Adam Thompson <athom...@athompso.net> writes: > The documentation on spamd(8) tells me that it integrates tightly with > pf(4), in such a way that it does NOT take over port 25 locally, it > merely seems that way to certain outside senders... right? It appears > that spamd(8) never proxies a connection onward to localhost:25, > because that has already been decided at the pf(4) layer, i.e. spamd > by definition never actually processes any mail in any way whatsoever?
spamd only has enough smtp to keep spambots occupied. It never tries to actually deliver anything at all. Once a host is whitelisted (assuming your config is roughly what it says in the docs), it never sees spamd again and talks directly to your real mail daemon, which likely has content filtering such as spamassassin and clamd on the menu. My personal recommendation is to take advantage of spamd's excellent greylisting (the default mode, but AFAIK a lot more tuneable than other greylisters) and supplement with sucking in known good blacklists such as uatraps and nixspam. And as you say that > I have a *ton* of honeypot email addresses that are *guaranteed* to > receive *only* spam. you are only a breath away from implementing greytrapping. Take those together, and the content filtering produces a lot less load. As for the choice of MTA, it's really a question of your personal preferences. I've done battle with sendmail, exim and postfix in the past, and all of them have their good sides as well as their own little set of oddities that you need to get used to. OpenBSD's own smptd shows great promise and may possibly be what you need. If you have the time and inclination, I would recommend looking into more than one option before you decide on which one fits your needs and general mindset. The ones you have used before will seem familiar, but all of them have evolved over the last few years. > I'm not asking to be flamed, I haven't run my own mail server for a > couple of years and things have changed a bit since then... but I am > hoping I've provided enough detail that someone might be able to spot > potential problems before I run into them. You'll be all right, mate. It sounds like you have a good grasp of the issues already, and whatever else can go wrong, putting a plain vanilla spamd in front of your mail server is bound to give you a much more pleasant environment for solving any issues that might pop up. - Peter -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/ "Remember to set the evil bit on all malicious network traffic" delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.