I am looking to expand my spamd.conf's blacklisting and I now see that some providers prefer one to rsync their blacklist rather than simply fetching it and more others make their lists queryable by DNS only.
I am not missing some easy rsync syntax for spamd.conf right? It is a sufficient workaround to just rsync to a local file then have the base spamd look at that. The fast table lookups that pf can do are great. As for the DNSBLs, last year Clint Pachl kindly shared a spamd-dnsbl script here which every few minutes looks to trap hosts while they are graylisted. Also promising is https://github.com/echothrust/pf-diverters though the README warns "IN NO-WAY PRODUCTION READY" and dnsbl-divert is "still work-in-progress" and there are no recent commits. Maybe it's more reliable than it seems though I am still trying to understand the implications of a divert-packet to something that then does DNS lookups: this is a side of pf that's new to me. For using IP blacklists to immediately divert senders to spamd, it'd be interesting to try Spamhaus Zen and similar. How are people approaching this? Is there a "good" OpenBSD way to do it or maybe the whole idea is ill-conceived. -- Mark
