Hello,
I have found the article
http://undeadly.org/cgi?action=article&sid=20061108134508 and tried to
setup such a bridge with OpenBSD 4.1.
Now before I go to deep into my setup, I have just one very basic
question which still confuses me, and for me basically explains why my
setup doesn't work.
As far as I understood the article I am setting up a bridge with an ip
assigned [1.1.1.5/24] to the external interface in front of my
mailserver [1.1.1.35/24].
Now given the pf rules from above URL and spamd configured and running,
I see the following problem:
case 1: src host is whitelisted, connection is allowed to 1.1.1.35,
everything works fine.
case 2: src host is grey-/blacklisted and therefor redirected to
127.0.0.1, in this case i get just a timeout when i try to telnet to
port 25 of 1.1.1.35 which as I understand is caused by many reasons,
among them that the src hosts expects tcp packets only from 1.1.1.35 and
not from 1.1.1.5 which is the only ip from which the bridges spamd could
use to talk to the src host (sender mta).
I have exhausted google in this matter and I know I must be
doing/thinking somehting the completely wrong way(tm), but still i am
just stuck in my understanding of how this could/should work and
therefor having a hard time to get my test setup running obviously;-)
Any hint, reading pointer, link etc. would be highly appreciated.
Thanks in advance for any helpful kick in the right direction,
Christoph
--
"Quis custodiet ipsos custodes?"
