This may seem like a dead horse to some by now, but I am disappointed
no one replied to the msg, I supplied the detailed event information with
timestamps, regarding lists.openbsd.org mails not being whitelisted by
spamd when run in greylist mode.
RFC282, 4.5.4.1 Sending Strategy:
The sender MUST delay retrying a particular destination after one
attempt has failed. In general, the retry interval SHOULD be at
least 30 minutes; however, more sophisticated and variable strategies
will be beneficial when the SMTP client can determine the reason for
non-delivery.
Retries continue until the message is transmitted or the sender gives
up; the give-up time generally needs to be at least 4-5 days. The
parameters to the retry algorithm MUST be configurable.
Yet I have been advised not to mess with the default timings with -G option.
It looks to me like the retry intervals of lists.openbsd.org are not
sufficient to get it whitelisted by spamd.
I am well beyond assuming anything, and prepared to learn / accept
any constructive advice.
Can anyone confirm they have the following scenario?
* A clean installed OpenBSD 5.1 configured as a primary MX
* Clean spamd settings, clean /var/db/spamd
* Default spamd with no options
* Default spamlogd with no options
* The pf.conf uses spamd entries from the example pf.conf from etc.tgz
* No manual whitelist entry for lists.openbsd.org
* Incoming from lists.openbsd.org is eventually whitelisted by spamd
I am just trying to learn the cause, and I have been fully prepared to wear
egg on my face if my own configuration is causing the problem. I have not
yet proven this is the case.
I believe I have checked everything anyone suggested to check.
I really don't want my next check be to roll back to 4.9 and see if
lists.openbsd.org will auto whitelist like it previously did.
In hope,
David
On Sat, May 26, 2012 at 01:19:38PM +1000, David Diggles wrote:
> Ok........ I am still not getting emails from
> lists.openbsd.org (so please if you reply, cc to me).
>
> I restarted spamd at this time after deleting /var/db/spamd and
> clearing the bypass tables in pf at this time:
>
> 2012-05-26 02:13:12 # /usr/libexec/spamd
>
> Here is the last message to make it to sendmail from misc:
>
> fgrep from= /var/log/maillog|fgrep owner-misc|tail -1|awk '{print $1,$2,$3}'
> May 26 01:54:35
>
> The pf rules for spamd I have are taken from the default pf.conf:
>
> pass in on egress inet proto tcp from any to any port = 25 flags S/SA rdr-to
> 127.0.0.1 port 8025
> pass in on egress proto tcp from <nospamd> to any port = 25 flags S/SA
> pass in log on egress proto tcp from <spamd-white> to any port = 25 flags S/SA
> pass out log on egress proto tcp from any to any port = 25 flags S/S
>
> It is currently Sat May 26 12:54:31 EST 201
>
> Times of passed smtp connections for May 26:
>
> tcpdump -n -e -ttt -r /var/log/pflog 2>&1|fgrep ".25:"|\
> fgrep 'May 26'|awk '{print $3}'
> 01:14:53.793995
> 04:17:11.846707
> 05:00:19.443080
> 05:15:01.487277
> 07:17:51.114440
> 09:35:58.120098
> 10:14:21.444822
> 11:53:33.611903
>
> So I will skip the first entry when I grep for the
> ip addresses, with a tail +2 because it occurred
> *before* I reset everything.
>
> tcpdump -n -e -ttt -r /var/log/pflog 2>&1|fgrep ".25:"|\
> fgrep 'May 26'|awk '{print $10}'|tail +2|\
> awk -F. '{print $1"."$2"."$3"."$4}'|sort -n
> 17.254.6.112
> 74.125.82.47
> 113.172.232.215
> 129.21.208.44
> 202.58.38.80
> 203.59.1.110
> 206.46.252.115
>
> I have the following tables.
>
> pfctl -s Tables
> nospamd
> spamd-white
>
> Confirming against the spamd-white table
>
> pfctl -t spamd-white -Ts
> 17.254.6.112
> 74.125.82.47
> 113.172.232.215
> 129.21.208.44
> 202.58.38.80
> 203.59.1.110
> 206.46.252.115
>
> lists.openbsd.org = 192.43.244.163
>
> So nothing from misc has made it to sendmail since I emptied
> <nospamd> and <spamd-white> on pf.conf
>
> These are all the attempts from lists.openbsd.org since
> I cleared the spamdb and pf tables.
>
> fgrep 192.43.244.163 /var/log/spamd|fgrep 'May 26'
> May 26 02:53:48 skitL spamd[25502]: 192.43.244.163: connected (1/0)
> May 26 02:54:00 skitL spamd[25502]: 192.43.244.163: disconnected after 12
> seconds.
> May 26 03:00:24 skitL spamd[25502]: 192.43.244.163: connected (1/0)
> May 26 03:00:36 skitL spamd[25502]: 192.43.244.163: disconnected after 12
> seconds.
> May 26 04:41:24 skitL spamd[25502]: 192.43.244.163: connected (1/0)
> May 26 04:41:36 skitL spamd[25502]: 192.43.244.163: disconnected after 12
> seconds.
> May 26 05:04:19 skitL spamd[25502]: 192.43.244.163: connected (2/1)
> May 26 05:04:31 skitL spamd[25502]: 192.43.244.163: disconnected after 12
> seconds.
> May 26 05:15:24 skitL spamd[25502]: 192.43.244.163: connected (1/0)
> May 26 05:15:36 skitL spamd[25502]: 192.43.244.163: disconnected after 12
> seconds.
> May 26 05:19:36 skitL spamd[25502]: 192.43.244.163: connected (1/0)
> May 26 05:19:48 skitL spamd[25502]: 192.43.244.163: disconnected after 12
> seconds.
> May 26 05:26:38 skitL spamd[25502]: 192.43.244.163: connected (1/0)
> May 26 05:26:50 skitL spamd[25502]: 192.43.244.163: disconnected after 12
> seconds.
> May 26 05:31:10 skitL spamd[25502]: 192.43.244.163: connected (1/0)
> May 26 05:31:22 skitL spamd[25502]: 192.43.244.163: disconnected after 12
> seconds.
> May 26 05:37:54 skitL spamd[25502]: 192.43.244.163: connected (1/0)
> May 26 05:38:06 skitL spamd[25502]: 192.43.244.163: disconnected after 12
> seconds.
> May 26 05:43:38 skitL spamd[25502]: 192.43.244.163: connected (1/0)
> May 26 05:43:50 skitL spamd[25502]: 192.43.244.163: disconnected after 12
> seconds.
> May 26 06:32:55 skitL spamd[25502]: 192.43.244.163: connected (1/0)
> May 26 06:33:08 skitL spamd[25502]: 192.43.244.163: disconnected after 13
> seconds.
> May 26 07:00:31 skitL spamd[25502]: 192.43.244.163: connected (1/0)
> May 26 07:00:43 skitL spamd[25502]: 192.43.244.163: disconnected after 12
> seconds.
> May 26 07:29:59 skitL spamd[25502]: 192.43.244.163: connected (1/0)
> May 26 07:30:11 skitL spamd[25502]: 192.43.244.163: disconnected after 12
> seconds.
> May 26 07:53:46 skitL spamd[25502]: 192.43.244.163: connected (1/0)
> May 26 07:53:58 skitL spamd[25502]: 192.43.244.163: disconnected after 12
> seconds.
> May 26 08:26:24 skitL spamd[25502]: 192.43.244.163: connected (1/0)
> May 26 08:26:36 skitL spamd[25502]: 192.43.244.163: disconnected after 12
> seconds.
> May 26 09:14:32 skitL spamd[25502]: 192.43.244.163: connected (1/0)
> May 26 09:14:44 skitL spamd[25502]: 192.43.244.163: disconnected after 12
> seconds.
> May 26 10:12:59 skitL spamd[25502]: 192.43.244.163: connected (1/0)
> May 26 10:13:10 skitL spamd[25502]: 192.43.244.163: disconnected after 11
> seconds.
> May 26 11:44:37 skitL spamd[25502]: 192.43.244.163: connected (1/0)
> May 26 11:44:49 skitL spamd[25502]: 192.43.244.163: disconnected after 12
> seconds.
> May 26 11:54:40 skitL spamd[25502]: 192.43.244.163: connected (1/0)
> May 26 11:54:52 skitL spamd[25502]: 192.43.244.163: disconnected after 12
> seconds.
