This shows you the differences between two versions of the page.
Next revision | Previous revision | ||
network:packet_filter:spamd [2013/03/18 12:47] tschulz created |
network:packet_filter:spamd [2013/03/18 13:14] (current) tschulz [Packet Filter Spamd] |
||
---|---|---|---|
Line 1: | Line 1: | ||
====== Packet Filter Spamd ====== | ====== Packet Filter Spamd ====== | ||
+ | Spamd is a software package that put sends unknown mail servers a message of 451: come back later. Correctly configured email servers should come back a few min. later and will be allowed to deliver email. However the majority of spammers(90%+) never come back and so your server doesn't need to process the spam since it is never accepted. | ||
+ | ===== spamd.conf ===== | ||
+ | default: /usr/local/etc/spamd/spamd.conf | ||
+ | <file> | ||
+ | all:\ | ||
+ | :uatraps:nixspam:china:korea: | ||
+ | |||
+ | # University of Alberta greytrap hits. | ||
+ | # Addresses stay in it for 24 hours from time they misbehave. | ||
+ | uatraps:\ | ||
+ | :black:\ | ||
+ | :msg="Your address %A has sent mail to a ualberta.ca spamtrap\n\ | ||
+ | within the last 24 hours":\ | ||
+ | :method=http:\ | ||
+ | :file=www.openbsd.org/spamd/traplist.gz | ||
+ | |||
+ | # Nixspam recent sources list. | ||
+ | # Mirrored from http://www.heise.de/ix/nixspam | ||
+ | nixspam:\ | ||
+ | :black:\ | ||
+ | :msg="Your address %A is in the nixspam list\n\ | ||
+ | See http://www.heise.de/ix/nixspam/dnsbl_en/ for details":\ | ||
+ | :method=http:\ | ||
+ | :file=www.openbsd.org/spamd/nixspam.gz | ||
+ | |||
+ | # Mirrored from http://www.okean.com/chinacidr.txt | ||
+ | china:\ | ||
+ | :black:\ | ||
+ | :msg="SPAM. Your address %A appears to be from China\n\ | ||
+ | See http://www.okean.com/asianspamblocks.html for more details":\ | ||
+ | :method=http:\ | ||
+ | :file=www.openbsd.org/spamd/chinacidr.txt.gz: | ||
+ | |||
+ | # Mirrored from http://www.okean.com/koreacidr.txt | ||
+ | korea:\ | ||
+ | :black:\ | ||
+ | :msg="SPAM. Your address %A appears to be from Korea\n\ | ||
+ | See http://www.okean.com/asianspamblocks.html for more details":\ | ||
+ | :method=http:\ | ||
+ | :file=www.openbsd.org/spamd/koreacidr.txt.gz: | ||
+ | |||
+ | # An example of a list containing addresses which should not talk to spamd. | ||
+ | # | ||
+ | #override:\ | ||
+ | # :white:\ | ||
+ | # :method=file:\ | ||
+ | |||
+ | # :file=/var/db/override.txt: | ||
+ | </file> | ||
+ | |||
+ | ===== whitelist.txt ===== | ||
+ | default: /usr/local/etc/spamd/whitelist.txt | ||
+ | <file> | ||
+ | #gmail | ||
+ | 209.85.128.0/17 | ||
+ | 74.125.0.0/16 | ||
+ | |||
+ | #apple | ||
+ | 17.0.0.0/8 | ||
+ | |||
+ | #misc | ||
+ | 147.202.23.122 | ||
+ | 69.176.253.34 | ||
+ | </file> | ||
+ | |||
+ | ===== /etc/pf.conf ===== | ||
+ | <file> | ||
+ | external_addr="10.1.0.73" | ||
+ | |||
+ | table <blacklist> persist file "/usr/local/etc/spamd/blacklist.txt" | ||
+ | table <whitelist> persist file "/usr/local/etc/spamd/whitelist.txt" | ||
+ | table <spamd> persist | ||
+ | table <spamd-white> persist | ||
+ | |||
+ | scrub in all | ||
+ | |||
+ | # redirect to spamd | ||
+ | rdr pass inet proto tcp from {<spamd-white>, <whitelist>} to $external_addr port smtp -> 127.0.0.1 port smtp | ||
+ | rdr pass inet proto tcp from {<spamd>, !<spamd-white>, !<whitelist>} to $external_addr port smtp -> 127.0.0.1 port spamd | ||
+ | |||
+ | # mail! | ||
+ | block in inet proto tcp from <blacklist> to any port smtp | ||
+ | pass in log inet proto tcp from any to $external_addr port smtp flags S/SA synproxy state | ||
+ | </file> | ||
+ | |||
+ | ===== /etc/rc.conf ===== | ||
+ | <file> | ||
+ | pf_enable="YES" | ||
+ | pf_rules="/etc/pf.conf" | ||
+ | obspamd_enable="YES" | ||
+ | obspamd_flags="-v -G 2:4:864" | ||
+ | obspamlogd_enable="YES" | ||
+ | </file> | ||
+ | |||
+ | ===== /boot/loader.conf ===== | ||
+ | <file> | ||
+ | pf_load="YES" | ||
+ | pflog_load="YES" | ||
+ | </file> |