Hi Hasse & others,
I am now running in greylist mode again, to test this. Also running
spamd in verbose logging mode.
spamd -v
spamlogd -i egress
Sorry for only providing pf.conf snippets previously.
My previous pf.conf was a hierarchical one using anchors, not suitable
for posting. Here is a complete copy of a simple test pf.conf I have
made for this, and now have running.
#-----------------------------------------------------------------------
# defaults
#-----------------------------------------------------------------------
set loginterface egress
match in all scrub (no-df max-mss 1440)
antispoof quick for egress
pass all
block log on egress
pass out on egress
#-----------------------------------------------------------------------
# ssh
#-----------------------------------------------------------------------
table <ssh-black> persist file "/etc/pf/ssh-black"
table <ssh-white> persist file "/etc/pf/ssh-white"
pass in on egress inet proto tcp from <ssh-white> to egress port ssh
pass in on egress inet proto tcp from !<ssh-black> to egress port ssh \
flags S/SA modulate state \
(max-src-conn-rate 1/30, overload <ssh-black> flush)
#-----------------------------------------------------------------------
# authpf
#-----------------------------------------------------------------------
table <authpf_users> persist
pass in on egress from <authpf_users>
#-----------------------------------------------------------------------
# spamd - greylist mode
#-----------------------------------------------------------------------
table <spamd-white> persist
table <nospamd> persist file "/etc/mail/nospamd"
pass in on egress proto tcp from any to egress port smtp \
rdr-to 127.0.0.1 port spamd
pass in on egress proto tcp from <nospamd> to egress port smtp
pass in log on egress proto tcp from <spamd-white> to egress port smtp
pass out log on egress proto tcp to any port smtp
#-----------------------------------------------------------------------
The nospamd file does not have lists.openbsd.org in it. I will see
if it gets whitelisted. It should, as I have received an off-list
email from someone who has confirmed it does, with OpenBSD 5.1.
.d.d.
On Sun, May 27, 2012 at 11:14:11AM +0200, Geir Svalland wrote:
> Hello
>
> Just made a reply to the list of your last posting, but I will give it here
> to, just in case.
>
> If all the spamd settings are back to default, I would recommend trying to
> pinpoint where the problem is.
> Just to check if it could be something wrong with the syntax of your pf
> rules regarding spamd, just comment them out.
> pfctl -f /etc/pf.conf and run for a while and see if you receive any mails.
>
> /Hasse
>
> -----Ursprungligt meddelande-----
> Fr?n: David Diggles [mailto:[email protected]]
> Skickat: den 27 maj 2012 11:07
> Till: Geir Svalland
> ?mne: Re: Testmail from Thorshammare.org
>
> Hi Hasse,
>
> Thanks for the test email.
>
> I gave up on greylist for now and running in blacklist mode.
>
> Will wait and see if anyone else has useful ideas before trying again.
>
> The last few days has been a rapid learning curve that's for sure.
>
> .d.d.
>
> On Sun, May 27, 2012 at 10:43:39AM +0200, Geir Svalland wrote:
> > Hi David
> >
> > Just sending this test mail directly to your mail address to see if
> > it's getting through,
> >
> > Or what kind of error message I will receive.
> >
> >
> >
> > /Hasse
