On 25.05.2012 10:50, David Diggles wrote:
I wasn't receiving email, from lists.openbsd.org and also from my
work email address, until I added the respective smtp servers to
the whitelist table in pf.
I could see them in the greylist when I typed spamdb.
In the greylist, or in the whitelist (both are stored in
/var/db/spamdb)? I'm wondering now whether your /var/db/spamdb
got wiped out when you upgraded. If that happened, then all
pre-existing whitelist entries would be gone, and emails would
have to go through greylisting again.
Also, if your standard procedure when making changes was as below
(wiping out spamdb), you would be pretty much guaranteed to drop
a lot of mail on the floor given exponential back off.
I will go ahead and flush the spamdb database, and the pf tables
and start over with default everything, no whitelist pf entries.
Presumably you have at least some whitelist entries there, and some
mail in transit that you would like to eventually receive. Flushing
the database now would mean that anything currently greylisted is
very unlikely to be whitelisted, and anything whitelisted will be
greylisted next time it tries to deliver mail.
This time I will sit on my hands and wait. Maybe I was not
being patient enough.
With default settings, you need to be patient for 4 hours. Past 4
hours, the chances are close to nil that you'll get that mail. Until
4 hours have passed, though, it's completely possible you'll still
receive the mail.
As for gmail;
I have not had this issue sending email from gmail to spamd.
You will.
Seriously though, if I have to keep manually adding smtp servers
to a whitelist, I will run in blacklist only mode.
It's pretty straightforward to script pulling SPF records from Google
and whitelisting them. Facebook is another company that sends a lot
of mail through many servers, but documents those servers in SPF
records you can poll (say, on a weekly basis). There are very few
other mail server clusters that have that behavior, so once you
identify those two, and script it, the problem is basically solved.
For example, you could move your current nospamd file to
/etc/mail/nospamd.constant, and then do the following in
/etc/weekly.local:
next_part "Whitelisting Google mail servers"
/usr/sbin/dig _spf.google.com TXT + short | tr "\ " "\n" | grep ip4: \
| cut -d: -f2 | sort -n > /etc/mail/nospamd.dynamic
cat /etc/mail/nospamd.constant /etc/mail/nospamd.dynamic >
/etc/mail/nospamd
/sbin/pfctl -t gmail-white -T replace -f /etc/mail/nospamd 2>&1 \
| grep -v 'no changes'
That's very close to something someone else shared on misc@ many
moons ago, I don't remember who.
--
Matthew Weigel
hacker
unique & idempot . ent
