On 10/19/06, Steve Williams [EMAIL PROTECTED] wrote:
I am 99% sure that I have seen on the internet SOMEWHERE a whitelist
of servers that are like this. I thought Bob Beck had forwarded one at
one point in time, but I can only find his post regarding the tarfile he
maintains for the zombie
rules for spamd
no rdr inet proto tcp from mywhite to any port smtp
--
Then I manually add certain pools to whitelist.txt. Sometimes you get
lucky and find SPF entries, like for gmail. Otherwise you have to make a
guess. FYI, host -ttxt bellsouth.net returns 205.152.58.0/23 for spf.
Oh, I
these
mis-behaving server pools? Anyone else??
Thanks,
Steve Williams
As seen on undeadly:
http://home.xnet.com/~ansible/openbsd_spamd_conf.html
contains a tutorial on setting up spamd on OpenBSD. It is helpful as
it shows an example script that creates a whitelist by looking at SPF
DNS records
Steve Tornio wrote:
On Sep 27, 2006, at 6:10 PM, Rickard Borgmdster wrote:
What I see as the problem here, is that the blacklisting occurs before
the whitelisting. So that, when a large block such as 31.32.33.0/24 is
in spamd and I wish to whitelist 31.32.33.188, that whitelist entry
On 2006/09/28 08:39, Rickard Borgmdster wrote:
If that is the case, it's terrific :-) But it still doesn't take care of
the fastlane, so that whitelisted host doesn't have to go trough the
greylist process. Or does it?
You want no rdr in pf.conf.
will bypass the greylisting process.
Incidentally, if you want to set up a list of networks that never hit
spamd, you can do that in pf. The following snippet comes from my
pf.conf, with the mail server running on the same box. The
nogreylist file contains a list of networks that use mail
I am considering doing an OpenBSD transparent bridge with spamd/pf to
add greylisting to two of our existing email servers. Both servers
have equally waited MX records pointing at each of them and they both
reside on the same subnet/ethernet segment.
Would it make more sense to have one system
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
I am considering doing an OpenBSD transparent bridge with
spamd/pf to add greylisting to two of our existing email
servers. Both servers have equally waited MX records pointing
at each of them and they both reside on the same
subnet
the load and defend
against an attack that might happen while the 3rd is being serviced.
Also, I have no idea what size server I am going to need for the
bridge/spamd machine. We're currently doing between 1.5 2 million
emails a day. Can anyone else share what type of hardware/memory etc
and the other two could still process the load and defend
against an attack that might happen while the 3rd is being serviced.
It's actually closer to 20,000 mailboxes.
Also, I have no idea what size server I am going to need for the
bridge/spamd machine. We're currently doing between 1.5
On 2006/09/28 17:04, Eric Merkel wrote:
I am considering doing an OpenBSD transparent bridge with spamd/pf to
add greylisting to two of our existing email servers.
rdr on a transparent bridge is not entirely straightforward.
spamd fits better on a box in the normal (L3) route towards the mail
Hello,
I've been looking att the default redirection rule (from spamd(8)) for
greylisting with spamd and pf. It looks like this:
table spamd persist
table spamd-white persist
rdr pass inet proto tcp from spamd to any port smtp - 127.0.0.1 port
spamd
rdr pass inet proto tcp from !spamd-white
On Sep 27, 2006, at 6:10 PM, Rickard Borgmdster wrote:
What I see as the problem here, is that the blacklisting occurs
before
the whitelisting. So that, when a large block such as 31.32.33.0/24 is
in spamd and I wish to whitelist 31.32.33.188, that whitelist entry
will have no effect
Hi all!
I made a question yesterday, and had no answers. I think I gave poor
informations.
So, trying again.
I'm having trouble with spamd on a OpenBSD 3.9
I am using spamd in greylisting mode, starting it on rc.conf like this:
spamd_flags=-v -G 25:4:864 # for
spamd_grey=YES # use
Hi all!
My /var/log/messages is full of messages saying that spamd failed to scan his db
file. It says:
scan of /var/db/spamd failed
Somebody got some erros like this?
My spamdb has 63MB. Could it be the reason?
I am using spamd in greylisting mode.
Thanks,
Thiago
On Thu, Aug 10, 2006 at 04:06:38PM -0600, Bob Beck wrote:
Also, while STARTTLS does have its merits, it's still better suited for
handling MTA authentication than protecting user data - use GPG for the
latter.
STARTTLS opportunistically between MTA's is wonderful for
making shit
On 8/10/06, Will H. Backman [EMAIL PROTECTED] wrote:
Darrin Chandler wrote:
However, if the connecting party *requires* TLS then it would have a
problem with spamd. Is that the trouble you're having?
Yes. I'm protecting a Microsoft Exchange server with spamd on an
openbsd bridge. Because
For those servicing larger networks such as universities' ResNets or
campus networks, using a mandatory smarthost can be an excellent
detection tool to see which users/stations need to end up in a
quarantine.
Granted, the largest customer base for this sort of thing are likely
to be
* Bob Beck [EMAIL PROTECTED] [2006-08-11 08:23]:
Speaking as someone who does this, for the truly big university
there are a lot of clueless idiots...
Gee, although I suppose I should use my openbsd.org address when
giving such advice. Let me rephase - At most universities other
a server on port 25, the correct way would be to use STARTTLS,
which is supported by exchange, should work with spamd and all sane
MUAs or MTAs.
Note, though, that using STARTTLS and spamd will leak information
(recipient addresses will be sent unencrypted to spamd). This may or may
the Exchange server to port 587 or 465 with pf. If you *want*
to have a server on port 25, the correct way would be to use STARTTLS,
which is supported by exchange, should work with spamd and all sane
MUAs or MTAs.
Note, though, that using STARTTLS and spamd will leak information
(recipient
to keep
track of associations between people.
So, ah, back to the question: if you're concerned about this
sort of information leaking, yes spamd could be a problem.
And if you're concerned about message body leaking, you
might want to make sure users are _never_ blacklisted.
Am I correct in assuming that spamd and TLS on port 25 don't get along?
-- Will
On 8/10/06, Will H. Backman [EMAIL PROTECTED] wrote:
Am I correct in assuming that spamd and TLS on port 25 don't get along?
Given a mail server (or MUA) that is configured to require TLS on a
port it connects to, it will likely have a problem with any other end
not offering TLS capability
On Thu, Aug 10, 2006 at 09:39:56AM -0400, Will H. Backman wrote:
Am I correct in assuming that spamd and TLS on port 25 don't get along?
-- Will
Remember that you get *either* spamd *or* your MTA. So there's no
getting along to deal with.
However, if the connecting party *requires* TLS
Darrin Chandler wrote:
On Thu, Aug 10, 2006 at 09:39:56AM -0400, Will H. Backman wrote:
Am I correct in assuming that spamd and TLS on port 25 don't get along?
-- Will
Remember that you get *either* spamd *or* your MTA. So there's no
getting along to deal with.
However
Exchange with
a more benign MTA (e.g. Postfix, sendmail) and add spamd into the mix
if you desire.
For relaying, all you need is a way to validate the usernames. Using
the Exchange's LDAP repository as a lookup table for Postfix or
exporting valid users and their passwords to a Postfix lookup table
issue.
Perhaps you'd benefit from a solution of shielding your Exchange with
a more benign MTA (e.g. Postfix, sendmail) and add spamd into the mix
if you desire.
For relaying, all you need is a way to validate the usernames. Using
the Exchange's LDAP repository as a lookup table
From: [EMAIL PROTECTED]
Note that at least Postfix has an independent greylisting
implementation
(postgrey); I'm fairly sure it's not the only one, and also
fairly sure
that there is a piece of code matching /milter/ and /grey/ around.
On 8/10/06, Joachim Schipper [EMAIL PROTECTED] wrote:
Note that at least Postfix has an independent greylisting implementation
True and these implementations may even be quite nice. I never felt
much of a need to try it out after having setup spamd.
Both are likely to work with STARTTLS
after having setup spamd.
I can imagine.
Both are likely to work with STARTTLS; spamd isn't going to do that.
And spamd shouldn't, either. For submission purposes, the clean
solution is use an alternate port (as it's a different bit of the
e-mail system).
For user mail submission, I see
Completely correct. spamd does not do TLS. It doesn't
need to. since starttls will fail the mailer will fall back anyway.
* Will H. Backman [EMAIL PROTECTED] [2006-08-10 07:58]:
Am I correct in assuming that spamd and TLS on port 25 don't get along
Yes. I'm protecting a Microsoft Exchange server with spamd on an
openbsd bridge. Because Microsoft Outlook uses Microsoft's way of
having MUAs talk to MTAs, there is no problem there.
I also enabled IMAPS (port 993) and SMTP-TLS (port 25) on the Exchange
Server so that normal mail
Also, while STARTTLS does have its merits, it's still better suited for
handling MTA authentication than protecting user data - use GPG for the
latter.
STARTTLS opportunistically between MTA's is wonderful for
making shit like Carnivore unusable. The Government should not be
able to
On 8/10/06, Joachim Schipper [EMAIL PROTECTED] wrote:
Keep a few sanity checks (e.g. no more than X recipients for a message
or no more than 100 messages a minute)
snip
This also helps against compromised boxes - i.e., it limits the damage.
So it's generally a good idea to have some limit.
* Will H. Backman [EMAIL PROTECTED] [2006-08-08 09:51]:
Does anyone know why spamd and spamlogd log to syslog at different log
levels.
It isn't too hard to change syslog.conf to include daemon.debug in order
to capture output from spamlogd, but why the difference?
because spamlogd
Does anyone know why spamd and spamlogd log to syslog at different log
levels.
It isn't too hard to change syslog.conf to include daemon.debug in order
to capture output from spamlogd, but why the difference?
On Tue, Aug 08, 2006 at 11:39:22AM -0400, Will H. Backman wrote:
Does anyone know why spamd and spamlogd log to syslog at different log
levels.
It isn't too hard to change syslog.conf to include daemon.debug in order
to capture output from spamlogd, but why the difference?
I would consider
On Tue, Aug 08, 2006 at 11:39:22AM -0400, Will H. Backman wrote:
Does anyone know why spamd and spamlogd log to syslog at different log
levels.
It isn't too hard to change syslog.conf to include daemon.debug in order
to capture output from spamlogd, but why the difference?
Presumably
I have spamd get up in a simple greylist mode, but I left the default
/etc/spamd.conf file intact.
I'm not running spamd-setup.
By default, spamd is stuttering for 10 seconds, but watching
/var/log/daemon, I also noticed that connections from spews and other
lists are lasting for over 400
On Mon, Aug 07, 2006 at 12:26:18PM -0400, Will H. Backman wrote:
I have spamd get up in a simple greylist mode, but I left the default
/etc/spamd.conf file intact.
...
I'm not running spamd-setup.
/etc/rc is tho. once, during boot; after it loads spamd, /etc/rc
unconditionally fires
Will H. Backman wrote:
Will H. Backman wrote:
Is this a sane minimum configuration for spamd -g on a transparent
bridge? Is it unwise to only greylist?
1. Create bridge with no IP's.
2. pf=YES and spamd_flags=-g in /etc/rc.conf.local
3. Simple three line /etc/pf.conf:
ext_if=xl0
rdr
Is this a sane minimum configuration for spamd -g on a transparent
bridge? Is it unwise to only greylist?
1. Create bridge with no IP's.
2. pf=YES and spamd_flags=-g in /etc/rc.conf.local
3. Simple three line /etc/pf.conf:
ext_if=xl0
rdr pass inet proto tcp from !spamd-white to any
Will H. Backman wrote:
Is this a sane minimum configuration for spamd -g on a transparent
bridge? Is it unwise to only greylist?
1. Create bridge with no IP's.
2. pf=YES and spamd_flags=-g in /etc/rc.conf.local
3. Simple three line /etc/pf.conf:
ext_if=xl0
rdr pass inet proto tcp
Will H. Backman wrote:
Is this a sane minimum configuration for spamd -g on a transparent
bridge? Is it unwise to only greylist?
I white-, black- and greylist (in that order). Greylisting requires
regular administration due to mail server pools and such. I have not
tested, but I strongly
I found this too funny not to share. A little Perl script processing of
my spamd log revealed a spammer from China had made 138 attempts to
deliver spam with a cumulative time of ~15 hours. 15 hours! You can't
make this stuff up!
I like to think those 15 hours of tar pit torment just made
Hi,
The -g flag is not neccesary in rc.conf, when the system receive the
proccess add it:
_spamd 25447 0.0 0.4 9172 4268 ?? S 9:07AM
0:00.04 /usr/libexec/spamd -v -G 8:4:864 -g
The spamd log include two different entries, the spamassassin daemon
(spamd) and spamd openbsd:
Jul 13 09
The spamd log include two different entries, the spamassassin daemon
(spamd) and spamd openbsd:
Jul 13 09:32:56 www2 spamd[25447]: (GREY) 200.xxx.xxx.xxx:
[EMAIL PROTECTED] - [EMAIL PROTECTED]
Jul 13 09:32:56 www2 spamd[25447]: 200.xxx.xxx.xxx: disconnected after
11 seconds.
Jul 13 09:33
pf rules set up correctly.
OpenBSD spamd does not deliver ANY messages to an MTA - it
only manipulates pf. You appear to think that spamd will pass
the message on. It does not.
OK.
After spamd check mail, ?how it known where proccess or where deliver?
by example, make a MX query
Hi All,
I just configure my first spamd -g, I have a collegue in Korea who is sending
me a message, however it did not get through. I tried to whitelist it, however
it still did not get through.
This is the spamdb
WHITE|61.78.36.103|||1152841491|1152841518|1155951918|1|0
WHITE|61.78.36.104
You haven't showed your pf rules.
If your friend is blocked because you are using the korea blacklist
un-greylisting him won't help. Using the standard example from the man page:
rdr pass inet proto tcp from spamd to any \
port smtp - 127.0.0.1 port spamd
rdr pass inet
check your /etc/spamd.conf
have you added your whitelist to the check list?
http://www.openbsd.org/cgi-bin/man.cgi?query=spamd.confsektion=5arch=i386apropos=0manpath=OpenBSD+3.9
Venture37
--
The truth, the half-truth, and nothing like the truth. - Mark Brandon Read
Hi all.
I have a problem with spamd in Openbsd 3.9/x86, something about my
setup:
1.) One server with openbsd 3.9/x86
2.) Sendmail patchs installed (openbsd 3.9 errata).
3.) One NIC (em0) with private address (192.168.x.x/24).
4.) One propietary firewall in front of server, with NAT rules
is a cisco pix
In linux, recommend change net.ipv4.tcp_window_scaling = 0, how i can
made this in openbsd?
On Wed, 2006-07-12 at 11:40 -0500, Polkan Garcia wrote:
Hi all.
I have a problem with spamd in Openbsd 3.9/x86, something about my
setup:
1.) One server with openbsd 3.9/x86
2
?
On Wed, 2006-07-12 at 11:40 -0500, Polkan Garcia wrote:
Hi all.
I have a problem with spamd in Openbsd 3.9/x86, something about my
setup:
1.) One server with openbsd 3.9/x86
2.) Sendmail patchs installed (openbsd 3.9 errata).
3.) One NIC (em0) with private address (192.168.x.x/24
is a cisco pix
In linux, recommend change net.ipv4.tcp_window_scaling = 0, how i can
made this in openbsd?
On Wed, 2006-07-12 at 11:40 -0500, Polkan Garcia wrote:
Hi all.
I have a problem with spamd in Openbsd 3.9/x86, something about my
setup:
1.) One server with openbsd
that changing these parameters wouldn't
allieviate the issue tho.
Anyone can help me?, why my spamd doesn't work from outside?
tcpdump -ni $ext -Xs1500 port 25 and src host $incoming_testing_host ?
--
jared
[ openbsd 3.9-current GENERIC ( may 1 ) // i386 ]
Hi, my original problem was solved... (cisco pix bug)
Now, i have another :(
In the openbsd server i have sendmail, smtp-vilter, clamd, spamassassin,
etc.
The original idea is, the mail sent to openbsd server is checked by
spamd and next is sent to sendmail to process it. Now, send messages
On Wed, Jul 12, 2006 at 01:44:34PM -0500, Polkan Garcia wrote:
The original idea is, the mail sent to openbsd server is checked by
spamd and next is sent to sendmail to process it. Now, send messages to
openbsd's box and works fine (using spamdb output) but does not
delivered to sendmail
, spamd greylisting saved the day. If it wasn't for BASE/snort
reporting of the portscan, I wouldn't have even bothered looking
in my logs tonite, and probably would never have been aware of
the thwarted attempt.
Good thing they're only portscanning and mailbombing you
On Fri, Jun 16, 2006 at 09:44:32AM -0600, Bob Beck wrote:
* Joachim Schipper [EMAIL PROTECTED] [2006-06-15 18:03]:
On Tue, Jun 13, 2006 at 01:07:46AM -0600, Bob Beck wrote:
Luckily, spamd greylisting saved the day. If it wasn't for BASE/snort
reporting of the portscan, I wouldn't have
* Joachim Schipper [EMAIL PROTECTED] [2006-06-15 18:03]:
On Tue, Jun 13, 2006 at 01:07:46AM -0600, Bob Beck wrote:
Luckily, spamd greylisting saved the day. If it wasn't for BASE/snort
reporting of the portscan, I wouldn't have even bothered looking in my
logs
tonite, and probably
On Thu, Jun 15, 2006 at 10:02:49AM +0700, riwanlky wrote:
Hi Guys,
I am going to install IDS for my firewall. According to this message
snort have problem, is there any alternative IDS? Is there any IPS?
I've heard good things about Bro-IDS http://www.bro-ids.org. It's not
in ports, though,
On Tue, Jun 13, 2006 at 01:07:46AM -0600, Bob Beck wrote:
Luckily, spamd greylisting saved the day. If it wasn't for BASE/snort
reporting of the portscan, I wouldn't have even bothered looking in my logs
tonite, and probably would never have been aware of the thwarted attempt
Hi Guys,
I am going to install IDS for my firewall. According to this message
snort have problem, is there any alternative IDS? Is there any IPS?
Thanks,
Riwan
At 01:07 AM 6/13/2006 -0600, Bob Beck wrote:
Luckily, spamd greylisting saved the day. If it wasn't for BASE/snort
reporting
Luckily, spamd greylisting saved the day. If it wasn't for BASE/snort
reporting of the portscan, I wouldn't have even bothered looking in my logs
tonite, and probably would never have been aware of the thwarted attempt.
Good thing they're only portscanning and mailbombing you
Well i want to configure spamd to stop spam, but the
mail server is in my DMZ its a non openbsd system,
so i was thinking will spamd work ? as i have an
openbsd firewall which is rdr redirecting traffic to
the internal mail server ?
i hope you understood what i ment ?
regards
*:$., 88
On Sun, 11 Jun 2006 23:58:30 -0700 (PDT), S t i n g r a y wrote:
Well i want to configure spamd to stop spam, but the
mail server is in my DMZ its a non openbsd system,
so i was thinking will spamd work ? as i have an
openbsd firewall which is rdr redirecting traffic to
the internal mail server
Wow. Mailbomb attack attempts from 3 different spam bots, from 3 different
cable systems in the US, all at the same time, with the same random fake
hotmail accounts, after a portscan from one of the 3 bots.
Luckily, spamd greylisting saved the day. If it wasn't for BASE/snort
reporting
Last night I set up greytrapping entries in spamd for the first time.
This morning I could see greytrapped entries in the output of spamdb so
I decided to try the experience of being a (pseudo) spammer against my
own network.
Here is a capture of an attempt to send mail from another location
I can't seem to find an explanation for this in the man pages (excuse my
blindness if it is stated), but
what does the '(17/16)' indicate in log entries such as this..
Jun 1 00:01:33 guardian spamd[9554]: 209.59.102.252: connected (17/16)
Mike
On Wed, May 31, 2006 at 10:31:18PM -0400, Mike Spenard wrote:
I can't seem to find an explanation for this in the man pages (excuse my
blindness if it is stated), but
what does the '(17/16)' indicate in log entries such as this..
Jun 1 00:01:33 guardian spamd[9554]: 209.59.102.252
), but
what does the '(17/16)' indicate in log entries such as this..
Jun 1 00:01:33 guardian spamd[9554]: 209.59.102.252: connected (17/16)
From what I've gathered by watching logs, it's (total conns/blacklist
conns)
On Wed, May 31, 2006 at 10:56:40PM -0400, Mike Spenard wrote:
What would the remainder be then if 16 out of 17 are black. Is the
remaining
1 a greylist connection?
Yes, if I'm right (and I think I am.) Grep the logs for 'connected '
and the numbers should make sense. You should see something
On 5/23/06, Jakub GEazik [EMAIL PROTECTED] wrote:
How do you handle greylisting of valid users?
I have just tested spamd. Valid users trying to sent mail through my
SMTP server are greylisted and need to try again after 'passtime'. And
when their IP changes (DSL lines) they need to do it again
On 5/24/06, viq [EMAIL PROTECTED] wrote:
How about authpf? SSH into box, and as long as session is active, you
don't get redirected to spamd - with a tiny bit of settings.
You're correct on not getting redirected to spamd. However, such a
setup will only work on networks that do not block
How do you handle greylisting of valid users?
I have just tested spamd. Valid users trying to sent mail through my
SMTP server are greylisted and need to try again after 'passtime'. And
when their IP changes (DSL lines) they need to do it again, which could
be irritating of course.
How do
On Tue, 23 May 2006 21:39:01 +0200 Jakub G__azik [EMAIL PROTECTED] wrote:
How do you handle greylisting of valid users?
$ grep msa /etc/services
submission 587/tcp msa # mail message submission
Adam napisa3(a):
On Tue, 23 May 2006 21:39:01 +0200 Jakub G__azik [EMAIL PROTECTED] wrote:
How do you handle greylisting of valid users?
$ grep msa /etc/services
submission 587/tcp msa # mail
On 5/24/06, Jakub G3azik [EMAIL PROTECTED] wrote:
Sounds good, but telling all those users to change their MUA config..
For roaming users, they are likely to be confronted with outbound port
25 blocks on more and more networks. Given those conditions, they're
likely to have to change their
Hi,
I'm looking for scripts to generate statistics off of /var/log/spamd
Thanks,
Mike Spenard
On 19 May 2006, at 21:28, Mike Spenard wrote:
I'm looking for scripts to generate statistics off of /var/log/spamd
If you don't mind using rrdtool to collate the information, I have
some scripts here:
http://vanhegan.net/software/
In the Misc section down the bottom, you'll find my php/rrd
I got this script (spamd_parser.tgz) from a guy called Christopher
Kruslicky so all credit goes to him. It uses RRD Tool and provides a
fairly nice graph. It also runs as a daemon.
I butchered his code to produce two Perl daemons (spamd.zip) - one that
monitors the spamd log and updates the RRD
On Sat, Apr 15, 2006 at 01:18:16AM +0100, Craig Skinner wrote:
Hi lads,
See any probs with this wee idea to auto generate the above?
Hey Craig,
Saw your post to openbsd-misc on MARC;
Is there any particular reason you don't use the SPF records that
gmail
publish? I added the four
/28 # xproxy gmail
66.249.92.192/28 # uproxy gmail
216.239.56.240/28 # mproxy gmail
Hi lads,
See any probs with this wee idea to auto generate the above?
# cat /root/bin/mk-gmail-spamd-whitelist
#!/bin/ksh
file=/etc/spamd.whitelist.gmail
for l in a b c d e f g h i j k l m n o p q r s
I think I just need a second pair of eyes because I'm obviously
missing something.
I've just installed a new firewall, and i'm trying to get spamd to log
to /var/log/spamd.
It *does* log to /var/log/daemon though, and the greylisting daemon is
working fine.
fire:/var/log#ls -al spamd
-rw-r
the problem was here:
---My modifications to syslog.conf---
!spamd
daemon.err;daemon.warn;daemon.info /var/log/spamd
When I started syslog with syslogd -d I saw this error:
syslogd: unknown priority name info /var/log/spamd
I double checked
On 4/12/06, Bryan Irvine [EMAIL PROTECTED] wrote:
I've just installed a new firewall, and i'm trying to get spamd to log
to /var/log/spamd.
Have you SIGHUP'ed the syslogd process? It should re-read its
configuration file at that point, using your new configuration.
!spamd
daemon.err
At 06:42 PM 4/11/06, Bryan Irvine wrote:
I think I just need a second pair of eyes because I'm obviously
missing something.
I've just installed a new firewall, and i'm trying to get spamd to log
to /var/log/spamd.
Did you 'touch' the file? You need to create the file yourself.
On Tue, Apr 11, 2006 at 03:42:09PM -0700, Bryan Irvine wrote:
---My modifications to syslog.conf---
!spamd
daemon.err;daemon.warn;daemon.info /var/log/spamd
when you:
$ sed -ne '/spamd/l' /etc/syslog.conf
do you have
!spamd\n$
daemon.err;daemon.warn;daemon.info
there are two separate IP addresses allegedly from gmail
accounts, but imagine my surprise that both resolve to something else
entirely.
spamdb is running with the system defaults with the exception of the port
/usr/libexec/spamd -v -p 8024 -G 25:4:864 -g
spamd.conf is using the China, Korea, Bob
of the port
/usr/libexec/spamd -v -p 8024 -G 25:4:864 -g
spamd.conf is using the China, Korea, Bob Beck's trapped list, and my
own personal whitelist and blacklist.
My next debugging attempt will be to have someone with a gmail account
send mail while I'm running tcpdump on port 25.
Has
hitting spamd's max connection limit?
spamd.conf is using the China, Korea, Bob Beck's trapped list, and my
own personal whitelist and blacklist.
My next debugging attempt will be to have someone with a gmail account
send mail while I'm running tcpdump on port 25.
Has anyone else running spamd
/usr/libexec/spamd -v -p 8024 -G 25:4:864 -g
spamd.conf is using the China, Korea, Bob Beck's trapped list, and my
own personal whitelist and blacklist.
My next debugging attempt will be to have someone with a gmail account
send mail while I'm running tcpdump on port 25.
Has anyone else running
resolve to something else
entirely.
spamdb is running with the system defaults with the exception of the port
/usr/libexec/spamd -v -p 8024 -G 25:4:864 -g
spamd.conf is using the China, Korea, Bob Beck's trapped list, and my
own personal whitelist and blacklist.
My next debugging attempt
So where do I find Bob Beck's spamd list?
On 2006/04/07 10:49, Jeff Ross wrote:
rdr pass on $if_ext proto tcp from whitelist to port smtp \
- ($if_ext) port 25
Have you tested that your whitelist works by connecting from an IP
address that's listed on it?
I usually use no rdr when I want to exempt servers from
greylisting, istr
to something else
entirely.
spamdb is running with the system defaults with the exception of the port
/usr/libexec/spamd -v -p 8024 -G 25:4:864 -g
spamd.conf is using the China, Korea, Bob Beck's trapped list, and my
own personal whitelist and blacklist.
My next debugging attempt will be to have
?
spamd.conf is using the China, Korea, Bob Beck's trapped list, and my own
personal whitelist and blacklist.
My next debugging attempt will be to have someone with a gmail account
send mail while I'm running tcpdump on port 25.
Has anyone else running spamd seen this? From my qmail logs, I see
(but that was a long time ago, so ymmv).
Also, interesting. I've pretty much used the setup as described in the
man page and haven't had a problem in like a year and a half of using
spamd.
Jeff
1201 - 1300 of 1468 matches
Mail list logo