On Fri, Apr 07, 2006 at 10:49:06AM -0600, Jeff Ross wrote: > > > On Fri, 7 Apr 2006, David Hill wrote: > > >On Fri, Apr 07, 2006 at 09:41:56AM -0600, Jeff Ross wrote: > >>Hi all, > >> > >>I've had several users reporting that mail to them from gmail and aol > >>accounts has been bouncing. I finally got my hands on the bounce > >>messages from one of the gmail messages. Two were Delivery Status > >>Notifications like this: > >> > >>Delivery to the following recipient has been delayed: > >> > >> [EMAIL PROTECTED] > >> > >>Message will be retried for 1 more day(s) > >> > >>Technical details of temporary failure: > >> > >>TEMP_FAILURE: Could not initiate SMTP conversation with any hosts: > >>[ a.mx.openvistas.net. (0): Connection dropped] > >> > >>culminating in the failure notice of: > >> > >>This is an automatically generated Delivery Status Notification > >> > >>Delivery to the following recipient failed permanently: > >> > >> [EMAIL PROTECTED] > >> > >>Technical details of permanent failure: > >>TEMP_FAILURE: Probe failed: Server Too Busy > >> > >>I have the following gmail servers whitelisted in my /etc/whitelist > >> > >>#gmail > >>64.233.162.192/28 # zproxy gmail > >>64.233.170.192/28 # rproxy gmail > >>64.233.182.192/28 # nproxy gmail > >>64.233.184.192/28 # wproxy gmail > >>66.249.82.192/28 # xproxy gmail > >>66.249.92.192/28 # uproxy gmail > >>216.239.56.240/28 # mproxy gmail > >> > >>and, indeed, I don't see _any_ legitimate gmail addresses in spamdb. > >>Right now there are two separate IP addresses allegedly from gmail > >>accounts, but imagine my surprise that both resolve to something else > >>entirely. > >> > >>spamdb is running with the system defaults with the exception of the port > >>/usr/libexec/spamd -v -p 8024 -G 25:4:864 -g > >> > >>spamd.conf is using the China, Korea, Bob Beck's trapped list, and my > >>own personal whitelist and blacklist. > >> > >>My next debugging attempt will be to have someone with a gmail account > >>send mail while I'm running tcpdump on port 25. > >> > >>Has anyone else running spamd seen this? From my qmail logs, I see mail > >>from gmail servers through March 23, but none since then. > >> > >>Thanks, > >> > >>Jeff > >> > > > >spamd's whitelist is really a non-blacklist. If gmail changes what > >server IP the mail is coming from each time it retries the email, which > >is bad for greylisting. > > > >If you truly want to whitelist them, try something like this: > > > ># pf.conf > >table <mail-white> persist file "/var/mail/whitelist.txt" > > > ># put before !<spamd-white> rdr > >rdr on $ext inet proto tcp from <mail-white> to $ext:0 \ > > port smtp -> $ext:0 port smtp > > > > > > Right, I forgot to add that to my mail. I'm doing just that. > > table <spamd> persist > table <spamd-white> persist > table <whitelist> persist file "/etc/whitelist" > table <zombies> persist > > #scrub rules > scrub in on $if_ext all > scrub out on $if_ext all > > no rdr on { lo0, lo1 } from any to any > rdr pass on $if_ext proto tcp from <whitelist> to port smtp \ > -> ($if_ext) port 25 > rdr pass on $if_ext proto tcp from !<spamd-white> to port smtp \ > -> 127.0.0.1 port 8024 > #rdr on $if_ext inet proto tcp from port 8025 -> 127.0.0.1 port 465 > rdr pass on $if_ext proto tcp from any to any port 8025 -> 127.0.0.1 \ > port 465 > > Thanks for the reply! > > Jeff
Since you are passing -v to spamd, have you grep -i'd /var/log/daemon for gmail? David