Hello,
I'm back again with spamd synchronisation.
I made further tests and it seems to me that only new entries in spamd are
synchronised.
All existing entries before the synchronisation and not sent to the other spamd
instance.
Is it supposed to work like that ?
Thank you
Le dimanche 26 mai 2019 à 22:49:25 UTC+2, Sean Kamath
<kam...@moltingpenguin.com> a écrit :
On May 26, 2019, at 04:41, Mik J <mikyde...@yahoo.fr> wrote:
>
> Hello,
>
> I'm coming back on this topic. I added the -K option
> # /usr/libexec/spamd -v -s 5 -S 5 -w 1 -G5:24:2400 -l 127.0.0.1 -h
> myhost.mydomain.org -y vmx0 -Y myhost2.mydomain.org -K /etc/mail/spamd.key -n
> ABCD
> # spamd: need key and certificate for TLS
>
> So it seems it expects some kind of certificat/privatekey rather than a key
>
> Does anyone uses the -K option successfully ?
Yes. :-). Looks like you forgot the '-C /etc/ssl/<whatever>.crt’ option.
Granted, this is on 6.3.
My full args are:
-h <myhost> -v -G 2:4:864 -y vio0 -Y <myotherhost> -K
/etc/ssl/private/<myhost>.key -C /etc/ssl/<myhost>.crt
Works fine.
Sean
> So far I didn't manage to make the synchro to work. udp packets on port 8025
> are not dropped.
> However spamd doesn't seem to send any 8025/udp packet at all.
>
> Regards
>
> Le mardi 23 avril 2019 à 02:57:31 UTC+2, Rudy Baker <rizzz2...@gmail.com>
>a écrit :
>
> On Mon, Apr 22, 2019, 10:43 AM Thuban, <thu...@yeuxdelibad.net> wrote:
>
>> * Otto Moerbeek <o...@drijf.net> le [21-04-2019 12:49:07 +0200]:
>>> On Sun, Apr 21, 2019 at 09:53:52AM +0000, Mik J wrote:
>>>
>>>> Hello,
>>>> I read the man but it's not so clear to me
>>>> https://man.openbsd.org/spamd#SYNCHRONISATION
>>>> a) I chose unicast synchronisation but I don't know which port should
>> I open on the firewall ?
>>>> Is it going to use the spamd-cfg service ?
>>>
>>> It will use spamd-sync (udp port 8025)
>>
>> Good to know, I was blocking this traffic. It might be interesting to
>> add a word about this in the manpage, what do you think?
>>
>
> tcpdump -nettti pflog0
>
> That command tells you if anything is being blocked. I normally start
> there. You would have seen port 8025 being blocked right away
>
>>
>>
>
