On Tue, 2008-08-12 at 09:46 +0200, Morgan Wesstrvm wrote:
> information Google turned up. A general reflection is that it's a little
> hard to grasp from the man pages how all the components work together
> (spamd, spamlogd, spamd-setup, spamdb, pf) especially when you're only
> used to blacklisting like I am. But everything seems to be working just
I just had to do the same (on OpenBSD, though). I do find the man pages
quite complete, to be honest. It may be not a step-through guide on all
topics, but once I took myself the time to actually read it all through,
it became quite clea.:
> fine now. However, I'm confused about the purpose of spamd-setup in
> greylisting mode.
>
> * There is no longer a <spamd> table to fill with blacklisted IP addresses.
Correct. Because spamd takes care of blacklisted IPs and no longer pf.
> * Addresses being whitelisted in spamdb are automatically moved to
> <spamd-white> even if I don't run spamd-setup.
yes, as explained in spamd(8):
"spamd regularly scans the /var/db/spamd database and configures all
whitelist addresses as the pf(4) <spamd-white> table"
This is required so that whitelisted IPs can bypass spamd entirely using
pf.
> * spamdb does NOT get populated with any blacklisted IP addresses when I
> run spamd-setup.
No, because you don't need it. Everything that is not in the state of
GREY, TRAP, SPAMTRAP or WHITE is obviously blacklisted.
> So exactly what does spamd-setup do in greylisting mode? Do I need it?
spamd-setup(8)
"The spamd-setup utility sends blacklist data to spamd(8), as well as
configuring mail rejection messages for blacklist entries."
> One more question. If I want to blacklist an IP address manually I
> assume I use "spamdb -T -a ip-address". That creates a SPAMTRAP record
> in the database at least. Is this the same as blacklisting? If it is,
No, if you'd like to blacklist an IP manually, you can either do so by
using a custom pf table (e.g. mywhite) that omits redirection from that
table to spamd. Or, the way we do it, we compile our own list and
configure/load it in spamd.conf(5):
"The spamd.conf file is read by spamd-setup(8) to configure blacklists
for spamd(8)."
> why doesn't the various blacklists in spamd.conf show up here then? How
Well, you have to configure them somehere.
> are those lists handled in greylisting mode?
They are loaded using spamd-setup and fed into spamd(8).
Hope that helps,
--
Stephan A. Rickauer
-----------------------------------------------------------
Institute of Neuroinformatics Tel +41 44 635 30 50
University / ETH Zurich Sec +41 44 635 30 52
Winterthurerstrasse 190 Fax +41 44 635 30 53
CH-8057 Zurich Web www.ini.uzh.ch
