spamd-mywhite
Doug Sampson
dougs at dawnsign.com
Tue Sep 11 18:25:09 PDT 2007
> # -- silly dont't do this !
> # -- !! This file is no table, it is even not for usage in pf
> ruleset !!
> # remove this! table <spamd-alloweddomains> persist \
> # remove this! file "/usr/local/etc/spamd/spamd.alloweddomains"
Removed.
> OK, back to the ruleset.
>
> # -- Let all smtp traffic from the <spamd-mywhite> table pass before
> # -- any other rules since we trust them (if you like to log this
> # -- traffic with spamlogd remove the pass keyword)
> rdr (pass) inet proto tcp from <spamd-mywhite> to 216.70.250.4 \
> port = smtp -> 127.0.0.1 port 25
>
> # -- remove also the *pass* keyword if you use spamlogd so the entry
> # -- can be refreshed with every mail during passtime
> rdr (pass) inet proto tcp from <spamd-white:0> to 216.70.250.4 \
> port = smtp -> 127.0.0.1 port 25
>
> # -- OK, this rule *with pass*
> rdr pass inet proto tcp from <spamd:0> to 216.70.250.4 \
> port = smtp -> 127.0.0.1 port 8025
>
> # -- change this table from <spamd-mywhite> to <spamd-white>,
> # -- since <spamd-mywhite> processed two rules before
> rdr pass inet proto tcp from ! <spamd-white:0> to 216.70.250.4 \
> port = smtp -> 127.0.0.1 port 8025
>
>
> # -- Now traffic from the tables <spamd-mywhite> and <spamd-white>
> # -- flows in with logging (good with spamlogd)
> pass in log inet proto tcp from any to 216.70.250.4 \
> port = smtp flags S/SA synproxy state
>
Now I'm seeing mail flowing into our smtp server from addresses within
spamd-mywhite.
Incidentially, I'm using the rules from Dan Langille's article on pf and
spamd at
http://www.freebsddiary.org/pf.php
and
http://www.onlamp.com/pub/a/bsd/2007/01/18/greylisting-with-pf.html
I'm wondering if his rules needs to be changed?
Thanks to Olli & Jeremy who helped me through this!
~Doug
More information about the freebsd-pf
mailing list