On Mon, 19 Nov 2007 22:05:02 -0700, Shane Harbour wrote:
>For the last few hours I've been knocking my head against my desk. I'm
>trying to setup spamd for the first time and keep receiving syntax
>errors on my redirect statements. My redirect statements are:
>
>nat-anchor "ftp-proxy/*"
>rdr-anchor "ftp-proxy/*"
>rdr on {$int_if, $wifi_if} proto tcp from any to any port 21 -> 127.0.0
>.1 port 8021
>
>##### spamd #####
>rdr on $ext_if inet proto tcp from <whitelist> to $mail_svcs port smtp
>-> $mail_svcs port smtp
>rdr on $ext_if inet proto tcp from <blacklist> to $mail_svcs port smtp
>-> 127.0.0.1 port spamd
>rdr on $ext_if inet proto tcp from <spamd> to $mail_svcs port smtp ->
>127.0.0.1 port spamd
>rdr on $ext_if inet proto tcp from <spamd-white> to $mail_svcs port smtp
>-> $mail_svcs port smtp
>rdr on $ext_if inet proto tcp from !<spamd-white> to $mail_svcs port
>smtp -> 127.0.0.1 port spamd
>#################
>
>My redirect for ftp-proxy works just fine. Every thing I've read (man
>pages, google, etc) says my syntax is right. I've tried making it
>identical to the statement in the pf.conf(5) and still got the same
>error so I figured I'd turn to more knowledgeable folks. I am using
>binat for my mail server and $mail_svcs contains my server IPs.
>
>I'm using 4.2-stable. Any help/info/pointers are very much appreciated.
>
Have a look at the default pf.conf that comes with 4.2, or at least the
rdr section as it applies to spamd. Notice anything outstandingly
different?
e.g. where is the table <spamd> in the original? That is just for
openers.
You mention binat. I don't see it anywhere.
Now for the prime question:
Why do you not run spamd on the mailserver?
Do the redirects or binats (very simply) on the firewall and let a very
simple pf.conf handle the mail server.
Life gets much easier ;-)
Oh, and if you come back, please include the entire pf.conf. We ain't
mindreaders.
BTW no need to copy me in reply, I'm on the list. Ta.
Rod/
/earth: write failed, file system is full
cp: /earth/creatures: No space left on device
