Re: whitelisting with spamd

To: NetBSD-users%NetBSD.org@localhost
Subject: Re: whitelisting with spamd
From: "James K. Lowden" <jklowden%schemamania.org@localhost>
Date: Fri, 5 Apr 2013 17:25:51 -0400

On Fri, 5 Apr 2013 12:21:24 -0500 (CDT)
"Jeremy C. Reed" <reed%reedmedia.net@localhost> wrote:

> On Fri, 5 Apr 2013, James K. Lowden wrote:
> 
> > The problem is that the whitelist /etc/pf/whitelist.txt is never
> > updated.  The spamd man page says the whitelist should
> > be /var/db/spamd, but that file doesn't exist: 
> 
> What happens when you run "spamdb"?

$ spamdb | grep  ^WHITE | wc -l
     419

> (Do you have a custom VARBASE and installed using pkgsrc?)

Mirabile dictu, it's just an old documentation fault.  There is a file,
and it is being updated, see below.  I'm a little less confused
now.  

Looking over the docs yet again, there seem to be two whitelists:

1.  The tuples released from the greylist by spamd.  These are kept in
the pf table "spamd"?  On my machine that turns out to be
in /var/pkg/db/spamd.  They also expire after some time.  The default
is 36 days.  I don't override that.  

2.  A static list of addresses provided to pf, kept in the pf table
"spamd-white". On my machine this list is configured to be
whitelist.txt:  

> $ sed -ne'/spamd/,/^$/p' /etc/pf.conf 
> # spamd
> table <spamd> persist
> table <spamd-white> persist file "/etc/pf/whitelist.txt"
> rdr pass on $external inet proto tcp from <spamd> to any \
>     port smtp -> 127.0.0.1 port spamd
> rdr pass on $external inet proto tcp from !<spamd-white> to any \
>     port smtp -> 127.0.0.1 port spamd

If that's right, then my task is to grab whitelisted sending addresses
from #1 (using, say, spamdb and awk) and add them to #2 (say, once a
day) and tickle pf with something like

        $ pfctl -t spamd-white -T replace /etc/pf/whitelist.txt

Is that the story? 

Details follow.  Thanks for your help.  

--jkl

$ strings /usr/pkg/sbin/spamdb  | grep /
/usr/libexec/ld.elf_so
/usr/pkg/lib
/var/pkg/db/spamd

$ man spamd | grep /var
           daemon.err;daemon.warn;daemon.info      /var/log/spamd
     /var/db/spamd              Greylisting database.

$ file /var/pkg/db/spamd
/var/pkg/db/spamd: Berkeley DB 1.85/1.86 (Btree, version 3, native
byte-order) 

$ ls -l  /var/pkg/db/spamd
-rw-r--r--  1 _spamd  _spamd  1622016 Apr  5 16:27 /var/pkg/db/spamd

References:
- whitelisting with spamd
  - From: James K. Lowden
- Re: whitelisting with spamd
  - From: Jeremy C. Reed

Prev by Date: Re: Build of NetBSD-6.1RC2/amd64 fails
Next by Date: [no subject]
Previous by Thread: Re: whitelisting with spamd
Next by Thread: [no subject]
Indexes:

Home | Main Index | Thread Index | Old Index