Re: hoststated/spamd
I still don't see how hosts in spamd-white are not sent to spamd.
what if a host is in spamd-white, but not in spamd-exempt..
-Bob
* Stuart Henderson [EMAIL PROTECTED] [2007-06-11 17:21]:
On 2007/06/08 16:02, Bob Beck wrote:
rdr-anchor hoststated/smtp from spamd-white
rdr proto tcp from !spamd-exempt to $MX port smtp - 127.0.0.1 port
spamd
The fact that those two table names are different looks suspiciously
wrong to me.
It took you pointing this out for me to work out exactly how anchors
with wildcards and host restrictions work, but it does work for me;
rdr-anchor hoststated/smtp from spamd-white
- spamd-white is handled by hoststated rules in the anchor,
rdr proto tcp from !spamd-exempt to $MX port smtp - 127.0.0.1 port spamd
- normal hosts hit this reasonably normal spamd rdr,
rdr-anchor hoststated/*
- spamd-exempt, holding hosts exempted from greylisting, has fallen
through from the first two; this and non-smtp services are handled by
hoststated rules.
--
#!/usr/bin/perl
if ((not 0 not 1) != (! 0 ! 1)) {
print Larry and Tom must smoke some really primo stuff...\n;
}
Re: hoststated/spamd
On 2007/06/12 09:04, Bob Beck wrote:
I still don't see how hosts in spamd-white are not sent to spamd.
what if a host is in spamd-white, but not in spamd-exempt..
# pfctl -sn -vv|grep -E '(smtp|hoststated)'
@0 rdr-anchor hoststated/smtp from spamd-white:1440 to any
@1 rdr inet proto tcp from ! spamd-exempt:122 to XXX port = smtp - 127.0.0.1
port 8025
@2 rdr inet proto tcp from ! spamd-exempt:122 to YYY port = smtp - 127.0.0.1
port 8025
@3 rdr-anchor hoststated/* all
hosts in spamd-white are handled by the anchor at @0 (see below)
hosts in spamd-exempt fall through this, past @1/@2, and hit the anchor at @3
now I worked out how to display translation rules under anchors
(pfctl -sn -a '*' doesn't recurse through them), so here they are:
# pfctl -sn -vv -a hoststated/smtp|grep smtp
@0 rdr on vlan2204 inet proto tcp from any to XXX port = smtp - smtp port 25
round-robin
@1 rdr on vlan2244 inet proto tcp from any to XXX port = smtp - smtp port 25
round-robin
@2 rdr on vlan2204 inet proto tcp from any to YYY port = smtp - smtp port 25
round-robin
@3 rdr on vlan2244 inet proto tcp from any to YYY port = smtp - smtp port 25
round-robin
..smtp parts of hoststated.conf:
table smtp-lb {
real port smtp
check send expect 220*SMTP*
host XXX
host YYY
}
service smtp {
virtual host XXX port smtp interface vlan2244
virtual host XXX port smtp interface vlan2204
virtual host YYY port smtp interface vlan2244
virtual host YYY port smtp interface vlan2204
table smtp-lb
}
Re: hoststated/spamd
On 2007/06/08 16:02, Bob Beck wrote: rdr-anchor hoststated/smtp from spamd-white rdr proto tcp from !spamd-exempt to $MX port smtp - 127.0.0.1 port spamd The fact that those two table names are different looks suspiciously wrong to me. It took you pointing this out for me to work out exactly how anchors with wildcards and host restrictions work, but it does work for me; rdr-anchor hoststated/smtp from spamd-white - spamd-white is handled by hoststated rules in the anchor, rdr proto tcp from !spamd-exempt to $MX port smtp - 127.0.0.1 port spamd - normal hosts hit this reasonably normal spamd rdr, rdr-anchor hoststated/* - spamd-exempt, holding hosts exempted from greylisting, has fallen through from the first two; this and non-smtp services are handled by hoststated rules.
hoststated/spamd
I'm feeling lazy today, has anyone already worked out how to use greylisting with a hoststated pool that would like to share config?
Re: hoststated/spamd
On 2007/06/08 16:51, Stuart Henderson wrote: I'm feeling lazy today, has anyone already worked out how to use greylisting with a hoststated pool that would like to share config? no takers? ok, well if anyone else needs it... (with 'service smtp' in hoststated.conf, otherwise change the anchor name accordingly): rdr-anchor hoststated/smtp from spamd-white rdr proto tcp from !spamd-exempt to $MX port smtp - 127.0.0.1 port spamd rdr-anchor hoststated/* I might just have come up with this sooner if it weren't for http://www.winkleighcider.com/?p=prodpound ...
Re: hoststated/spamd
rdr-anchor hoststated/smtp from spamd-white rdr proto tcp from !spamd-exempt to $MX port smtp - 127.0.0.1 port spamd The fact that those two table names are different looks suspiciously wrong to me. -Bob
