Contributed by dwc on from the word-gets-around dept.
Bob Beck (beck@) recently committed some interesting changes with much help from reyk@. Namely, database synchronizaton for spamd & spamlogd.
The spamd(8) daemon will be able to receive updates for GREY, WHITE, and TRAPPED tuples, and will be able to send updates for all but WHITE (which turns out not to be needed, as WHITE status can be inferred from GREY). Spamlogd's WHITE updates can also be sent to other hosts, to keep your favorite correspondents happy. Of course, these updates are authenticated via HMAC.
This has apparently been working at U of A under load and works well!
(Comments are closed)
By jason (TheDudeAbides) jason@snakelegs.org on http://www.snakelegs.org
The only thing lacking now (for OpenBSD in general) is the new hier(8) default /phb directory, containing reports, obviously.
Thanks much, beck and reyk.
Comments
By jason (TheDudeAbides) on http://www.snakelegs.org
Comments
By Marco Peereboom (67.64.89.177) on
Comments
By Jason L. Wright (134.20.32.102) jason@openbsd.org on http://www.thought.net/jason
Right, should be mg(1).
By Vincent (206.248.136.28) on
He should just learn to configure Emacs correctly:
(setq-default indent-tabs-mode nil)
By Han (213.84.147.9) on
(defun KNF-c-style ()
"OpenBSD KNF C-style."
(interactive)
(local-set-key "\C-c\C-c" 'compile)
(c-set-style "bsd")
(setq fill-column 80)
(setq c-basic-offset 8)
(c-set-offset 'arglist-cont '*)
(c-set-offset 'arglist-cont-nonempty '*)
(c-set-offset 'statement-cont '4) )
(add-hook 'c-mode-common-hook 'KNF-c-style)
By Dave Steinberg (redterror) dave@redterror.net on http://www.geekisp.com/
By squeege (216.252.79.249) on
Too bad there isn't a more comprehensive/up-to-date whitelist maintained for the well-known services that use round-robin mail server pools.
I know of the whitelist at greylisting.org, it's a good start, but it's now 2 years old and somewhat incomplete.
I know, I know... I should step-up instead of whine for stuff...
Comments
By jason (TheDudeAbides) on http://www.snakelegs.org
Half of my problems are with Yahoo.
From me, To their customer support:
"C'mon, this is easy. Publish the IP addresses Yahoo uses to send SMTP email from. You retry greylisted email from different IP addresses, so your mail doesn't get through.
See this post from Yahoo Groups, for instance:
http://tech.groups.yahoo.com/group/ygmailadmin/message/3
Or just publish them in SPF.
Someone replied:
"The information you are requesting is not disclosed due to security issues. We apologize for the inconvenience. Thank you again for contacting Yahoo! Customer Care."By sthen (85.158.44.149) on
They don't list common-queue senders within the same /24 (deliberately).
By jason (TheDudeAbides) on http://www.snakelegs.org
So, here's what I intend to do with some quick perl:
1. Generate a weekly password (e.g., "iefup31950").
2. Stick it in a db file, and
3. Email it to helpdesk and mail admins.
Then I'll either modify greyscanner or just use a separate script to:
4. Scan the greylist "to:" fields for matches on ^password@, and
5. Whitelist the /24 for the sender ip (most likely by adding to manual whitelist and reloading table, as opposed to using spamdb).
If a customer has problems, I'll just have them send mail to the password@example.com address, automatically whitelist them, and never have to revisit it (in theory).
By Bob Beck (129.128.11.43) beck@openbsd.org on http://www.humpingforjesus.com/
>
> I know of the whitelist at greylisting.org, it's a good start, but it's now 2 years old and somewhat incomplete.
>
> I know, I know... I should step-up instead of whine for stuff...
Here's what I use, with stuff added to the greylisting.org one.
having said that, yes, we should have one centrally maintained.
perhaps I'll think about cleaning this up and adding it with
an example to an appropriate place in /etc/mail
-Bob
# the campus.
129.128.0.0/16
142.244.0.0/16
216.239.32.0/19 # gmail servers
66.249.64.0/19 # gmail servers
64.233.160.0/19 # gmail servers
209.85.128.0/17 # gmail servers
72.14.192.0/18 # gmail
# whitelisting entries from puremagic.org - public list of big mailer pools
12.5.136.141 # Southwest Airlines (unique sender, no retry)
12.5.136.142 # Southwest Airlines (unique sender, no retry)
12.5.136.143 # Southwest Airlines (unique sender, no retry)
12.5.136.144 # Southwest Airlines (unique sender, no retry)
12.107.209.244 # kernel.org mailing lists (high traffic, unique sender per mail)
12.107.209.250 # sourceware.org mailing lists (high traffic, unique sender per mail)
63.82.37.110 # SLmail
63.169.44.143 # Southwest Airlines (unique sender, no retry)
63.169.44.144 # Southwest Airlines (unique sender, no retry)
64.7.153.18 # sentex.ca (common pool)
64.12.137.0/24 # AOL (common pool) - http://postmaster.aol.com/servers/imo.html
64.12.138.0/24 # AOL (common pool)
64.124.204.39 # moveon.org (unique sender per attempt)
64.125.132.254 # collab.net (unique sender per attempt)
#64.233.170 # gmail (common server pool)
#65.82.241.160 # Groupwise?
66.100.210.82 # Groupwise?
66.135.209.0/24 # Ebay (for time critical alerts)
66.135.197.0/24 # Ebay (common pool)
66.162.216.166 # Groupwise?
66.206.22.82 # PLEXOR
66.206.22.83 # PLEXOR
66.206.22.84 # PLEXOR
66.206.22.85 # PLEXOR
66.94.237.0/24 # Yahoo Groups servers (common pool, no retry)
66.218.66.0/24 # Yahoo Groups servers (common pool, no retry)
66.218.67.0/24 # Yahoo Groups servers (common pool, no retry)
66.218.69.0/24 # Yahoo Groups servers (common pool, no retry)
209.73.160.0/24 # Yahoo
209.73.164.0/24 # Yahoo
69.147.64.0/24 # Yahoo
69.147.65.0/24 # Yahoo
66.27.51.218 # ljbtc.com (Groupwise)
#66.89.73.101 # Groupwise?
#68.15.115.88 # Groupwise?
152.163.225.0/24 # AOL (common pool)
194.245.101.88 # Joker.com (email forwarding server)
195.235.39.19 # Tid InfoMail Exchanger v2.20
195.238.2.0/24 # skynet.be (wierd retry pattern, common pool)
195.238.3.0/24 # skynet.be (wierd retry pattern, common pool)
#204.60.8.162 # Groupwise?
204.107.120.10 # Ameritrade (no retry)
205.188.139.136 # AOL (common pool)
205.188.139.137 # AOL (common pool)
205.188.144.207 # AOL (common pool)
205.188.144.208 # AOL (common pool)
205.188.156.66 # AOL (common pool)
205.188.157.0/24 # AOL (common pool)
205.188.159.7 # AOL (common pool)
205.206.231.0/24 # SecurityFocus.com (unique sender per attempt)
205.211.164.50 # sentex.ca (common pool)
207.115.63.0/24 # Prodigy (broken software that retries continually with no delay)
207.171.168.0/24 # Amazon.com (common pool)
207.171.180.0/24 # Amazon.com (common pool)
207.171.187.0/24 # Amazon.com (common pool)
207.171.188.0/24 # Amazon.com (common pool)
207.171.190.0/24 # Amazon.com (common pool)
211.29.132.0/24 # optusnet.com.au (wierd retry pattern and more than 48hrs)
213.136.52.31 # Mysql.com (unique sender)
217.158.50.178 # AXKit mailing list (unique sender per attempt