Ok........ I am still not getting emails from
lists.openbsd.org (so please if you reply, cc to me).
I restarted spamd at this time after deleting /var/db/spamd and
clearing the bypass tables in pf at this time:
2012-05-26 02:13:12 # /usr/libexec/spamd
Here is the last message to make it to sendmail from misc:
fgrep from= /var/log/maillog|fgrep owner-misc|tail -1|awk '{print $1,$2,$3}'
May 26 01:54:35
The pf rules for spamd I have are taken from the default pf.conf:
pass in on egress inet proto tcp from any to any port = 25 flags S/SA rdr-to
127.0.0.1 port 8025
pass in on egress proto tcp from <nospamd> to any port = 25 flags S/SA
pass in log on egress proto tcp from <spamd-white> to any port = 25 flags S/SA
pass out log on egress proto tcp from any to any port = 25 flags S/S
It is currently Sat May 26 12:54:31 EST 201
Times of passed smtp connections for May 26:
tcpdump -n -e -ttt -r /var/log/pflog 2>&1|fgrep ".25:"|\
fgrep 'May 26'|awk '{print $3}'
01:14:53.793995
04:17:11.846707
05:00:19.443080
05:15:01.487277
07:17:51.114440
09:35:58.120098
10:14:21.444822
11:53:33.611903
So I will skip the first entry when I grep for the
ip addresses, with a tail +2 because it occurred
*before* I reset everything.
tcpdump -n -e -ttt -r /var/log/pflog 2>&1|fgrep ".25:"|\
fgrep 'May 26'|awk '{print $10}'|tail +2|\
awk -F. '{print $1"."$2"."$3"."$4}'|sort -n
17.254.6.112
74.125.82.47
113.172.232.215
129.21.208.44
202.58.38.80
203.59.1.110
206.46.252.115
I have the following tables.
pfctl -s Tables
nospamd
spamd-white
Confirming against the spamd-white table
pfctl -t spamd-white -Ts
17.254.6.112
74.125.82.47
113.172.232.215
129.21.208.44
202.58.38.80
203.59.1.110
206.46.252.115
lists.openbsd.org = 192.43.244.163
So nothing from misc has made it to sendmail since I emptied
<nospamd> and <spamd-white> on pf.conf
These are all the attempts from lists.openbsd.org since
I cleared the spamdb and pf tables.
fgrep 192.43.244.163 /var/log/spamd|fgrep 'May 26'
May 26 02:53:48 skitL spamd[25502]: 192.43.244.163: connected (1/0)
May 26 02:54:00 skitL spamd[25502]: 192.43.244.163: disconnected after 12
seconds.
May 26 03:00:24 skitL spamd[25502]: 192.43.244.163: connected (1/0)
May 26 03:00:36 skitL spamd[25502]: 192.43.244.163: disconnected after 12
seconds.
May 26 04:41:24 skitL spamd[25502]: 192.43.244.163: connected (1/0)
May 26 04:41:36 skitL spamd[25502]: 192.43.244.163: disconnected after 12
seconds.
May 26 05:04:19 skitL spamd[25502]: 192.43.244.163: connected (2/1)
May 26 05:04:31 skitL spamd[25502]: 192.43.244.163: disconnected after 12
seconds.
May 26 05:15:24 skitL spamd[25502]: 192.43.244.163: connected (1/0)
May 26 05:15:36 skitL spamd[25502]: 192.43.244.163: disconnected after 12
seconds.
May 26 05:19:36 skitL spamd[25502]: 192.43.244.163: connected (1/0)
May 26 05:19:48 skitL spamd[25502]: 192.43.244.163: disconnected after 12
seconds.
May 26 05:26:38 skitL spamd[25502]: 192.43.244.163: connected (1/0)
May 26 05:26:50 skitL spamd[25502]: 192.43.244.163: disconnected after 12
seconds.
May 26 05:31:10 skitL spamd[25502]: 192.43.244.163: connected (1/0)
May 26 05:31:22 skitL spamd[25502]: 192.43.244.163: disconnected after 12
seconds.
May 26 05:37:54 skitL spamd[25502]: 192.43.244.163: connected (1/0)
May 26 05:38:06 skitL spamd[25502]: 192.43.244.163: disconnected after 12
seconds.
May 26 05:43:38 skitL spamd[25502]: 192.43.244.163: connected (1/0)
May 26 05:43:50 skitL spamd[25502]: 192.43.244.163: disconnected after 12
seconds.
May 26 06:32:55 skitL spamd[25502]: 192.43.244.163: connected (1/0)
May 26 06:33:08 skitL spamd[25502]: 192.43.244.163: disconnected after 13
seconds.
May 26 07:00:31 skitL spamd[25502]: 192.43.244.163: connected (1/0)
May 26 07:00:43 skitL spamd[25502]: 192.43.244.163: disconnected after 12
seconds.
May 26 07:29:59 skitL spamd[25502]: 192.43.244.163: connected (1/0)
May 26 07:30:11 skitL spamd[25502]: 192.43.244.163: disconnected after 12
seconds.
May 26 07:53:46 skitL spamd[25502]: 192.43.244.163: connected (1/0)
May 26 07:53:58 skitL spamd[25502]: 192.43.244.163: disconnected after 12
seconds.
May 26 08:26:24 skitL spamd[25502]: 192.43.244.163: connected (1/0)
May 26 08:26:36 skitL spamd[25502]: 192.43.244.163: disconnected after 12
seconds.
May 26 09:14:32 skitL spamd[25502]: 192.43.244.163: connected (1/0)
May 26 09:14:44 skitL spamd[25502]: 192.43.244.163: disconnected after 12
seconds.
May 26 10:12:59 skitL spamd[25502]: 192.43.244.163: connected (1/0)
May 26 10:13:10 skitL spamd[25502]: 192.43.244.163: disconnected after 11
seconds.
May 26 11:44:37 skitL spamd[25502]: 192.43.244.163: connected (1/0)
May 26 11:44:49 skitL spamd[25502]: 192.43.244.163: disconnected after 12
seconds.
May 26 11:54:40 skitL spamd[25502]: 192.43.244.163: connected (1/0)
May 26 11:54:52 skitL spamd[25502]: 192.43.244.163: disconnected after 12
seconds.
