spamd issues

Tue, 06 Jan 2009 10:39:40 -0800 

I've been using spamd since 3.5 or 3.6 - It seems to be working great,
so mostly I just let it do it's thing and ignore it.

Today I was having some issues sending mail through a local ISP to my
system (4.4 release).  Some investigation showed that spamdb reports the
ip address of the ISP's smtp server as both WHITE and GREY?  This should
not be possible, should it?

$ sudo spamdb | grep 64.7.153.18
WHITE|64.7.153.18|||1231252840|1231254379|1234364784|9|0
GREY|64.7.153.18|smarthost1.sentex.ca|<x...@clgw.ca>|<x...@clgw.ca>|1231252840|1231254390|1231267240|10|0

Is it possible to remove the GREY entry (spamdb -d only removes WHITE
entires)?

I'm trying to remember how many config files need to be included for
this; hopefully, I don't miss any.


===== ===== /etc/pf.conf

ext_if="rl0"

in_mx="127.0.0.1"

table <spamd> persist
table <spamd-white> persist
table <spamd-mywhite> persist

scrub in

rdr pass on $ext_if proto tcp from <spamd-mywhite> to port smtp \
        -> $in_mx port smtp
rdr pass on $ext_if proto tcp from <spamd> to port smtp \
        -> 127.0.0.1 port spamd
rdr pass on $ext_if proto tcp from <spamd-white> to port smtp \
        -> $in_mx port smtp
rdr pass on $ext_if proto tcp from !<spamd-white> to port smtp \
        -> 127.0.0.1 port spamd

pass in log on $ext_if proto tcp to ($ext_if) port smtp keep state
pass out log on $ext_if proto tcp from ($ext_if) to port smtp keep state


all:\
        :myblack:mywhite:uatraps:nixspam:china:korea:

uatraps:\
        :black:\
        :msg="Your address %A has sent mail to a ualberta.ca spamtrap\n\
        within the last 24 hours":\
        :method=http:\
        :file=www.openbsd.org/spamd/traplist.gz

nixspam:\
        :black:\
        :msg="Your address %A is in the nixspam list\n\
        See http://www.heise.de/ix/nixspam/dnsbl_en/ for details":\
        :method=http:\
        :file=www.openbsd.org/spamd/nixspam.gz

china:\
        :black:\
        :msg="SPAM. Your address %A appears to be from China\n\
        See http://www.okean.com/asianspamblocks.html for more details":\
        :method=http:\
        :file=www.openbsd.org/spamd/chinacidr.txt.gz:

korea:\
        :black:\
        :msg="SPAM. Your address %A appears to be from Korea\n\
        See http://www.okean.com/asianspamblocks.html for more details":\
        :method=http:\
        :file=www.openbsd.org/spamd/koreacidr.txt.gz:


myblack:\
        :black:\
        :msg="SPAM: %A has been blacklisted.":\
        :method=file:\
        :file=/etc/mail/spamd_black.txt:

mywhite:\
        :white:\
        :method=file:\
        :file=/etc/mail/spamd_white.txt:



===== ===== ===== /etc/mail/spamd_white.txt
Adapted from

http://cvs.puremagic.com/viewcvs/greylisting/schema/whitelist_ip.txt

Site seems to be down at the moment; but it hadn't changed content in
sometime.

Reply via email to