> 1) For my own whitelist, should I use the entries in spamd.conf, or
> should I extend the <spamd-white> table entry in pf.conf with 'file
> "/var/mail/whitelist.txt"'? Is there an obvious advantage to
> either one?
An extension to this question: The daily security check complains about
the "mailbox" whitelist.txt:
=====
Checking mailbox ownership.
user whitelist.txt mailbox is owned by _spamd
user whitelist.txt mailbox is -rw-r--r--, group wheel
=====
I guess the easiest would be to move the file out of there, or is there
anything else? Typically, the OpenBSD defaults "just work"...?
> 2) I have a hard time understanding the differences/advantages between
> spamd's greylisting and relaydb. It seems the main difference is a bit
> more control whether an IP address is the source of spam or
> not *and* it
> needs an additional mechanism like SpamAssasin+procmail to be fed.
> Right? What mechanism are available to feed relaydb? Anything I am
> understanding wrong or missing?
Anyone? Bueller?
> 3) spamlogd is supposed to whitelist mailhosts that my MTA
> send mail to.
> I have these entries in pf.conf:
>
> pass in on $ExtIF inet proto tcp from any \
> to $PublicServer port { imaps, www, https } \
> flags S/SA keep state
> pass in log on $ExtIF inet proto tcp from any \
> to $PublicServer port smtp keep state
> pass out on $ExtIF inet proto tcp all \
> flags S/SA keep state
> pass out log on $ExtIF inet proto tcp from $PublicServer \
> to any port smtp keep state
>
> But it seem only the incoming traffic is being logged. I guess I have
> the rule order wrong or conflicting but I don't see why?
For this I actually found the answer myself: $PublicServer only referred
to the internal/private IP address, but the "pass out" rule needs the
outside/public IP address. Work, brain, work!
> Thanks for any enlightening pointers,
> -Jason
Still hoping...!
-Jason
