On Mon, Feb 16, 2009 at 2:29 PM, jmc <[email protected]> wrote: > i'm trying to deal with mail providers like gmail that have pools of > outgoing smtp servers that shuffle among them for mail delivery. > > in the case of gmail, i've taken the output of 'dig txt _spf.google.com. > +short', parsed it appropriately, and added it to table spamd-mywhite. > (in short, i write to /etc/mail/spamd-mywhite and then use pfctl to load > up the table). > > relevant pf.conf snippet: > > table <spamd-mywhite> persist file "/etc/mail/spamd-mywhite" > > rdr pass inet proto tcp from <spamd> to any port smtp -> 127.0.0.1 port spamd > rdr pass inet proto tcp from !<spamd-white> to any port smtp -> 127.0.0.1 > port spamd > rdr pass inet proto tcp from <spamd-white> to any port smtp -> 127.0.0.1 port > smtp > rdr pass inet proto tcp from <spamd-mywhite> to any port smtp -> 127.0.0.1 > port smtp > > right now, my spamd is stuttering at some gmail addresses, which test > positively that they are in spamd-mywhite, and thus i *believe* should > be handed off directly to smtp given my rules. mail from sourceforge.com > (_spf.sourceforge.com.), mail from facebook.com, and mail from > nytimes.com all apparently worked OK, and don't get stuttered at. i'm > running 4.4-STABLE, unmodified GENERIC kernel, FWIW. > > === j...@cosmicnetworks (ttyp3) ~ {2094} <0>--> sudo /sbin/pfctl -T test -t > spamd-mywhite 72.14.220.153 > 1/1 addresses match. > === j...@cosmicnetworks (ttyp3) ~ {2095} <0>--> sudo /sbin/pfctl -T test -t > spamd-mywhite 209.85.218.176 > 1/1 addresses match. > === j...@cosmicnetworks (ttyp3) ~ {2096} <0>--> > > for brevity sake, i didn't include my entire pf.conf. if it would help, > i can share. i just feel i'm missing something really simple and stupid > here. > > --john > >
table <spamd-mywhite> persist file "/etc/mail/spamd-mywhite" rdr pass inet proto tcp from <spamd> to any port smtp -> 127.0.0.1 port spamd rdr pass inet proto tcp from <spamd-mywhite> to any port smtp -> 127.0.0.1 port smtp rdr pass inet proto tcp from !<spamd-white> to any port smtp -> 127.0.0.1 port spamd rdr pass inet proto tcp from <spamd-white> to any port smtp -> 127.0.0.1 port smtp There you go. -HKS
