Hi,
I am having some problems while trying to run spamd in greylisting
mode in a bridge.
For some reason, spamd is not greylisting, and the all the connections
(even the initial ones) seem to timeout. I see no added GREY entry with
spamdb. If I try to connect (say, using telnet ipaddr smtp) to the smtp
server from outside, I only see the first '220 hostname ESMTP spamd ...'
message. After that, everything hangs. If I type helo myhostname, I get
no answer. From what I understand, I should get something like
"250 Hello, spam sender. Pleased to be wasting your time."
Everything else is working, except for spamd.
Below are my config files. This pf ruleset is being used in another
network where the bridge runs 4.3-STABLE. I have no problem there.
Thanks in advance for any help or suggestion.
Regards,
Jose
------
PF.CONF
#external has IP address - bottom interface
filter_if="bge0"
# internal is IP less - top interface
pass_if="bge2"
# some settings
set limit states 250000
set loginterface $filter_if
# tables
table <spamd-white> persist
mta="my-IP-mta"
rdr on $filter_if inet proto tcp from !<spamd-white> to any \
port smtp -> 127.0.0.1 port spamd
pass in on $filter_if route-to lo0 proto tcp from any to 127.0.0.1 \
port spamd
pass in log on $filter_if inet proto tcp from <spamd-white> to $mta \
port smtp keep state
pass out log on $filter_if inet proto tcp from $mta to any \
port smtp keep state
pass in log on $filter_if inet proto tcp from any to any port ssh \
flags S/SA keep state \
(max-src-conn 6, max-src-conn-rate 5/3, \
overload <bruteforce> flush global)
SPAMD processes
# ps -ax | grep spam
19141 ?? I 0:00.38 spamd: [priv] (greylist) (spamd)
7198 ?? Is 0:00.01 spamd: (pf <spamd-white> update) (spamd)
26340 ?? I 0:00.00 spamd: (/var/db/spamd update) (spamd)
23668 ?? Ss 0:00.01 /usr/libexec/spamlogd
# tail /var/log/spamd
Jul 8 20:02:12 wall spamd[13675]: 65.55.116.88: connected (15/0)
Jul 8 20:02:23 wall spamd[13675]: 190.232.82.86: connected (16/0)
Jul 8 20:02:39 wall spamd[13675]: 146.164.38.80: connected (17/0)
Jul 8 20:02:41 wall spamd[13675]: 190.232.82.86: connected (18/0)
Jul 8 20:03:30 wall spamd[13675]: 208.97.187.133: connected (19/0)
Jul 8 20:03:55 wall spamd[13675]: 200.181.15.42: connected (20/0)
Jul 8 20:05:01 wall spamd[13675]: 190.232.82.86: connected (21/0)
Jul 8 20:05:11 wall spamd[13675]: 200.181.15.42: connected (22/0)
Jul 8 20:05:39 wall spamd[13675]: 72.14.246.250: connected (23/0)
Jul 8 20:05:39 wall spamd[13675]: 150.161.200.3: disconnected after 416
seconds
.
Jul 8 20:06:28 wall spamd[13675]: 143.107.45.8: disconnected after 422
seconds.
Jul 8 20:06:28 wall last message repeated 12 times
Jul 8 20:07:16 wall spamd[13675]: 190.232.82.86: connected (10/0)
Jul 8 20:08:24 wall spamd[13675]: 204.92.87.157: connected (11/0)
Jul 8 20:08:46 wall spamd[13675]: 190.232.82.86: connected (12/0)
Jul 8 20:09:23 wall spamd[13675]: 150.161.200.3: connected (13/0)
Jul 8 20:09:23 wall spamd[13675]: 65.55.116.88: disconnected after 431
seconds.
Jul 8 20:09:23 wall spamd[13675]: 190.232.82.86: disconnected after 420
seconds
.
Jul 8 20:09:30 wall spamd[13675]: 146.164.38.80: disconnected after 411
seconds
Jul 8 20:10:04 wall spamd[13675]: 65.55.116.88: connected (10/0)
Jul 8 20:10:05 wall spamd[13675]: 190.246.48.220: connected (11/0)
Jul 8 20:10:28 wall spamd[13675]: 208.97.187.133: disconnected after 418
second
s.
Jul 8 20:11:28 wall spamd[13675]: 200.181.15.42: disconnected after 453
seconds
.
Jul 8 20:11:38 wall spamd[13675]: 70.84.142.148: connected (10/0)
Jul 8 20:12:12 wall spamd[13675]: 200.221.4.193: connected (11/0)
Jul 8 20:12:12 wall spamd[13675]: 190.232.82.86: disconnected after 431
seconds
.
Jul 8 20:12:12 wall spamd[13675]: 200.181.15.42: disconnected after 421
seconds
.
Jul 8 20:13:28 wall spamd[13675]: 72.14.246.250: disconnected after 469
seconds
.
Jul 8 20:13:48 wall spamd[13675]: 200.221.4.194: connected (9/0)
Jul 8 20:14:28 wall spamd[13675]: 190.232.82.86: disconnected after 432
seconds
.
Jul 8 20:14:30 wall spamd[13675]: 208.97.187.133: connected (9/0)
Jul 8 20:14:34 wall spamd[13675]: 64.57.243.75: connected (10/0)
Jul 8 20:15:10 wall spamd[13675]: 189.54.251.235: connected (11/0)
DMESG
--
--
OpenBSD 4.4-beta (GENERIC) #0: Tue Jul 8 15:04:19 BRT 2008
[EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC
cpu0: Intel(R) Xeon(TM) CPU 3.20GHz ("GenuineIntel" 686-class) 3.21 GHz
cpu0:
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUS
H,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,CNXT-ID,CX16,xTPR
real mem = 1073094656 (1023MB)
avail mem = 1029439488 (981MB)
mainbus0 at root
bios0 at mainbus0: AT/286+ BIOS, date 01/17/05, BIOS32 rev. 0 @ 0xfd721,
SMBIOS rev. 2.3 @ 0xf602c (50 entries)
bios0: vendor IBM version "-[APE121AUS-1.06]-" date 01/17/2005
bios0: IBM eserver xSeries 336 -[883721U]-
acpi0 at bios0: rev 0
acpi0: tables DSDT FACP APIC MCFG
acpi0: wakeup devices PCI0(S5)
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpiprt0 at acpi0: bus 4 (PCI2)
acpiprt1 at acpi0: bus 5 (PCI3)
acpiprt2 at acpi0: bus 1 (PCIS)
acpiprt3 at acpi0: bus 0 (PCI0)
acpicpu0 at acpi0
bios0: ROM list: 0xc0000/0xb000 0xcb000/0x4000 0xcf000/0x1800
ipmi0 at mainbus0: version 1.5 interface KCS iobase 0xca8/8 spacing 4
cpu0 at mainbus0
pci0 at mainbus0 bus 0: configuration mode 1 (no bios)
pchb0 at pci0 dev 0 function 0 "Intel E7520 Host" rev 0x0a
"Intel E7520 Error Reporting" rev 0x0a at pci0 dev 0 function 1 not
configured
ppb0 at pci0 dev 2 function 0 "Intel E7520 PCIE" rev 0x0a
pci1 at ppb0 bus 2
ppb1 at pci0 dev 4 function 0 "Intel E7520 PCIE" rev 0x0a
pci2 at ppb1 bus 3
ppb2 at pci2 dev 0 function 0 "Intel PCIE-PCIE" rev 0x09
pci3 at ppb2 bus 4
mpi0 at pci3 dev 1 function 0 "Symbios Logic 53c1030" rev 0x08: irq 11
scsibus0 at mpi0: 16 targets, initiator 7
sd0 at scsibus0 targ 0 lun 0: <IBM-ESXS, MAW3300NC FN, C206> SCSI2 0/direct
fixed
sd0: 286102MB, 78753 cyl, 8 head, 930 sec, 512 bytes/sec, 585937500 sec total
safte0 at scsibus0 targ 8 lun 0: <IBM, 25P3495a S320 1, 1> SCSI2 3/processor
fixed
mpi0: target 0 Sync at 160MHz width 16bit offset 127 QAS 0 DT 1 IU 1
ppb3 at pci2 dev 0 function 2 "Intel PCIE-PCIE" rev 0x09
pci4 at ppb3 bus 5
bge0 at pci4 dev 1 function 0 "Broadcom BCM5704C" rev 0x10, BCM5704 B0
(0x2100): irq 11, address 00:10:18:24:5f:02
brgphy0 at bge0 phy 1: BCM5704 10/100/1000baseT PHY, rev. 0
bge1 at pci4 dev 1 function 1 "Broadcom BCM5704C" rev 0x10, BCM5704 B0
(0x2100): irq 11, address 00:10:18:24:5f:03
brgphy1 at bge1 phy 1: BCM5704 10/100/1000baseT PHY, rev. 0
ppb4 at pci0 dev 6 function 0 "Intel E7520 PCIE" rev 0x0a
pci5 at ppb4 bus 6
bge2 at pci5 dev 0 function 0 "Broadcom BCM5721" rev 0x01, BCM5750 A1
(0x4001): irq 11, address 00:0d:60:99:a3:b2
brgphy2 at bge2 phy 1: BCM5750 10/100/1000baseT PHY, rev. 0
ppb5 at pci0 dev 7 function 0 "Intel E7520 PCIE" rev 0x0a
pci6 at ppb5 bus 7
bge3 at pci6 dev 0 function 0 "Broadcom BCM5721" rev 0x01, BCM5750 A1
(0x4001): irq 11, address 00:0d:60:99:a3:b3
brgphy3 at bge3 phy 1: BCM5750 10/100/1000baseT PHY, rev. 0
"Intel E7520 Config" rev 0x0a at pci0 dev 8 function 0 not configured
uhci0 at pci0 dev 29 function 0 "Intel 82801EB/ER USB" rev 0x02: irq 11
uhci1 at pci0 dev 29 function 1 "Intel 82801EB/ER USB" rev 0x02: irq 3
ehci0 at pci0 dev 29 function 7 "Intel 82801EB/ER USB2" rev 0x02: irq 3
usb0 at ehci0: USB revision 2.0
uhub0 at usb0 "Intel EHCI root hub" rev 2.00/1.00 addr 1
ppb6 at pci0 dev 30 function 0 "Intel 82801BA Hub-to-PCI" rev 0xc2
pci7 at ppb6 bus 1
vga1 at pci7 dev 1 function 0 "ATI Radeon VE QY" rev 0x00
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
ichpcib0 at pci0 dev 31 function 0 "Intel 82801EB/ER LPC" rev 0x02
pciide0 at pci0 dev 31 function 2 "Intel 82801EB SATA" rev 0x02: DMA, channel
0 configured to compatibility, channel 1 configured to compatibility
atapiscsi0 at pciide0 channel 0 drive 0
scsibus1 at atapiscsi0: 2 targets, initiator 7
cd0 at scsibus1 targ 0 lun 0: <HL-DT-ST, DVD-ROM GDR8083N, 0L02> ATAPI 5/cdrom
removable
cd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 2
ichiic0 at pci0 dev 31 function 3 "Intel 82801EB/ER SMBus" rev 0x02: irq 11
iic0 at ichiic0
iic0: skipping sensors to avoid ipmi0 interactions
spdmem0 at iic0 addr 0x50: 512MB DDR2 SDRAM registered ECC PC2-3200CL3
spdmem1 at iic0 addr 0x51: 512MB DDR2 SDRAM registered ECC PC2-3200CL3
usb1 at uhci0: USB revision 1.0
uhub1 at usb1 "Intel UHCI root hub" rev 1.00/1.00 addr 1
usb2 at uhci1: USB revision 1.0
uhub2 at usb2 "Intel UHCI root hub" rev 1.00/1.00 addr 1
isa0 at ichpcib0
isadma0 at isa0
com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo
pckbc0 at isa0 port 0x60/5
pckbd0 at pckbc0 (kbd slot)
pckbc0: using irq 1 for kbd slot
wskbd0 at pckbd0: console keyboard, using wsdisplay0
pmsi0 at pckbc0 (aux slot)
pckbc0: using irq 12 for aux slot
wsmouse0 at pmsi0 mux 0
pcppi0 at isa0 port 0x61
midi0 at pcppi0: <PC speaker>
spkr0 at pcppi0
npx0 at isa0 port 0xf0/16: reported by CPUID; using exception 16
biomask eded netmask eded ttymask ffff
mtrr: Pentium Pro MTRR support
softraid0 at root
root on sd0a swap on sd0b dump on sd0b
--
Be Yourself @ mail.com!
Choose From 200+ Email Addresses
Get a Free Account at www.mail.com
