<spamd-white> to any \
             port smtp -> 127.0.0.1 port spamd

You are replacing the <spamd-white> table with your own that probably can't be 
read by spamd.
Try something like the following, but translated to freebsd pf.conf lingo:

table <spamd-white> persist
table <nospamd> persist file "/var/db/override.txt"
pass in on egress proto tcp from any to any port smtp \
     divert-to 127.0.0.1 port spamd
pass in on egress proto tcp from <nospamd> to any port smtp
pass in log on egress proto tcp from <spamd-white> to any port smtp
pass out log on egress proto tcp to any port smtp

Hope this helps.

Reply via email to