Ken wrote: > We use spamd grey listing to combat spam. Works great. Gmail's mail > servers pose a problem, however, in that they requeue mail from > different mta's, resulting in subsequent delivery attempts coming from > many different IP addresses, wh/eventually time out and get blacklisted.
My only successful workaround was to whitelist gmail. I have a text file in /etc/mail containing the results of the following far-from-pretty command: dig _spf.google.com TXT + short | tr "\ " "\n" | grep ip4: | cut -d: -f2 | sort -n That gives me a concise list of the broad IP ranges that gmail uses for outbound MTAs. Today, it looked like: 64.18.0.0/20 64.233.160.0/19 66.102.0.0/20 66.249.80.0/20 72.14.192.0/18 74.125.0.0/16 207.126.144.0/20 209.85.128.0/17 216.239.32.0/19 This list changes periodically. The first entry, for example, is not in my current ruleset for gmail. I then have the following rules in my pf.conf, just like what you need to have for spamd to ever whitelist anyone: table <gmail-white> persist file "/etc/mail/gmail.txt" no rdr on $ext_if proto tcp from <gmail-white> to any port smtp --Kyle
