Re: A Question Regarding greylisting and spamd

[knitti <knitti_(_at_)_gmail_(_dot_)_com>]

I just read your pf rules, I don't think they make sense.

On Apr 11, 2005 7:44 PM, eric <eric-list-openbsd-misc_(_at_)_catastrophe_(_dot_)_net> wrote:

> rdr pass on $ext_if proto tcp from <spamd-mywhite> to port smtp \
>         -> $ext_if port smtp

this is no redirection at all. connections from your whitelist are 'redirected'
from yourip:25 to yourip:25. Which is either without effect or a loop, but
certainly not what you probably intended

better add your whitelist to spamdb and make sure none of its IP 
addresses are blacklisted (man spamd-setup)

> rdr pass on $ext_if proto tcp from <spamd> to port smtp \
>         -> 127.0.0.1 port spamd
> rdr pass on $ext_if proto tcp from !<spamd-white> to port smtp \
>         -> 127.0.0.1 port spamd
> pass in on  $ext_if inet proto tcp  from any       to $ext_if port 25   $ms

you should add a "log" statement, spamlogd needs that for greylisting. It is 
also need for outbound smtp connections. (man spamlogd)

> When looking for a listing in <spamd> I can't find my source IP address
> (207.227.243.195).
> $ sudo pfctl -t spamd -T show | grep 207.227.243 | wc -l
>        0
> So perhaps I misconfigured something? The machine is 3.6-STABLE.

it is perfectly ok that your IP address is not in <spamd> since this is the
blacklist.

additional, as mentioned before, look in your rc script, whether the 
'-g' option is specified (it is, if you didn't alter your /etc/rc).

> 
> # /etc/spamd.conf
> all:\
>         :spamhaus:china:korea:mywhite:

you want probably :spamhaus:mywhite:china:mywhite:korea:mywhite:
(man spamd.conf)

apologies for my incomplete answers before, I didn't have much time at hand.

--knitti