> > I have spamd configured like in > > http://home.nuug.no/~peter/pf/en/spamd.html > > with greylisting enabled > > > > and i meet some problems with it: > > Well, you have my attention. I am would be very interested in getting > to know about any inaccuracies in that document, and certainly any > that trip people up. > > > 1. My 2 FreeBSD routers stopped to pass mail from WHITE-list. First > > one - when spamd grows to 500 Megabytes. Second - 350 Meg. > > At the point where things stop working, what content does the > whitelist table have? ie, anything recognizable or (incredibly) zero > size? One possibility - a far fetched one, admittedly - is that > hosts in your whitelist got themselves greytrapped (if you did set > that up).
Nothing unusual, but that the mail stops forwarding from the whitelist. i.e. the sender resends the mail, gets in WHITE-list in spamd, but the mail does not actually pass the router. Many users started to complain and I forgot to look into pfctl -t spamd-white -T show but actually I have no BLACK list, and I still don't have a good idea how to use TRAPs automatically...I try to put some adresses in TRAP-list manually, but I can catch only myself in test purposes. > > > When I do: > > cat /dev/null > /var/db/spamd > > all starts to work again > > This sounds like somehow your initally whitelisted hosts got > themselves blacklisted, or the whitelist is somehow bypassed. > As I wrote above they could not get into BLACK-list because i don't have any. And it could not bypass anyhow, because I have such redirect rules: pfctl -sn rdr pass inet proto tcp from <spamd> to any port = smtp -> 127.0.0.1 port 8025 rdr pass inet proto tcp from ! <spamd-white> to any port = smtp -> 127.0.0.1 port 8025 .... > > 2. If i have some malware on my PC and use mail-client program. If I > > send the same message some times I automatically get into WHITE-list > > and my malware can spam as much as it must? > > If your malware manages to behave RFC-correctly, that is, resend after > what the greylisting host considers a reasonable interval, it will > manage to send whatever it's trying to send. No...not malware...suppose that a user doesn't know about malware and uses Outlook to send his mail. He'll get into THE WHITE-list and spamd can't stop HIS malware? tusen takk at du har blitt interessert i problemet mitt _______________________________________________ freebsd-pf@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-pf To unsubscribe, send any mail to "[EMAIL PROTECTED]"
