From owner-freebsd-pf@FreeBSD.ORG Fri May 4 19:05:45 2007 Return-Path: X-Original-To: freebsd-pf@freebsd.org Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 4DA0C16A400 for ; Fri, 4 May 2007 19:05:45 +0000 (UTC) (envelope-from ohauer@gmx.de) Received: from mail.gmx.net (mail.gmx.net [213.165.64.20]) by mx1.freebsd.org (Postfix) with SMTP id A847613C45A for ; Fri, 4 May 2007 19:05:44 +0000 (UTC) (envelope-from ohauer@gmx.de) Received: (qmail invoked by alias); 04 May 2007 19:05:43 -0000 Received: from u18-124.dsl.vianetworks.de (EHLO [172.20.1.50]) [194.231.39.124] by mail.gmx.net (mp041) with SMTP; 04 May 2007 21:05:43 +0200 X-Authenticated: #1956535 X-Provags-ID: V01U2FsdGVkX194f7hf0qR4+1k98gKTwB/zEv8YW3VlvxwYlLue4e VHsOHRCdYuNLMm From: Olli Hauer To: freebsd-pf@freebsd.org In-Reply-To: <70f41ba20705041122h57a508d4r5c2f097cd19be0e7@mail.gmail.com> References: <70f41ba20705040937w32363fa6tc23fd3004e72c8b@mail.gmail.com> <1178298650.10053.15.camel@amd.uni.vrs> <70f41ba20705041048x6fd586c8v4b5ed9e07ec16ee9@mail.gmail.com> <1178302185.10053.24.camel@amd.uni.vrs> <70f41ba20705041122h57a508d4r5c2f097cd19be0e7@mail.gmail.com> Content-Type: text/plain Date: Fri, 04 May 2007 21:05:42 +0200 Message-Id: <1178305542.10053.54.camel@amd.uni.vrs> Mime-Version: 1.0 X-Mailer: Evolution 2.8.1.1 FreeBSD GNOME Team Port Content-Transfer-Encoding: 7bit X-Y-GMX-Trusted: 0 Subject: Re: pf+spamd's 'verbosity' has gone missing X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 04 May 2007 19:05:45 -0000 On Fri, 2007-05-04 at 11:22 -0700, snowcrash wrote: > hi, > > OK, the line in syslog.conf looks fine. > > Verbose logging is done with facility debug and the line catch this. > > > > Do you have some entries in the /var/log/debug.log ? > > hmmm. interesting. in /var/log/debug.log i've a few instances of > 'verbose' spamd output, e.g., > > ... > May 3 03:47:39 router spamd[6565]: 72.3.240.53: Body: PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> > May 3 03:47:39 router spamd[6565]: 72.3.240.53: Body: > May 3 03:47:39 router spamd[6565]: 72.3.240.53: Body: http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> > May 3 03:47:39 router spamd[6565]: 72.3.240.53: Body: > May 3 03:47:39 router spamd[6565]: 72.3.240.53: Body: > May 3 03:47:39 router spamd[6565]: 72.3.240.53: Body: > May 3 03:47:39 router spamd[6565]: 72.3.240.53: Body:
> May 3 03:47:39 router spamd[6565]: 72.3.240.53: Body: cellSpacing=0 cellPadding=0 align=center border=0> > May 3 03:47:39 router spamd[6565]: 72.3.240.53: Body: > ... > > but NO trace of that "BLACK" label, and not nearly enough correlation > beween the # of these listings and the # of connections ... > > i'm not sure why i don't ALSO see this in the spamd.log ... the "*.*" > _should_ take care of that, no? > > i also see in debug.log bunches of these, > > May 3 05:19:15 router spamd[6564]: whitelisting 64.39.1.214 in /var/db/spamd > May 3 07:27:12 router spamd[6564]: whitelisting 66.211.168.230 in /var/db/spamd > > for whitelisting. > > cheers. ahhh no i think what you mean with BLACK label, (BLACK) 85.98.220.200: ... -> this line will only displayed if a trapped host connect to your spamd disconnected after 3920 seconds. lists: spamd-greytrap -> this line will only displayed if a host listed in spamd.conf setup match an entry to get the logging back to the spamd.log also do the following kill all spamd process (pkill spamd) ps -waux | grep spamd (to make it sure) adjust the parameters for spamd. from this line -v -n ESMTP -r450 -s5 -w1 -c 300 -B 200 -g -G25:4:864 -b 127.0.0.1 -p 8025 to this line (the same without defaults) -v -g -s5 -w1 -c 300 -B 200 -b 127.0.0.1 -n ESMTP no need for -p 8025 -> default value -G 25:4:864 -> default value -r 450 -> default value (dropped in 4.1.x release) restart spamd and execute spamd-setup - start spamd - /usr/local/libexec/spamd-setup olli