Contributed by sean on from the more pf articles than you can shake a stick at dept.
Dan Langille has written an article on using pf and spamd with greylisting - on FreeBSD. Anyway, it shows the usage of spamd and integration, a few basics of pf and a bit of troubleshooting. He mentions greyscanner from Bob at the end.
Even if it's on FreeBSD, maybe it is worth mentioning:
http://www.onlamp.com/pub/a/bsd/2007/01/18/greylisting-with-pf.html
cheers,
teemu
(Comments are closed)
By Bret Lambert (tbert) bret.lambert@gmail.com on
I'll admit my ignorance of the matter, but it seems overkill.
Comments
By phessler (phessler) on http://theapt.org
>
> I'll admit my ignorance of the matter, but it seems overkill.
if you are going to use blacklists, you should keep them up to date.
personally, I think they cause far more problems than they solve. not using updated lists makes it worse.
By wob (12.109.229.8) wob@bonch.org on
I'd email direct, but http://undeadly.org/I don't work here doesn't work very well. :)
Comments
By sean (sean) on
By em (89.176.174.162) on
Comments
By jason (TheDudeAbides) on http://www.snakelegs.org
> Anyone knows about some script preferably written in Perl to handle mail server pools from spamd db output? Is there anything? .. if not I can write my own script
something similar
Would like option of whitelisting whole /24 subnet, on greylist passes and outbound whitelisting, as here.
By Terrell Prude' Jr. (151.188.0.238) tprude@cmosnetworks.com on
The OpenBSD team is composed of some pretty damned smart individuals.
Comments
By Terrell Prude' Jr. (151.188.0.238) tprude@cmosnetworks.com on
>
> The OpenBSD team is composed of some pretty damned smart individuals.
>
OK, the greylisting works pretty well. My spam content just took a nosedive over the last couple of days. My /var/log/daemon file is showing all sorts of folks from around the world getting greylisted. It does require some fine-tuning, to be sure. I have run into the issue of HotMail using multiple SMTP gateways to re-try messages, and of course each of their individual gateways gets greylisted. So, I'm working on a way to deal with that. Dan Hartmeier's solution looks promising for this. For now, I'm just allowing all of HotMail's SMTP gateways with a DNS MX query, until I can give the Hartmeier method a whirl.
I wonder if it would be possible to take Mozilla Thunderbird's spam judgment logic and somehow apply it to the Hartmeier method. Hmmm....
I also implemented greytrapping, and it works like a charm. I'm seeing those offenders get stuck for just under ten minutes before they get tired of my tarpit and go away. Serves 'em right.
My logs are showing me another interesting thing. Some MTA's apparently can detect tarpitting, and they themselves drop the connection after about three seconds. Of course, if they do that, then they're obviously spammers, and I don't want to talk to them anyway. Even so, they still try multiple connections, and sometimes they try them again and again for about 10 minutes.
Hmm...costing spammers money...I like this. :-)
--TP