Hi again, The problem was the cisco pix firewall.... i disable on it tcp window scaling and all works fine.
On Wed, 2006-07-12 at 12:23 -0500, Polkan Garcia wrote: > Hi all :) > > I researching find this: > > "...This is the sign of a Cisco Pix 4Mailguard! sitting in front of your > MTA. Pix breaks ESMTP and only does SMTP. It is a nuisance when you have > a secure MTA running on your box. Something like 4no fixup protocol smtp > 25! in the Pix configuration is needed. It may be possible to do this by > logging into the Pix (using telnet or ssh) and typing no fixup smtp to > its console. (You may need to use other commands before or after to set > up configuration mode and to activate a changed configuration. Consult > your Pix documentation or expert.) ..." > > My firewall is a cisco pix.... > > In linux, recommend change net.ipv4.tcp_window_scaling = 0, how i can > made this in openbsd? > > > > On Wed, 2006-07-12 at 11:40 -0500, Polkan Garcia wrote: > > Hi all. > > > > I have a problem with spamd in Openbsd 3.9/x86, something about my > > setup: > > > > 1.) One server with openbsd 3.9/x86 > > 2.) Sendmail patchs installed (openbsd 3.9 errata). > > 3.) One NIC (em0) with private address (192.168.x.x/24). > > 4.) One propietary firewall in front of server, with NAT rules that > > assign one public address to my openbsd server. > > 5.) The server, already have a sendmail instance working. > > 6.) The propietary firewall has a rule that allow connect to openbsd > > server using the public ip to port 25. > > > > > > A little graphic: > > > > > > Internet ---------> FW -----------> Openbsd's Box > > NAT > > 63.xx.xx.xx -------> 192.168.x.x/32 > > tcp 25 Open > > > > In openbsd's box is running spamd, this: > > > > ********************* > > pf.conf: > > > > table <spamd> persist > > table <spamd-white> persist > > rdr pass on em0 proto tcp from <spamd> to !lo0 port smtp -> lo0 port > > spamd > > rdr pass on em0 proto tcp from !<spamd-white> to !lo0 port smtp -> lo0 > > port spamd > > ********************** > > > > ********************** > > rc.conf: > > > > spamd_flags="-v -G 8:4:864" # for normal use: "" > > spamd_grey=YES # use spamd greylisting if YES > > spamlogd_flags="" # use eg. "-i interface" and see spamlogd(8) > > ********************** > > > > Ok, when i run telnet from any machine into LAN (192.168.x.x/24) to > > openbsd server on port 25, i see: > > > > > > Trying 192.168.xx.x... > > Connected to somedomain.com. > > Escape character is '^]'. > > 220 somedomain.com ESMTP spamd IP-based SPAM blocker; Tue Jul 11 > > 15:56:01 2006 > > > > All is ok :) > > > > > > But when i tried from Internet, using the public address (another > > machine outside of lan): > > > > Trying 63.xx.xx.xx... > > Connected to somedomain.com. > > Escape character is '^]' > > > > And no more.... > > > > If i send a email from another site (gmail by example), in > > my /var/log/daemon log is showing: > > > > Jul 11 12:06:18 host spamd[21194]: 64.233.166.180: connected (1/0) > > Jul 11 12:06:20 host spamd[21194]: 64.233.166.180: disconnected after 2 > > seconds. > > > > And the mail is lost. > > > > Finally, i disable spamd (pfctl -d), send mail again and sendmail > > receive the mail perfect. > > > > > > Anyone can help me?, why my spamd doesn't work from outside?
