Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 27 Feb 2012 11:58:02 -0500
From:      Jon Radel <>
To:        "Bender, Chris" <>
Subject:   Re: Email issues, relay failure
Message-ID:  <>
In-Reply-To: <>
References:  <> <> <> <> <> <> <> <> <> <> <>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help

This is a cryptographically signed message in MIME format.

Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: quoted-printable

On 2/27/12 11:45 AM, Bender, Chris wrote:

> I was thinking about just reloading the pf.conf but I have never worked=

> with pf so
> I am worried other things might break. My thought was by doing that the=

> Adaptive part of the pfctl would be restarted?

Any pf.conf file I've ever seen does something sensible  after reload.=20
I suspect one could write something perverse that blows up on restart,=20
but that would making rebooting the machine problematic....

> Does that make sense would reloading the rules wash the adaptive
> behavior away or
> Would all that still be in some sort of bruteforce file to protect the
> firewall?

pf can load data from files when it starts or just manage things in a=20
fashion that is transient upon restart.  Hard to say what's happening in =

your case w/o a clue as to what's in pf.conf.

I'd suggest that you at the very least whitelist internal SMTP speakers=20
that you expect to get e-mail from on a regular basis, even if you do=20
throttling of SMTP connections in general.  Much less messy....

--Jon Radel


Want to link to this message? Use this URL: <>