Date: Fri, 04 May 2007 21:05:42 +0200 From: Olli Hauer <ohauer@gmx.de> To: freebsd-pf@freebsd.org Subject: Re: pf+spamd's 'verbosity' has gone missing Message-ID: <1178305542.10053.54.camel@amd.uni.vrs> In-Reply-To: <70f41ba20705041122h57a508d4r5c2f097cd19be0e7@mail.gmail.com> References: <70f41ba20705040937w32363fa6tc23fd3004e72c8b@mail.gmail.com> <1178298650.10053.15.camel@amd.uni.vrs> <70f41ba20705041048x6fd586c8v4b5ed9e07ec16ee9@mail.gmail.com> <1178302185.10053.24.camel@amd.uni.vrs> <70f41ba20705041122h57a508d4r5c2f097cd19be0e7@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 2007-05-04 at 11:22 -0700, snowcrash wrote: > hi, > > OK, the line in syslog.conf looks fine. > > Verbose logging is done with facility debug and the line catch this. > > > > Do you have some entries in the /var/log/debug.log ? > > hmmm. interesting. in /var/log/debug.log i've a few instances of > 'verbose' spamd output, e.g., > > ... > May 3 03:47:39 router spamd[6565]: 72.3.240.53: Body: <!DOCTYPE HTML > PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> > May 3 03:47:39 router spamd[6565]: 72.3.240.53: Body: <HTML><HEAD> > May 3 03:47:39 router spamd[6565]: 72.3.240.53: Body: <META > http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> > May 3 03:47:39 router spamd[6565]: 72.3.240.53: Body: <STYLE></STYLE> > May 3 03:47:39 router spamd[6565]: 72.3.240.53: Body: </HEAD> > May 3 03:47:39 router spamd[6565]: 72.3.240.53: Body: <xbody bgColor=#ffffff> > May 3 03:47:39 router spamd[6565]: 72.3.240.53: Body: <DIV id=xptHeader> > May 3 03:47:39 router spamd[6565]: 72.3.240.53: Body: <TABLE > cellSpacing=0 cellPadding=0 align=center border=0> > May 3 03:47:39 router spamd[6565]: 72.3.240.53: Body: > ... > > but NO trace of that "BLACK" label, and not nearly enough correlation > beween the # of these listings and the # of connections ... > > i'm not sure why i don't ALSO see this in the spamd.log ... the "*.*" > _should_ take care of that, no? > > i also see in debug.log bunches of these, > > May 3 05:19:15 router spamd[6564]: whitelisting 64.39.1.214 in /var/db/spamd > May 3 07:27:12 router spamd[6564]: whitelisting 66.211.168.230 in /var/db/spamd > > for whitelisting. > > cheers. ahhh no i think what you mean with BLACK label, (BLACK) 85.98.220.200: <bpx@mackenzie8888.freeserve.co.uk> ... -> this line will only displayed if a trapped host connect to your spamd disconnected after 3920 seconds. lists: spamd-greytrap -> this line will only displayed if a host listed in spamd.conf setup match an entry to get the logging back to the spamd.log also do the following kill all spamd process (pkill spamd) ps -waux | grep spamd (to make it sure) adjust the parameters for spamd. from this line -v -n ESMTP -r450 -s5 -w1 -c 300 -B 200 -g -G25:4:864 -b 127.0.0.1 -p 8025 to this line (the same without defaults) -v -g -s5 -w1 -c 300 -B 200 -b 127.0.0.1 -n ESMTP no need for -p 8025 -> default value -G 25:4:864 -> default value -r 450 -> default value (dropped in 4.1.x release) restart spamd and execute spamd-setup - start spamd - /usr/local/libexec/spamd-setup olli
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1178305542.10053.54.camel>