On Sat, Jan 27, 2007 at 05:17:04PM +0000, John . wrote:
> ...It gets lots of mail, and it has about 30 users on it. It has one NIC.
> I want to use PF to control spam.
>
> Question is, the pf.conf seems to want 2 interfaces in order to do
> this.. Is it permissable to set int_if and ext_if to be the same (same
> IP) or should I clone the interface? or is there another way that I
> haven't thought of?
PF (and spamd) can be used as a termination point, the machine running
spamd does not need to be a router.
Here is an exerpt from my pf.conf configuration for spamd, where PF is
running on the mail server:
------
# <spamd> is automatically maintained by spamd(8) and related apps.
# <spamd-white> is automatically maintained by spamd(8) and related apps.
# <mywhite> is a manually maintained whitelist
table <spamd> persist
table <spamd-white> persist
table <mywhite> persist file "/etc/whitelist"
.
.
.
# redirect blacklisted and greylisted email connections
#
rdr pass log proto tcp from <spamd> to any port smtp \
-> 127.0.0.1 port spamd
# do not redirect whitelisted:
#
no rdr proto tcp from <mywhite> to any port smtp
# redirect everything else not in spamdb's whitelist:
rdr pass log proto tcp from !<spamd-white> to any port smtp \
-> 127.0.0.1 port spamd
.
.
.
