Hello Otto, Thank you for your answer. I'm working on it right now. Regards
Le dimanche 21 avril 2019 à 12:50:08 UTC+2, Otto Moerbeek <o...@drijf.net> a écrit : On Sun, Apr 21, 2019 at 09:53:52AM +0000, Mik J wrote: > Hello, > I read the man but it's not so clear to me > https://man.openbsd.org/spamd#SYNCHRONISATION > a) I chose unicast synchronisation but I don't know which port should I open > on the firewall ? > Is it going to use the spamd-cfg service ? It will use spamd-sync (udp port 8025) > > b) The synchronisation section mention a key and there's an option -K > regarding that key but in the example the -K option is not used. So it's not > clear. -K is optional. BUt if you use it, all instances syncing should use the same key. > > c) It's not clear which instance is going to contact which. Is there a > master/slave relationship ? What if one IP is WHITELIST on one instance and > BLACKLIST on the other. > Also should I use the -Y option on both instances ? Both are going to try to > start a tcp session ? It's symmetrical. All spamd's send updates to each other. No tcp involved, only udp. Specify A's IP on B and vice-versa. > > d) The message digest is calculated in md5 ? It uses a sha1 hmac message authentication code, so no md5 digest. > > e) Should I specify the -M option on all instance or just on the low priority > MX, which IP adress should I specify the one on that host or the remote MX > > Thank you Never used -M myself, but reading spamd.conf it looks like you only specify an -M IP on the host serving that IP. Note that -M is optional. -Otto