From owner-freebsd-pf@FreeBSD.ORG Sun Nov 5 23:42:12 2006 Return-Path: X-Original-To: freebsd-pf@freebsd.org Delivered-To: freebsd-pf@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DC25716A415 for ; Sun, 5 Nov 2006 23:42:12 +0000 (UTC) (envelope-from dan@langille.org) Received: from m21.unixathome.org (m21.unixathome.org [205.150.199.217]) by mx1.FreeBSD.org (Postfix) with ESMTP id 70CD043D62 for ; Sun, 5 Nov 2006 23:42:11 +0000 (GMT) (envelope-from dan@langille.org) Received: from localhost (localhost [205.150.199.217]) by m21.unixathome.org (Postfix) with ESMTP id 96172BF85 for ; Sun, 5 Nov 2006 18:42:19 -0500 (EST) Received: from m21.unixathome.org ([205.150.199.217]) by localhost (m21.unixathome.org [205.150.199.217]) (amavisd-new, port 10024) with ESMTP id 08174-07 for ; Sun, 5 Nov 2006 18:42:17 -0500 (EST) Received: from bast.unixathome.org (bast.unixathome.org [70.26.229.230]) by m21.unixathome.org (Postfix) with ESMTP id 31177BF16 for ; Sun, 5 Nov 2006 18:42:14 -0500 (EST) Received: from [10.55.0.99] (wocker.unixathome.org [10.55.0.99]) by bast.unixathome.org (Postfix) with ESMTP id 15FAAB854 for ; Sun, 5 Nov 2006 18:42:06 -0500 (EST) From: "Dan Langille" To: freebsd-pf@freebsd.org Date: Sun, 05 Nov 2006 18:42:05 -0500 MIME-Version: 1.0 Message-ID: <454E307D.9351.30D3616E@dan.langille.org> Priority: normal X-mailer: Pegasus Mail for Windows (4.31) Content-type: text/plain; charset=US-ASCII Content-transfer-encoding: 7BIT Content-description: Mail message body X-Virus-Scanned: by amavisd-new-20030616-p10 (Debian) at unixathome.org Subject: whitelists clients still being greylisted X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 05 Nov 2006 23:42:12 -0000 Hi folks, I'm setting up spamd with pf, and I'm finding that whitelisted IP addresses are still being greylisted. For example: $ spamdb | grep 205.150.199.217 WHITE|205.150.199.217|||1162757884|1162761340|1165871748|3|0 GREY|205.150.199.217|||11627 65339|1162779739|1162779739|1|0 Notice how the same IP address is in both WHITE and GREY. Shortly after running the above, the greylist entry disappeared: $ spamdb | grep 205.150.199.217 WHITE|205.150.199.217|||1162765339|1162769339|1165879789|2|0 That makes sense to me... that's spamlogd doing the right thing. Of note, the spamd-white table is empty: [root@nyi:~] # pfctl -t spamd-white -T show No ALTQ support in kernel ALTQ related functions disabled [root@nyi:~] # The rules etc, and most of the stuff I'm doing is documented at http://beta.freebsddiary.org/pf.php Here are some extracts from the above: table persist table persist table persist file "/usr/local/etc/spamd-mywhite" scrub in all # redirect to spamd rdr pass inet proto tcp from to $external_addr port \ smtp -> 127.0.0.1 port smtp rdr pass inet proto tcp from to $external_addr port \ smtp -> 127.0.0.1 port spamd rdr pass inet proto tcp from ! to $external_addr port \ smtp -> 127.0.0.1 port spamd # mail! pass in log inet proto tcp from any to $external_addr port smtp flags S/SA \ synproxy state pass out log inet proto tcp from $external_addr to any port smtp flags S/SA \ synproxy state It seems as if the spamd-white table is never being updated. Ideas? Suggestions? Comments? Thanks. -- Dan Langille : Software Developer looking for work my resume: http://www.freebsddiary.org/dan_langille.php