On May 26, 2019, at 04:41, Mik J <mikyde...@yahoo.fr> wrote: > > Hello, > > I'm coming back on this topic. I added the -K option > # /usr/libexec/spamd -v -s 5 -S 5 -w 1 -G5:24:2400 -l 127.0.0.1 -h > myhost.mydomain.org -y vmx0 -Y myhost2.mydomain.org -K /etc/mail/spamd.key -n > ABCD > # spamd: need key and certificate for TLS > > So it seems it expects some kind of certificat/privatekey rather than a key > > Does anyone uses the -K option successfully ?
Yes. :-). Looks like you forgot the '-C /etc/ssl/<whatever>.crt’ option. Granted, this is on 6.3. My full args are: -h <myhost> -v -G 2:4:864 -y vio0 -Y <myotherhost> -K /etc/ssl/private/<myhost>.key -C /etc/ssl/<myhost>.crt Works fine. Sean > So far I didn't manage to make the synchro to work. udp packets on port 8025 > are not dropped. > However spamd doesn't seem to send any 8025/udp packet at all. > > Regards > > Le mardi 23 avril 2019 à 02:57:31 UTC+2, Rudy Baker <rizzz2...@gmail.com> > a écrit : > > On Mon, Apr 22, 2019, 10:43 AM Thuban, <thu...@yeuxdelibad.net> wrote: > >> * Otto Moerbeek <o...@drijf.net> le [21-04-2019 12:49:07 +0200]: >>> On Sun, Apr 21, 2019 at 09:53:52AM +0000, Mik J wrote: >>> >>>> Hello, >>>> I read the man but it's not so clear to me >>>> https://man.openbsd.org/spamd#SYNCHRONISATION >>>> a) I chose unicast synchronisation but I don't know which port should >> I open on the firewall ? >>>> Is it going to use the spamd-cfg service ? >>> >>> It will use spamd-sync (udp port 8025) >> >> Good to know, I was blocking this traffic. It might be interesting to >> add a word about this in the manpage, what do you think? >> > > tcpdump -nettti pflog0 > > That command tells you if anything is being blocked. I normally start > there. You would have seen port 8025 being blocked right away > >> >> >
