SPAMD stop passing mail from WHITE-list
Peter N. M. Hansteen
peter at bsdly.net
Sat Feb 3 19:37:34 UTC 2007
???????? ???????? <msgs_for_me at mail.ru> writes:
> I have spamd configured like in
> http://home.nuug.no/~peter/pf/en/spamd.html
> with greylisting enabled
>
> and i meet some problems with it:
Well, you have my attention. I am would be very interested in getting
to know about any inaccuracies in that document, and certainly any
that trip people up.
> 1. My 2 FreeBSD routers stopped to pass mail from WHITE-list. First
> one - when spamd grows to 500 Megabytes. Second - 350 Meg.
At the point where things stop working, what content does the
whitelist table have? ie, anything recognizable or (incredibly) zero
size? One possibility - a far fetched one, admittedly - is that
hosts in your whitelist got themselves greytrapped (if you did set
that up).
> When I do:
> cat /dev/null > /var/db/spamd
> all starts to work again
This sounds like somehow your initally whitelisted hosts got
themselves blacklisted, or the whitelist is somehow bypassed.
> 2. If i have some malware on my PC and use mail-client program. If I
> send the same message some times I automatically get into WHITE-list
> and my malware can spam as much as it must?
If your malware manages to behave RFC-correctly, that is, resend after
what the greylisting host considers a reasonable interval, it will
manage to send whatever it's trying to send.
--
Peter N. M. Hansteen, member of the first RFC 1149 implementation team
http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/
"First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales"
delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
More information about the freebsd-pf
mailing list