Some mystic with one spamdb WHITE record

engineer Wed, 14 Jan 2009 01:51:01 -0800

Hi.
...working on with spamd.
# uname -a
OpenBSD mx.chics.ru 4.4 GENERIC#0 i386


Today I see some annoying spammer from 200.162.44.162. He was
greylisted but then go thought it.

# spamdb |fgrep '200.162.44.162'
GREY|200.162.44.162|mail.plusoft.com.br|<[email protected]>|<o...@email>|1231915016|1231917033|1231929416|6|0
GREY|200.162.44.162|mail.plusoft.com.br|<[email protected]>|<o...@email>|1231915016|1231917033|1231929416|6|0
GREY|200.162.44.162|mail.plusoft.com.br|<[email protected]>|<o...@email>|1231915014|1231917030|1231929414|6|0
GREY|200.162.44.162|mail.plusoft.com.br|<[email protected]>|<
o...@email >|1231915014|1231917031|1231929414|6|0
GREY|200.162.44.162|mail.plusoft.com.br|<[email protected]>|<
o...@email >|1231915014|1231917031|1231929414|6|0
GREY|200.162.44.162|mail.plusoft.com.br|<[email protected]>|<
o...@email >|1231915013|1231917030|1231929413|6|0
GREY|200.162.44.162|mail.plusoft.com.br|<[email protected]>|<
o...@email >|1231915014|1231917031|1231929414|6|0
GREY|200.162.44.162|mail.plusoft.com.br|<[email protected]>|<
o...@email >|1231915015|1231917032|1231929415|6|0
WHITE|200.162.44.162|||1231915016|1231917033|1235034664|6|0
GREY|200.162.44.162|mail.plusoft.com.br|<[email protected]>|<
o...@email >|1231915016|1231917033|1231929416|6|0
GREY|200.162.44.162|mail.plusoft.com.br|<[email protected]>|<
o...@email >|1231915013|1231917030|1231929413|6|0
GREY|200.162.44.162|mail.plusoft.com.br|<[email protected]>|<
o...@email >|1231915015|1231917032|1231929415|6|0
GREY|200.162.44.162|mail.plusoft.com.br|<[email protected]>|<
o...@email >|1231915013|1231917030|1231929413|6|0
GREY|200.162.44.162|mail.plusoft.com.br|<[email protected]>|<
o...@email >|1231915015|1231917032|1231929415|6|0

As you can see, WHITE entry.
# date -r 1231915016
Wed Jan 14 11:36:56 YEKT 2009

So I start to try to blacklist him. I wrote 200.162.44.162 to my
/etc/postfix/spamd_black.txt:

$ cat /etc/postfix/spamd_black.txt
b&
200.162.44.162 some-spammer
b&

$ fgrep -v '#' /etc/mail/spamd.conf |grep -v '^$'
all:\
        :myblack:uatraps:nixspam:china:korea:mywhite:
myblack:\
        :black:\
        :msg="Your address %A has sent spam to me":\
        :method=file:\
        :file=/etc/postfix/spamd_black.txt:
mywhite:\
        :white:\
        :method=file:\
        :file=/etc/postfix/spamd_white.txt:
b&
My /etc/postfix/spamd_white.txt is now empty file.

Then I
# /usr/libexec/spamd-setup -d
blacklist myblack 23 entries
b&
# spamdb -d '200.162.44.162'

So, WHITE entry eliminated:
# spamdb |fgrep '200.162.44.162'
GREY|200.162.44.162|mail.plusoft.com.br|<[email protected]>|<
o...@email >|1231915016|1231917033|1231929416|6|0
GREY|200.162.44.162|mail.plusoft.com.br|<[email protected]>|<
o...@email >|1231915016|1231917033|1231929416|6|0
GREY|200.162.44.162|mail.plusoft.com.br|<[email protected]>|<
o...@email >|1231915014|1231917030|1231929414|6|0
GREY|200.162.44.162|mail.plusoft.com.br|<[email protected]>|<
o...@email >|1231915014|1231917031|1231929414|6|0
GREY|200.162.44.162|mail.plusoft.com.br|<[email protected]>|<
o...@email >|1231915014|1231917031|1231929414|6|0
GREY|200.162.44.162|mail.plusoft.com.br|<[email protected]>|<
o...@email >|1231915013|1231917030|1231929413|6|0
GREY|200.162.44.162|mail.plusoft.com.br|<[email protected]>|<
o...@email >|1231915014|1231917031|1231929414|6|0
GREY|200.162.44.162|mail.plusoft.com.br|<[email protected]>|<
o...@email >|1231915015|1231917032|1231929415|6|0
GREY|200.162.44.162|mail.plusoft.com.br|<[email protected]>|<
o...@email >|1231915016|1231917033|1231929416|6|0
GREY|200.162.44.162|mail.plusoft.com.br|<[email protected]>|<
o...@email >|1231915013|1231917030|1231929413|6|0
GREY|200.162.44.162|mail.plusoft.com.br|<[email protected]>|<
o...@email >|1231915015|1231917032|1231929415|6|0
GREY|200.162.44.162|mail.plusoft.com.br|<[email protected]>|<
o...@email >|1231915013|1231917030|1231929413|6|0
GREY|200.162.44.162|mail.plusoft.com.br|<[email protected]>|<
o...@email >|1231915015|1231917032|1231929415|6|0

I thought that from now spammer will be blacklisted. Wait some
secondsb& And what I see?
# spamdb |fgrep '200.162.44.162'
GREY|200.162.44.162|mail.plusoft.com.br|<[email protected]>|<
o...@email >|1231915016|1231917033|1231929416|6|0
GREY|200.162.44.162|mail.plusoft.com.br|<[email protected]>|<
o...@email >|1231915016|1231917033|1231929416|6|0
GREY|200.162.44.162|mail.plusoft.com.br|<[email protected]>|<
o...@email >|1231915014|1231917030|1231929414|6|0
GREY|200.162.44.162|mail.plusoft.com.br|<[email protected]>|<
o...@email >|1231915014|1231917031|1231929414|6|0
GREY|200.162.44.162|mail.plusoft.com.br|<[email protected]>|<
o...@email >|1231915014|1231917031|1231929414|6|0
GREY|200.162.44.162|mail.plusoft.com.br|<[email protected]>|<
o...@email >|1231915013|1231917030|1231929413|6|0
GREY|200.162.44.162|mail.plusoft.com.br|<[email protected]>|<
o...@email >|1231915014|1231917031|1231929414|6|0
GREY|200.162.44.162|mail.plusoft.com.br|<[email protected]>|<
o...@email >|1231915015|1231917032|1231929415|6|0
WHITE|200.162.44.162|||1231915016|1231917033|1235035571|6|0
GREY|200.162.44.162|mail.plusoft.com.br|<[email protected]>|<
o...@email >|1231915016|1231917033|1231929416|6|0
GREY|200.162.44.162|mail.plusoft.com.br|<[email protected]>|<
o...@email >|1231915013|1231917030|1231929413|6|0
GREY|200.162.44.162|mail.plusoft.com.br|<[email protected]>|<
o...@email >|1231915015|1231917032|1231929415|6|0
GREY|200.162.44.162|mail.plusoft.com.br|<[email protected]>|<
o...@email >|1231915013|1231917030|1231929413|6|0
GREY|200.162.44.162|mail.plusoft.com.br|<[email protected]>|<
o...@email >|1231915015|1231917032|1231929415|6|0
# date -r 1231915016
Wed Jan 14 11:36:56 YEKT 2009
# date
Wed Jan 14 14:27:06 YEKT 2009

What is it? Why this WHITE entry raised again? I just can't do anything with 
itb&
And can't delete annoying GREY entries.
-- 
engineer

Some mystic with one spamdb WHITE record

Reply via email to