My greylisting system has been running fine for about a month but
recently run I've into a problem with greylisting. I had someone tell
me that an email they sent to me bounced. Looking at the log file
(shown below) it appears that their email server retried three times
every half hour so I am not sure why they were not whitelisted.
I am running spamd with the following options spamd_flags="-v -G 5:4:864".
The only thing that looked a little suspicious is I think I may be
hitting the upper end of the pf table size. Is it possible just no
more IP's can be added to spamd-white?
# pfctl -t spamd-white -T show | wc -l
499785
# pfctl -t spamd -T show | wc -l
18
# pfctl -t spamd-mywhite -T show | wc -l
175
I have "set limit table-entries 500000" so do I just need to increase
the table-entries even higher? What is the highest value this can be
set to?
# zcat daemon.*.gz | grep 66.192.70.179
Nov 14 17:33:02 mx-fw1 spamd[14875]: 66.192.70.179: connected (755/1)
Nov 14 17:33:09 mx-fw1 spamd[14875]: (GREY) 66.192.70.179:
<[EMAIL PROTECTED]> -> <[EMAIL PROTECTED]>
Nov 14 17:33:13 mx-fw1 spamd[14875]: 66.192.70.179: disconnected after 11
seconds.
Nov 14 16:02:49 mx-fw1 spamd[14875]: 66.192.70.179: connected (749/3)
Nov 14 16:03:00 mx-fw1 spamd[14875]: (GREY) 66.192.70.179:
<[EMAIL PROTECTED]> -> <[EMAIL PROTECTED]>
Nov 14 16:03:00 mx-fw1 spamd[14875]: 66.192.70.179: disconnected after 11
seconds.
Nov 14 15:35:31 mx-fw1 spamd[14875]: 66.192.70.179: connected (483/0)
Nov 14 15:35:43 mx-fw1 spamd[14875]: (GREY) 66.192.70.179:
<[EMAIL PROTECTED]> -> <[EMAIL PROTECTED]>
Nov 14 15:35:43 mx-fw1 spamd[14875]: 66.192.70.179: disconnected after 12
seconds.
Nov 14 15:35:31 mx-fw1 spamd[14875]: 66.192.70.179: connected (483/0)
Nov 14 15:35:43 mx-fw1 spamd[14875]: (GREY) 66.192.70.179:
<[EMAIL PROTECTED]> -> <[EMAIL PROTECTED]>
Any thoughts?
-Eric
