I'd fully agree with you though and not run anything on the firewall
other than the firewall services. if you list your spamd box as a
secondary mx, it will get sh*tloads of spam, so it does serve a sort of
spam fighting service in a sense... :/
On 04/01/11 08:31, Jostein Elvaker Haande wrote:
On 1 April 2011 17:21, Derrick MacPherson<derrickmacpher...@gmail.com> wrote:
at one time, spamd ran on pfsense, is that no longer true?
http://blog.pfsense.org/?p=78
spamd - version Beta 4.8.0 platform: 1.2.1 - No info, check the forum
«Tarpits like spamd are fake SMTP servers, which accept connections
but don't deliver mail. Instead, they keep the connections open and
reply very slowly. If the peer is patient enough to actually complete
the SMTP dialogue (which will take ten minutes or more), the tarpit
returns a 'temporary error' code (4xx), which indicates that the mail
could not be delivered successfully and that the sender should keep
the mail in their queue and retry again later.»
The above is from available packages in 2.0RC1.
As you can read from the description, this doesn't really do much
other than to trick the sending end into either giving up or to make
them think that there's an error in transmission. It never actually
*delivers* any mail to users mailboxes.
From what I can gather, is that John wants a content filter to filter
away spam emails. This is, as I've said earlier, much better achieved
by running a service such as SpamAssassin on the mail server itself,
both for the added performance of having the MTA and content filter on
the same machine, but also the fact that segmentation of services is
the only sane thing to do to keep a network secure. Running such a
service on the ingress point (read: pfSense) can potentially open up
for all sorts of unwanted side effects imho.
Personally I've had great success with postfix + spamassassin +
amavisd-new, and would highly recommend going down that path.
Just my two cents.
---------------------------------------------------------------------
To unsubscribe, e-mail: discussion-unsubscr...@pfsense.com
For additional commands, e-mail: discussion-h...@pfsense.com
Commercial support available - https://portal.pfsense.org
