Date: Wed, 24 Oct 2007 01:48:24 -0700 (PDT) From: dssampson@yahoo.com To: freebsd-pf@freebsd.org Subject: spamd nonfunctioning due to power outage in SD Message-ID: <680860.38462.qm@web35813.mail.mud.yahoo.com>
next in thread | raw e-mail | index | archive | help
I had a power outage to our building due to the fires in San Diego and it c=
rashed those without UPSes. One of them is the spamd machine. I've brought =
it back up and ran fsck on all volumes. However, mail will not come into ou=
r mailboxes from outside but mail can be delivered to outside recipients. I=
can telnet into the spamd machine and send mail externally and internally.=
Postfix seems to be ok. When I stop pf, mail from the outside of our LAN c=
ome pouring in. When I start up pf, inbound mail comes to a stop. In the sp=
amd log, I see all kinds of connections being blacklisted and greylisted bu=
t still not one mail is being delivered. I am using spamd-mywhite as my whi=
telist and put all known GMail IP addresses on it. I then send an email fro=
m my GMail account to this machine. It gets greylisted and eventually sits =
in the greylist for quite a while. I also see ports 25 open on both externa=
l and internal NICs and port 8025 open on the localhost interface.=0A=0AI n=
eed assistance in troubleshooting this. Running spamd 4.1.2 on FreeBSD 6.2.=
We average 800 valid mail per day and so far in the last 24 hours, not one=
mail has come through using the existing spamd configuration.=0A=0Amailfil=
ter-root@/usr/ports# pfctl -vvnf /etc/pf.conf=0Aext_if =3D "rl0"=0Aint_if =
=3D "xl0"=0Ainternal_net =3D "192.168.1.1/24"=0Aexternal_addr =3D "216.70.2=
50.4"=0Avpn_net =3D "10.8.0.0/24"=0Aicmp_types =3D "echoreq"=0ANoRouteIPs =
=3D "{ 127.0.0.0/8 192.168.0.0/16 172.16.0.0/12 10.0.0.0/8 }"=0Awebserver1 =
=3D "192.168.1.4"=0Aset skip on { lo0 }=0Aset skip on { gif0 }=0A@0 scrub i=
n all fragment reassemble=0A@1 nat on rl0 inet from 192.168.1.0/24 to any -=
> (rl0) round-robin=0A@2 nat on rl0 inet from 10.8.0.0/24 to any -> (rl0) r=
ound-robin=0A@3 rdr on rl0 inet proto tcp from any to 216.70.250.4 port =3D=
http -> 192.168.1.4 port 80=0Atable <spamd> persist=0Atable <spamd-white> =
persist=0Atable <spamd-mywhite> persist file "/usr/local/etc/spamd/spamd-my=
white"=0A@4 rdr inet proto tcp from <spamd-mywhite:0> to 216.70.250.4 port =
=3D smtp -> 127.0.0.1 port 25=0A@5 rdr inet proto tcp from <spamd-white:0> =
to 216.70.250.4 port =3D smtp -> 127.0.0.1 port 25=0A@6 rdr pass inet proto=
tcp from <spamd:0> to 216.70.250.4 port =3D smtp -> 127.0.0.1 port 8025=0A=
@7 rdr pass inet proto tcp from ! <spamd-white:0> to 216.70.250.4 port =3D =
smtp -> 127.0.0.1 port 8025=0A@8 pass in log inet proto tcp from any to 216=
.70.250.4 port =3D smtp flags S/SA synproxy state=0A@9 pass out log inet pr=
oto tcp from 216.70.250.4 to any port =3D smtp flags S/SA synproxy state=0A=
@10 pass in log inet proto tcp from 192.168.1.0/24 to 192.168.1.25 port =3D=
smtp flags S/SA synproxy state=0A@11 block drop in log all=0A@12 pass in l=
og quick on xl0 inet proto tcp from any to 192.168.1.25 port =3D ssh flags =
S/SA synproxy state=0A@13 block drop in log quick on rl0 inet from 127.0.0.=
0/8 to any=0A@14 block drop in log quick on rl0 inet from 192.168.0.0/16 to=
any=0A@15 block drop in log quick on rl0 inet from 172.16.0.0/12 to any=0A=
@16 block drop in log quick on rl0 inet from 10.0.0.0/8 to any=0A@17 block =
drop out log quick on rl0 inet from any to 127.0.0.0/8=0A@18 block drop out=
log quick on rl0 inet from any to 192.168.0.0/16=0A@19 block drop out log =
quick on rl0 inet from any to 172.16.0.0/12=0A@20 block drop out log quick =
on rl0 inet from any to 10.0.0.0/8=0A@21 block drop in log quick on ! xl0 i=
net from 192.168.1.0/24 to any=0A@22 block drop in log quick inet from 192.=
168.1.25 to any=0A@23 pass in on xl0 inet from 192.168.1.0/24 to any=0A@24 =
pass out log on xl0 inet from any to 192.168.1.0/24=0A@25 pass out log quic=
k on xl0 inet from any to 10.8.0.0/24=0A@26 pass out on rl0 proto tcp all f=
lags S/SA modulate state=0A@27 pass out on rl0 proto udp all keep state=0A@=
28 pass out on rl0 proto icmp all keep state=0A@29 pass in on rl0 inet prot=
o tcp from any to 192.168.1.4 port =3D http flags S/SA synproxy state=0A@30=
pass in on xl0 inet proto tcp from any to 192.168.1.25 port =3D ssh keep s=
tate=0Awarning: macro 'icmp_types' not used=0Amailfilter-root@/usr/ports# =
=0A=0AWhat's the quickest way to recover from this? Any other troubleshooti=
ng techniques?=0A=0A~Doug=0A=0A=0A=0A______________________________________=
____________=0ADo You Yahoo!?=0ATired of spam? Yahoo! Mail has the best sp=
am protection around =0Ahttp://mail.yahoo.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?680860.38462.qm>