Hi,
Is it possible to know how many SMTP legitimate SMTP connections
have passed through SPAMD?
In a setup like,
no rdr on $ext_if proto tcp from to any port smtp
rdr pass on $ext_if proto tcp from any to any port smtp \
-> 127.0.0.1 port spamd
Can I assume the number of evaluations of
Hi,
I posted a question earlier, but I guess I was not clear.
I have a firewall running OpenBSD 4.2 and SPAMD to block spams.
I would like to know how many legitimate email messages SPAMD
is letting in. The default spamd setup that comes in pf.conf is
no rdr on $ext_if proto tcp from to any por
Hi,
I would like to know if this is possible and how, regardless of what
happenned with other applications.
I would like to setup PF so that, whenever an initial voip flow was
detetcted, all other non relevant traffic would be blocked, and normal
packet flow being restored only after some voip id
Hi,
Thanks for your insights.
> - Original Message -
> From: scott <[EMAIL PROTECTED]>
> 1. Your topology: On the "inside" lan, are you hosting clients or
> service? So is this an outside-to-inside -or- an inside-to-outside
> problem?
VoIP Clients. ATAs. This is an inside-to-outside
Hi Stuart and the others,
> > pass out queue (std_out,lowdelay)
>
> here, you place ACKs from downloads at a higher priority than
> your voip calls. this is unlikely to be what you want with priq
> over a 140Kb/s link..
>
> there are some other things you could look at too but changing
> this woul
Hi,
I am trying to use the greyscanner within my anti-spam firewall.
I installed some of the mentioned packages:
# pkg_info
gettext-0.14.6p0GNU gettext
libiconv-1.9.2p3character set conversion library
logsentry-1.1.1p2 logfile auditing tool
lsof-4.77p0 list information about op
Hi,
I did forget to mention I am running 4.2 STABLE on a
i386 machine.
Regards,
Jeff.
OpenBSD 4.2-stable (GENERIC) #0: Wed Dec 12 16:32:58 BRT 2007
OpenBSD.i386
--
Want an e-mail address like mine?
Get a free e-mail account today at www.mail.com!
Hi,
I need to setup a bridge to run spamd in greylisting mode.
Since there have been some changes in spamd recently and
the ruleset that appeared in the article in the OpenBSD
Journal in the past
(http://undeadly.org/cgi?action=article&sid=20061108134508)
is more appropriate for blacklist mode, I
Hi,
Looking at some setups used in the past for spamd, I noticed that
many prefer to use a separate internal NIC to connect to each MX
instead of using the internal spamd NIC connected to a switch,
where all MXs would be, including possibly other sub-domain MXs.
Is there anything wrong or inadeq
Hi,
I am new to OpenBSD and SPAMD, so forgive if I say stupid questions.
1. When run in default mode (greylist), spamd knows the spammers come
from blacklists in spamd.conf. But there is no spamd table in PF.
How?
2. Is there one way to know how many and which are the blacklisted
hosts at the mo
Hi,
Thank you.
Can I assume that all connected/disconnected messages I see in /var/log/daemon
are
from blacklisted hosts or some are still greylisted (undefined)?
Regards,
Jeff
--
Get a Free E-mail Account at Mail.com!
Choose From 100+ Personalized Domains
Visit http://www.mail.com today
Hi,
Thank you very much.
> If they are blacklisted, the connected/disconntected message
> will name the blacklist(s) they are on. if they are greylisted, there
> will be no mention of lists in the log message. For example, from my logs,
So if the host is greylisted the connection should not last
Hi,
The default setup in pf.conf makes spamd work on both
directions:
#no rdr on $ext_if proto tcp from to any port smtp
#rdr pass on $ext_if proto tcp from any to any port smtp \
# -> 127.0.0.1 port spamd
What is the best way to tell PF that spamd should work only
on inbound traffic?
Th
Hi,
I am trying to setup a DHCP server on a multi-homed firewall. One of the
interfaces is vr0 and should supply addresses 172.16.255.x/24. The other
is sk0 and should supply 200.232.140.x/24.
My /etc/dhcpd.interfaces looks like
sk0
vr0
My /etc/dhcpd.conf looks like
shared-network LOCAL-NET {
,
Jeff.
- Original Message -
From: "Brian A. Seklecki"
To: "Jeff Santos"
Subject: Re: dhcp server with 2 interfaces and 2 different subnets
Date: Tue, 12 Jun 2007 16:25:24 -0400 (EDT)
The following:
$ sudo tcpdump -i vr0 "port bootpc || port bootps"
Hi,
I keep getting these "punt RTM_ADD without gateway" in my /var/log/messages
from the routed daemon. Once in a while, I get RTM_LOSING as well.
I noticed that, even with a static default route, every now and then I
try to ping the default gateway, I get ping: sendto: No route to host.
I saw a
Hi,
Thank you very much.
netstat -ni will not show a single error on any of the three interfaces.
I do not think it has anything to do with PF, because the problem
happens even with a pass quick rule.
I use dlink DGE-530T nics and one onboard vr0.
sk0: flags=8843 mtu 1500
lladdr 00:13:
Hi,
> If enough packets are lost to prevent ARP from getting through, you
> might see that.
Even if I use permanent ARP addresses, the problem continues to happen.
One funny thing is that I had a shell window with an active successful
ping to ftp.openbsd.org. In another window, after setting PKG
Hi,
Other than a hardware problem (interface, switch, cabling, etc.),
What could cause such an error?
I have an OpenBSD 4.1 station configured as a firewall/router,
in which the internal interface has address 200.232.120.1/24
and the external interface has address 200.232.140.3/24.
Even when I t
Hi,
I am running OpenBSD 4.1 on a firewall/router.
For some unknown reason (to me), whenever I start the command
nice route monitor
after a little while, I begin to get an enormous quantity of
messages like:
got message of size 104 on ...
RTM_MISS: Lookup failed on this address: len 104, table
OK...
I know I did not give enough information to allow people help.
So here are some more.
The firewall works fine running routed most of the time. It is
running 4.1-STABLE (below is a dmesg).
I see a lot of interrupts on both internal and external interfaces
sk0 and sk1. Something like 3600. T
Hi,
Suppose I have an anchor in PF that, when some condition
is met, is loaded with a set of block rules.
If the condition is met, the connections that were
open before these blcok rules were loaded to the
anchor are not dropped, correct?
If so, is there some way to selectively drop some
connect
22 matches
Mail list logo
