On 6/6/07, Christoph Schneeberger <[EMAIL PROTECTED]> wrote:
>> case 1: src host is whitelisted, connection is allowed to 1.1.1.35, >> everything works fine. >> case 2: src host is grey-/blacklisted and therefor redirected to >> 127.0.0.1, in this case i get just a timeout when i try to telnet to >> port 25 of 1.1.1.35 which as I understand is caused by many reasons, >> among them that the src hosts expects tcp packets only from 1.1.1.35 and >> not from 1.1.1.5 which is the only ip from which the bridges spamd could >> use to talk to the src host (sender mta).
Try some tcpdump'ing to see where it is failing, for example on lo0 or $ext_if. Add some 'log' to your rules. can the bridge talk to other internet hosts? Does it have a default gateway? Is spamd actually running? spamlogd? Is that the complete pf.conf? Give more complete information, including the obvious stuff. -Mark
