Adam Thompson <athom...@athompso.net> writes:

> The documentation on spamd(8) tells me that it integrates tightly with
> pf(4), in such a way that it does NOT take over port 25 locally, it
> merely seems that way to certain outside senders... right?  It appears
> that spamd(8) never proxies a connection onward to localhost:25,
> because that has already been decided at the pf(4) layer, i.e. spamd
> by definition never actually processes any mail in any way whatsoever?

spamd only has enough smtp to keep spambots occupied.  It never tries
to actually deliver anything at all.  Once a host is whitelisted
(assuming your config is roughly what it says in the docs), it never
sees spamd again and talks directly to your real mail daemon, which
likely has content filtering such as spamassassin and clamd on the
menu.  My personal recommendation is to take advantage of spamd's
excellent greylisting (the default mode, but AFAIK a lot more tuneable
than other greylisters) and supplement with sucking in known good
blacklists such as uatraps and nixspam.  And as you say that

> I have a *ton* of honeypot email addresses that are *guaranteed* to
> receive *only* spam.

you are only a breath away from implementing greytrapping.  Take those
together, and the content filtering produces a lot less load.

As for the choice of MTA, it's really a question of your personal
preferences.  I've done battle with sendmail, exim and postfix in the
past, and all of them have their good sides as well as their own
little set of oddities that you need to get used to.  OpenBSD's own
smptd shows great promise and may possibly be what you need.  If you
have the time and inclination, I would recommend looking into more
than one option before you decide on which one fits your needs and
general mindset.  The ones you have used before will seem familiar,
but all of them have evolved over the last few years.

> I'm not asking to be flamed, I haven't run my own mail server for a
> couple of years and things have changed a bit since then... but I am
> hoping I've provided enough detail that someone might be able to spot
> potential problems before I run into them.

You'll be all right, mate.  It sounds like you have a good grasp of the
issues already, and whatever else can go wrong, putting a plain
vanilla spamd in front of your mail server is bound to give you a much
more pleasant environment for solving any issues that might pop up.

- Peter
-- 
Peter N. M. Hansteen, member of the first RFC 1149 implementation team
http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/
"Remember to set the evil bit on all malicious network traffic"
delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.

Reply via email to