Hello,
I am running OpenBSD 4.2-stable
I just noticed that spamd is trying to send ack packets from 127.0.0.1 to the IP
of the sender when it hits the greytrap IP. I don't feel this is wanted
behavior. Has anymone any idea of why it is doing so? It doesn't seem to be due
to the "set skip on lo" as even when I remove it, it spamd continues to do so.
Here is the symptom:
tcpdump -ttt -n -e -i em0 host 127.0.0.1
tcpdump: listening on em0, link-type EN10MB
Dec 10 15:01:43.176753 00:15:17:19:0e:be 00:04:23:09:79:68 0800 54:
127.0.0.1.8025 > 213.134.27.110.62745: R 1407486039:1407486039(0) ack 2902409159
win 0
spamdb | grep 213.134.27.110
TRAPPED|213.134.27.110|1197313245
My config:
/etc/pf.conf
ext_if="em0"
table <spf-no-greylist> persist
table <spamd-white> persist
table <no-greylist> { 195.238.0.0/21 , 216.23.191.47 , 212.234.67.22 ,
146.82.138.6 }
set skip on lo
set limit table-entries 1000000
scrub on $ext_if all no-df random-id min-ttl 30 reassemble tcp fragment
reassemble
no rdr on $ext_if inet proto tcp from { <spamd-white>, 157.164.0.0/16,
<no-greylist>, <spf-no-greylist> , 193.190.18.193 , 193.190.18.212 } to
($ext_if) port smtp
rdr pass on $ext_if inet proto tcp from any to ($ext_if) port smtp -> 127.0.0.1
port spamd
em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
lladdr 00:15:17:19:0e:be
groups: egress
media: Ethernet autoselect (1000baseT full-duplex)
status: active
inet 157.164.187.68 netmask 0xffffff00 broadcast 157.164.187.255
inet6 fe80::215:17ff:fe19:ebe%em0 prefixlen 64 scopeid 0x1
inet 157.164.187.78 netmask 0xffffff00 broadcast 157.164.187.255
spamdb is launched with:
/usr/libexec/spamd -S 30 -s 2 -v -G7:24:864 -4 -h greylist.wallonie.be -n '' -y
em1 -Y em1 -d -M 157.164.187.78
Best Regards
