Re: spamd greylisting: false positives

Fri, 25 May 2012 06:34:28 -0700 

The spamd pf.conf rules I have are:

table <spamd-white> persist
table <nospamd> persist file "/etc/mail/nospamd"
pass in on egress proto tcp from any to any port smtp \
    rdr-to 127.0.0.1 port spamd
pass in on egress proto tcp from <nospamd> to any port smtp
pass in log on egress proto tcp from <spamd-white> to any port smtp
pass out log on egress proto tcp to any port smtp

Henning, the clock seems fine.  Ntpd is not complaining about losing time.
I will return all the spamd options to default.

spamd-setup is running from cron, 13 mins after every hour.

On 15th of May, I upgraded to 5.1 with a clean install.  Maybe the problem
is not spamd, but my configuration of sendmail.

On Fri, May 25, 2012 at 12:20:45PM +0200, obsd wrote:
> -----Ursprungligt meddelande-----
> Fren: [email protected] [mailto:[email protected]] Fvr David
> Diggles
> Skickat: den 25 maj 2012 11:14
> Till: [email protected]
> Dmne: Re: spamd greylisting: false positives
> 
> I am now trying it with -G120:6:864
> 
> Although I can't think how to reproduce the problem in a controlled way,
> other than wait and see what emails I don't get :/
> 
> On Fri, May 25, 2012 at 02:07:33AM -0500, Matthew Weigel wrote:
> > On 25.05.2012 01:09, David Diggles wrote:
> > >Can messages get dropped if mail servers fail to resend within time
> > >interval, after receiving the initial temporary failure message?
> >
> > It's dropped when it's first received, and it will continue to get
> > dropped until passtime minutes have passed.  If it is then received
> > before greyexp hours have passed, it will be delivered and the remote
> > host will be whitelisted for sending mail.  If greyexp hours pass
> > without seeing that tuple again, the tuple is deleted and it's back to
> > the beginning for that host.
> >
> > You reduced greyexp to 1 hour, which may well be causing your problems.
> > --
> >  Matthew Weigel
> >  hacker
> >  unique & idempot . ent
> 
> Ahh...
> Just struck me....  Please check the syntax of your pf rules
> This is what's working for me :
> 
> table <spamd-white> persist
> 
> pass in log on egress proto tcp from <spamd-white> rdr-to 127.0.0.1 port
> smtp
> pass in log on egress proto tcp from !<spamd-white> rdr-to 127.0.0.1 port
> spamd
> 
> /Hasse

Reply via email to