pf+spamd's 'verbosity' has gone missing

Olli Hauer ohauer at gmx.de
Fri May 4 19:05:45 UTC 2007 

On Fri, 2007-05-04 at 11:22 -0700, snowcrash wrote:
> hi,
> > OK, the line in syslog.conf looks fine.
> > Verbose logging is done with facility debug and the line catch this.
> >
> > Do you have some entries in the /var/log/debug.log ?
> 
> hmmm. interesting.  in /var/log/debug.log i've a few instances of
> 'verbose' spamd output, e.g.,
> 
> ...
> May  3 03:47:39 router spamd[6565]: 72.3.240.53: Body: <!DOCTYPE HTML
> PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
> May  3 03:47:39 router spamd[6565]: 72.3.240.53: Body: <HTML><HEAD>
> May  3 03:47:39 router spamd[6565]: 72.3.240.53: Body: <META
> http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
> May  3 03:47:39 router spamd[6565]: 72.3.240.53: Body: <STYLE></STYLE>
> May  3 03:47:39 router spamd[6565]: 72.3.240.53: Body: </HEAD>
> May  3 03:47:39 router spamd[6565]: 72.3.240.53: Body: <xbody bgColor=#ffffff>
> May  3 03:47:39 router spamd[6565]: 72.3.240.53: Body: <DIV id=xptHeader>
> May  3 03:47:39 router spamd[6565]: 72.3.240.53: Body: <TABLE
> cellSpacing=0 cellPadding=0 align=center border=0>
> May  3 03:47:39 router spamd[6565]: 72.3.240.53: Body:
> ...
> 
> but NO trace of that "BLACK" label, and not nearly enough correlation
> beween the # of these listings and the # of connections ...
> 
> i'm not sure why i don't ALSO see this in the spamd.log ... the "*.*"
> _should_ take care of that, no?
> 
> i also see in debug.log bunches of these,
> 
> May  3 05:19:15 router spamd[6564]: whitelisting 64.39.1.214 in /var/db/spamd
> May  3 07:27:12 router spamd[6564]: whitelisting 66.211.168.230 in /var/db/spamd
> 
> for whitelisting.
> 
> cheers.


ahhh no i think what you mean with BLACK label, 

(BLACK) 85.98.220.200: <bpx at mackenzie8888.freeserve.co.uk> ...
-> this line will only displayed if a trapped host connect to your spamd

 disconnected after 3920 seconds. lists: spamd-greytrap
-> this line will only displayed if a host listed in spamd.conf setup
match an entry

to get the logging back to the spamd.log also do the following
  
kill all spamd process (pkill spamd)
ps -waux | grep spamd  (to make it sure)

adjust the parameters for spamd.
from this line
-v -n ESMTP -r450 -s5 -w1 -c 300 -B 200 -g -G25:4:864 -b 127.0.0.1 -p 
8025
to this line (the same without defaults)
 -v -g -s5 -w1 -c 300 -B 200 -b 127.0.0.1 -n ESMTP

 no need for 
 -p 8025     -> default value
 -G 25:4:864 -> default value
 -r 450    -> default value (dropped in 4.1.x release)

restart spamd and execute spamd-setup
- start spamd
- /usr/local/libexec/spamd-setup


olli

More information about the freebsd-pf mailing list