On Sat, Mar 20, 2004 at 08:01:49PM +0100, the entity calling itself Jacek Artymiak
stated:
>
> >I have a single file being used by relaydb. It contains whitelist and
> >blacklist.
> >
> >Currently running pf fine with a spamd table containing many spam
> >addresses.
> >Using spamd-setup wtih RBL list and local spamassasin entries.
> >
> >How do I delete an IP from the blacklist ?
> >
> >How do I add an IP to the whitelist ?
> >
>
> Maybe this will be of some help:
>
> http://www.devguide.net/books/openbsdfw-02-ed/spamd-02.pdf
>
There's nothing about relaydb in that passage, but first and foremost
try 'man relaydb'. The key passages are:
"relaydb doesn't itself classify mails as legitimate or spam"
AND
"relaydb reads a single mail from stdin"
Beyond that, you need to define "single file" - which file are you
talking about? Do you mean the .relaydb database file that relaydb uses
to store its whitelist and blacklist ip addresses, or are you referrring
to a file named in /etc/spamd.conf?
There are a number of ways to go about this, but I use relaydb as
follows:
When a spam message arrives in my inbox, I pipe the message to relaydb.
How you do this will depend on which MUA you use. In pine for example,
the keystroke sequence is this:
Pipe: |
Raw Text: ^w
Pipe message to: relaydb -b
Alternatively, if it's a message I want to whitelist:
Pipe message to: relaydb -w
At this point, the IP address that delivered the message to my inbox
(let's call it a.b.c.d) is now included in my .relaydb database file
(i.e. /home/jaymo/.relaydb)
But it's not doing me much good just sitting there in my .relaydb file.
I want to redirect future connections from this IP to spamd, but before
this will happen, a.b.c.d must be added to my <spamd> table that pf
reads.
I make this happen with a couple of crontab entries (actually it's a
single entry to run a simple Perl script, but it could be done entirely
in cron):
1. use relaydb to write out a file with the current blacklist:
relaydb -lb -f /home/jaymo/lists/spammers.txt (or similar)
2. run spamd-setup:
/usr/libexec/spamd-setup
Assuming that the file /home/jaymo/lists/spammers.txt is appropriately
identified in /etc/spamd.conf future connections from the host a.b.c.d
to port 25 will be redirected to spamd (i.e. they have been thrown into
my tarpit).
If I realize later that I made a mistake (e.g. -b when I meant -w), I
pipe the message through relaydb once again using -r; i.e.
Pipe message to: relaydb -rb
Next time my crontab entries run, the <spamd> table is updated, and this
IP is no longer included (assuming his "black count" was 1).
Again - this is how I do it; I'm not holding this up as "the" way to do
it. Hope this helps you understand the steps in the process.
Best Rgds,
Jay
