i've started looking at spamd & to be honest i'm a little confused even
after reading man & google. could somebody run a quick check over all of
this to reassure me?
NB special thanks to peter@ for http://home.nuug.no/~peter/pf/en/ this
was a godsend!
scenario:
pf fw running as inet gateway & NATs smtp to postfix on different host.
this works just fine but of course receives spam occasionally!
spamd appears to be a drop-on-top of your existing (working) MTA config
- i.e. no changes are required to my pf fw & postfix setup at all. am i
right?
changes - all on postfix box only:
- enabled pf & set a pf.conf (below)
- use default spamd.conf
this seems to work but -
i don't see a greylist table anywhere in pfctl -s all. is one needed?
pf in-memory table spamd-white doesn't persist between reboots. is this
expected?
here's my config (all on the postfix box) - supposedly following vanilla
openbsd40/release:
rc.conf.local:spamd_grey=YES
rc.conf.local:spamd_flags="-v 127.0.0.1"
rc.conf.local:spamlogd_flags=""
thanks,
scorch
file:/etc/pf.conf
ext_if="fxp0"
table <spamd> persist
table <spamd-white> persist file "/etc/whitelist.txt"
set skip on lo
scrub in
rdr pass on $ext_if proto tcp from <spamd> to port smtp \
-> 127.0.0.1 port spamd
rdr pass on $ext_if proto tcp from !<spamd-white> to port smtp \
-> 127.0.0.1 port spamd
pass in on $ext_if proto tcp to ($ext_if) port ssh
pass in log on $ext_if proto tcp to ($ext_if) port smtp
pass out log on $ext_if proto tcp from ($ext_if) to port smtp
file:/etc/spamd.conf
# $OpenBSD: spamd.conf,v 1.19 2006/07/11 05:40:33 djm Exp $
#
# spamd config file, read by spamd-setup(8) for spamd(8)
#
# See spamd.conf(5)
#
# Configures whitelists and blacklists for spamd
#
# Strings follow getcap(3) convention escapes, other than you
# can have a bare colon (:) inside a quoted string and it
# will deal with it. See spamd-setup(8) for more details.
#
# "all" must be here, and defines the order in which lists are applied.
# Whitelists apply to the previous blacklist. More than one whitelist
# may be applied to each blacklist.
#
# As of November 2004, a place to search for black lists is
# http://spamlinks.net/filter-bl.htm
#
# Some of the URLs below point to www.openbsd.org locations. Those
# files are likely to be mirrored to other OpenBSD www mirrors located
# around the world. Hence, it is possible to edit this file and rewrite
# www.openbsd.org with, for instance, to www.de.openbsd.org
all:\
:spews1:china:korea:
# Mirrored from http://www.spews.org/spews_list_level1.txt
spews1:\
:black:\
:msg="SPAM. Your address %A is in the spews level 1 database\n\
See http://www.spews.org/ask.cgi?x=%A for more details":\
:method=http:\
:file=www.openbsd.org/spamd/spews_list_level1.txt.gz:
# Mirrored from http://www.spews.org/spews_list_level2.txt
spews2:\
:black:\
:msg="SPAM. Your address %A is in the spews level 2 database\n\
See http://www.spews.org/ask.cgi?x=%A for more details":\
:method=http:\
:file=www.openbsd.org/spamd/spews_list_level2.txt.gz:
# Mirrored from http://www.okean.com/chinacidr.txt
china:\
:black:\
:msg="SPAM. Your address %A appears to be from China\n\
See http://www.okean.com/asianspamblocks.html for more details":\
:method=http:\
:file=www.openbsd.org/spamd/chinacidr.txt.gz:
# Mirrored from http://www.okean.com/koreacidr.txt
korea:\
:black:\
:msg="SPAM. Your address %A appears to be from Korea\n\
See http://www.okean.com/asianspamblocks.html for more details":\
:method=http:\
:file=www.openbsd.org/spamd/koreacidr.txt.gz:
whitelist:\
:white:\
:method=file:\
:file=/etc/whitelist.txt:
