In response to various tidbits that popped up in this thread, I put
together some notes on setting up a sane email system, in a "works for
me" article:
http://bsdly.blogspot.com/2012/05/in-name-of-sane-email-setting-up-spamd.html
--
Peter N. M. Hansteen, member of the first RFC 1149 implementatio
* David Diggles [2012-05-28 02:44]:
> Why shouldn't I?
>
> These guys do in their example.
> https://calomel.org/spamd_config.html
that alone is a reason to not do it.
really, everything on calomel.org is garbage. you are best off to
ignore it.
i wish somebody would track this guy don, explain
David Diggles writes:
> So there you have it. Don't use spamd with greytrapping if your
> secondary MX is going to deliver a bounce. It will confuse SMTP
> servers into giving up.
Secondary MXes that are not set up to actually receive mail for your
domain is one thing (annoying, but just a sim
On 2012-05-27, David Diggles wrote:
>>From: Stuart Henderson
>>Date: 2012-05-27 22:29:50
>>
>>On 2012-05-27, David Diggles wrote:
>>> Bummer, I have forgotten to pflog the spamd connections to lo0
>>
>>So this breaks spamlogd which means servers will expire from the
>>greylist even i
On 2012-05-28, David Diggles wrote:
> So there you have it. Don't use spamd with greytrapping if your
> secondary MX is going to deliver a bounce. It will confuse SMTP
> servers into giving up.
well, that doesn't just apply to spamd.. you are better off not listing
a secondary MX unless it's A)
So there you have it. Don't use spamd with greytrapping if your
secondary MX is going to deliver a bounce. It will confuse SMTP
servers into giving up.
On Mon, May 28, 2012 at 03:38:16PM +1000, David Diggles wrote:
> I had a secondary MX defined in DNS for elven.com.au that
> is not yet configur
Solved!
I caused the cause of the problem with misconfigured DNS.
I had a secondary MX defined in DNS for elven.com.au that
is not yet configured to receive for elven.com.au.
I tested again from work, and got this error:
- The following addresses had permanent fatal errors -
da...@el
-Ursprungligt meddelande-
Fren: owner-m...@openbsd.org [mailto:owner-m...@openbsd.org] Fvr David
Diggles
Skickat: den 28 maj 2012 03:54
Till: misc@openbsd.org
Dmne: Re: spamd greylisting: false positives
Ok, I searched calomel and had a good laugh.
"smells like calomel"
Gr
Ok, I searched calomel and had a good laugh.
"smells like calomel"
Ok, I took synproxy out. What about modulate state?
The pf.conf example in spamd(8) does not include it.
I think I can guess, the answer will be: not needed
Oh, thanks for the heads up about calomel.org. Someone else
on list recommended it to me.
David Diggles writes:
>>But why are you synproxying for spamd?
>
> Why shouldn't I?
The synproxy was added way back as a way to protect back ends that were
less intelligent about connection setup and IIRC even had one or more
known SYN-related vulnerabilities, so we had a way to only pass valid,
>>But why are you synproxying for spamd?
>
> Why shouldn't I?
>
> These guys do in their example.
> https://calomel.org/spamd_config.html
don't ever recommend calomel on a openbsd mailing list, search the
archives for why.
here's a hint: they work "spectacularly"
It amazes me that nobody has yet given you the calomel warning.
Not the best source of clues. That is the most polite comment you will
see about that website.
On Mon, 28 May 2012 10:43:08 +1000, David Diggles wrote:
>These guys do in their example.
>https://calomel.org/spamd_config.html
>
>>delil
>List: openbsd-misc
>Subject: Re: spamd greylisting: false positives
>From: peter () bsdly ! net (Peter N ! M ! Hansteen)
>Date: 2012-05-27 23:19:47
>Message-ID: 87sjel43fw.fsf () deeperthought ! bsdly ! net
>[Download message RAW]
>
>> Or did you
On Sun, May 27, 2012 at 7:19 PM, Peter N. M. Hansteen
wrote:
> David Diggles writes:
>
>> Or did you mean, this breaks spamlogd, rather?
>>
>> pass in on egress proto tcp from any to egress \
>> port smtp rdr-to 127.0.0.1 port spamd synproxy state
>>
>> This is what it was. The logging is on
David Diggles writes:
> Or did you mean, this breaks spamlogd, rather?
>
> pass in on egress proto tcp from any to egress \
> port smtp rdr-to 127.0.0.1 port spamd synproxy state
>
> This is what it was. The logging is on now.
The important ones to log are the rules that pass smtp traffic f
Or did you mean, this breaks spamlogd, rather?
pass in on egress proto tcp from any to egress \
port smtp rdr-to 127.0.0.1 port spamd synproxy state
This is what it was. The logging is on now.
On Mon, May 28, 2012 at 08:53:09AM +1000, David Diggles wrote:
> >From: Stuart Henderson
>
>From: Stuart Henderson
>Date: 2012-05-27 22:29:50
>
>On 2012-05-27, David Diggles wrote:
>> Bummer, I have forgotten to pflog the spamd connections to lo0
>
>So this breaks spamlogd which means servers will expire from the
>greylist even if they mail you regularly..
Do you mean this
On 2012-05-27, David Diggles wrote:
> Bummer, I have forgotten to pflog the spamd connections to lo0
So this breaks spamlogd which means servers will expire from the
greylist even if they mail you regularly..
After sleeping on it 6 hours, this is what I can report from
the logs.
root@skitL:log:0# cat spamd|fgrep 192.43.244.163|fgrep "May 28"
May 28 00:07:55 skitL spamd[21325]: 192.43.244.163: connected (1/0)
May 28 00:08:06 skitL spamd[21325]: (GREY) 192.43.244.163:
->
May 28 00:08:07 skitL spamd[21
Just made a minor change to pf.conf, to modulate state all tcp
and keep state all udp:
I am getting tired, it is late here. Hope I have not made any
silly mistakes in this :D
#---
# defaults
#
Hi everyone, sorry about the whiney tone.
I am really appreciating all the help.
On Sunday 27 May 2012, David Diggles wrote:
> This may seem like a dead horse to some by now, but I am disappointed
On 2012-05-27, David Diggles wrote:
>> What do you mean by "running in blacklist mode" ?
>> Which settings are different from Grey trapping ?
>> Are Openbsd mailing list the only list or mail you have problems with ?
>>
>> /Hasse
>
> By blacklist mode, I mean this:
>
> spamd -b
> spamd-setup -b
>
Hi David,
On 2012-05-27 11.51, David Diggles wrote:
>> Hi again David.
>> If all the spamd settings are back to default, I would recommend trying to
>> pinpoint where the problem is.
>> Just to check if it could be something wrong with the syntax of your pf
>> rules regarding spamd, just comment t
> What do you mean by "running in blacklist mode" ?
> Which settings are different from Grey trapping ?
> Are Openbsd mailing list the only list or mail you have problems with ?
>
> /Hasse
By blacklist mode, I mean this:
spamd -b
spamd-setup -b
pf.conf:
table persist
pass in on egress proto tc
> Hi again David.
> If all the spamd settings are back to default, I would recommend trying to
> pinpoint where the problem is.
> Just to check if it could be something wrong with the syntax of your pf
> rules regarding spamd, just comment them out.
> pfctl -f /etc/pf.conf and run for a while and s
-Ursprungligt meddelande-
Fren: owner-m...@openbsd.org [mailto:owner-m...@openbsd.org] Fvr David
Diggles
Skickat: den 27 maj 2012 02:53
Till: misc@openbsd.org
Dmne: Re: spamd greylisting: false positives
This may seem like a dead horse to some by now, but I am disappointed no one
replied
This may seem like a dead horse to some by now, but I am disappointed
no one replied to the msg, I supplied the detailed event information with
timestamps, regarding lists.openbsd.org mails not being whitelisted by
spamd when run in greylist mode.
RFC282, 4.5.4.1 Sending Strategy:
The sender M
On 2012-05-25, David Diggles wrote:
> I wasn't receiving email, from lists.openbsd.org and also from my
> work email address, until I added the respective smtp servers to
> the whitelist table in pf.
do you have spamlogd running?
> Seriously though, if I have to keep manually adding smtp servers
Ok I am still not getting emails from
lists.openbsd.org (so please if you reply, cc to me).
I restarted spamd at this time after deleting /var/db/spamd and
clearing the bypass tables in pf at this time:
2012-05-26 02:13:12 # /usr/libexec/spamd
Here is the last message to make it to sendm
Thanks for also replying directly. Since I cleared
override table in pf, I am no longer receiving emails from misc.
> >I wasn't receiving email, from lists.openbsd.org and also from my
> >work email address, until I added the respective smtp servers to
> >the whitelist table in pf.
>
> >I could
On Sat, May 26, 2012 at 01:50:40AM +1000, David Diggles wrote:
> I will go ahead and flush the spamdb database, and the pf tables
> and start over with default everything, no whitelist pf entries.
spamd acts up for me occasionally. In such cases I just
/etc/rc.d/spamd stop
rm /var/db/spamd
/e
On 25.05.2012 10:50, David Diggles wrote:
I wasn't receiving email, from lists.openbsd.org and also from my
work email address, until I added the respective smtp servers to
the whitelist table in pf.
I could see them in the greylist when I typed spamdb.
In the greylist, or in the whitelist (bo
I wasn't receiving email, from lists.openbsd.org and also from my
work email address, until I added the respective smtp servers to
the whitelist table in pf.
I could see them in the greylist when I typed spamdb.
Yes. I did misunderstand the spamd log entry about deletion.
Though I would not both
David Diggles wrote:
I am now trying it with -G120:6:864
Although I can't think how to reproduce the problem in a controlled way,
other than wait and see what emails I don't get :/
Stop playing with those settings, you are freaking out about log entries
that don't mean what you think they mea
bsd.org
> Dmne: Re: spamd greylisting: false positives
>
> I am now trying it with -G120:6:864
>
> Although I can't think how to reproduce the problem in a controlled way,
> other than wait and see what emails I don't get :/
>
> On Fri, May 25, 2012 at 02:07:33AM
-Ursprungligt meddelande-
Fren: owner-m...@openbsd.org [mailto:owner-m...@openbsd.org] Fvr David
Diggles
Skickat: den 25 maj 2012 11:14
Till: misc@openbsd.org
Dmne: Re: spamd greylisting: false positives
I am now trying it with -G120:6:864
Although I can't think how to reproduc
-Ursprungligt meddelande-
Fren: owner-m...@openbsd.org [mailto:owner-m...@openbsd.org] Fvr David
Diggles
Skickat: den 25 maj 2012 11:14
Till: misc@openbsd.org
Dmne: Re: spamd greylisting: false positives
I am now trying it with -G120:6:864
Although I can't think how to reproduc
On Fri, 25 May 2012 17:22:04 +1000
David Diggles wrote:
> Eg: lists.openbsd.org failed with default grey settings in spamd.
I find it hard to believe lists.openbsd.org isn't RFC compliant. I
guess you have another problem.
If you send me an address privately. I'll send a mail from Yahoo. I
know
* David Diggles [2012-05-25 09:18]:
> Like I said, it was in default mode when this behavior
> started. Now I am messin with the timings trying to
> overcome this dropping of messages.
>
> Are you saying I should be increasing this from 25 minutes?
the defaults are fine, afaict almost everybody
I am now trying it with -G120:6:864
Although I can't think how to reproduce the problem in a controlled way,
other than wait and see what emails I don't get :/
On Fri, May 25, 2012 at 02:07:33AM -0500, Matthew Weigel wrote:
> On 25.05.2012 01:09, David Diggles wrote:
> >Can messages get dropped i
Oh, so if I am relying on remote mailservers being configured
to resend after a temporary failure, how do I second guess
the time intervals they are configured with? If they even
resend at all?
Eg: lists.openbsd.org failed with default grey settings in spamd.
I guess I don't have the skills to r
Like I said, it was in default mode when this behavior
started. Now I am messin with the timings trying to
overcome this dropping of messages.
Are you saying I should be increasing this from 25 minutes?
On Fri, May 25, 2012 at 02:03:03AM -0500, Matthew Weigel wrote:
> On 25.05.2012 01:09, David
On Thu, May 24, 2012 at 11:09 PM, David Diggles wrote:
> Can messages get dropped if mail servers fail to resend within
> time interval, after receiving the initial temporary failure message?
>
Yes, but that is entirely up to the sending mailserver.
If you do not receive a message that was initi
On 25.05.2012 01:09, David Diggles wrote:
Can messages get dropped if mail servers fail to resend within
time interval, after receiving the initial temporary failure message?
It's dropped when it's first received, and it will continue to get
dropped
until passtime minutes have passed. If it i
On 25.05.2012 01:09, David Diggles wrote:
Can messages get dropped if mail servers fail to resend within
time interval, after receiving the initial temporary failure message?
A qualified "yes." The message isn't dropped if the sending server
fails
to resend before greyexp hours, it is dropped
Here are the logs for my failed attempts at joining the
misc mailing list.
All with default spamd settings.
Like I said, it did not succeed until I added lists.openbsd.org
to the /etc/mail/nospamd and reloaded the pf rule.
May 15 23:48:58 mx spamd[6698]: new entry 192.43.244.163 from
to , helo
Can messages get dropped if mail servers fail to resend within
time interval, after receiving the initial temporary failure message?
/var/log/spamd
spamd[11000]: queueing deletion of x.x.x.x mx1.example.com
spamd[11000]: queueing deletion of y.y.y.y mx2.example.com
Both of these emails I wished to receive, as I corresponded
with them yesterday. :(
I am now trying spamd with the following:
/usr/libexec/spamd -d -G5:1:864
Since upgrading from 4.9 to 5.1, I am getting a lot of false positives
with spamd running in greylisting mode, from email addresses I
previously did not.
A number of false negatives are still getting through, too.
Eg: I needed to add lists.openbsd.org to /etc/mail/nospamd to receive
messages from
50 matches
Mail list logo
