This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
network:packet_filter:spamd [2013/03/18 12:59] tschulz |
network:packet_filter:spamd [2013/03/18 13:14] (current) tschulz [Packet Filter Spamd] |
||
---|---|---|---|
Line 1: | Line 1: | ||
====== Packet Filter Spamd ====== | ====== Packet Filter Spamd ====== | ||
+ | Spamd is a software package that put sends unknown mail servers a message of 451: come back later. Correctly configured email servers should come back a few min. later and will be allowed to deliver email. However the majority of spammers(90%+) never come back and so your server doesn't need to process the spam since it is never accepted. | ||
- | ===== /usr/local/etc/spamd/spamd.conf ===== | + | ===== spamd.conf ===== |
+ | default: /usr/local/etc/spamd/spamd.conf | ||
<file> | <file> | ||
- | # $OpenBSD: spamd.conf,v 1.3 2007/05/12 00:43:41 cnst Exp $ | ||
- | # | ||
- | # spamd(8) configuration file, read by spamd-setup(8). | ||
- | # See also spamd.conf(5). | ||
- | # | ||
- | # Configures lists for spamd(8). | ||
- | # | ||
- | # Strings follow getcap(3) convention escapes, other than you | ||
- | # can have a bare colon (:) inside a quoted string and it | ||
- | # will deal with it. See spamd-setup(8) for more details. | ||
- | # | ||
- | # "all" must be here, and defines the order in which lists are applied. | ||
- | # Lists specified with the :white: capability apply to the previous | ||
- | # list with a :black: capability. | ||
- | # | ||
- | # As of November 2004, a place to search for blacklists is | ||
- | # http://spamlinks.net/filter-bl.htm | ||
- | |||
all:\ | all:\ | ||
:uatraps:nixspam:china:korea: | :uatraps:nixspam:china:korea: | ||
Line 67: | Line 51: | ||
</file> | </file> | ||
- | ===== /usr/local/etc/spamd/whitelist.txt ===== | + | ===== whitelist.txt ===== |
+ | default: /usr/local/etc/spamd/whitelist.txt | ||
<file> | <file> | ||
- | # $OpenBSD: spamd.conf,v 1.3 2007/05/12 00:43:41 cnst Exp $ | + | #gmail |
- | # | + | 209.85.128.0/17 |
- | # spamd(8) configuration file, read by spamd-setup(8). | + | 74.125.0.0/16 |
- | # See also spamd.conf(5). | + | |
- | # | + | |
- | # Configures lists for spamd(8). | + | |
- | # | + | |
- | # Strings follow getcap(3) convention escapes, other than you | + | |
- | # can have a bare colon (:) inside a quoted string and it | + | |
- | # will deal with it. See spamd-setup(8) for more details. | + | |
- | # | + | |
- | # "all" must be here, and defines the order in which lists are applied. | + | |
- | # Lists specified with the :white: capability apply to the previous | + | |
- | # list with a :black: capability. | + | |
- | # | + | |
- | # As of November 2004, a place to search for blacklists is | + | |
- | # http://spamlinks.net/filter-bl.htm | + | |
- | all:\ | + | #apple |
- | :uatraps:nixspam:china:korea: | + | 17.0.0.0/8 |
- | # University of Alberta greytrap hits. | + | #misc |
- | # Addresses stay in it for 24 hours from time they misbehave. | + | 147.202.23.122 |
- | uatraps:\ | + | 69.176.253.34 |
- | :black:\ | + | |
- | :msg="Your address %A has sent mail to a ualberta.ca spamtrap\n\ | + | |
- | within the last 24 hours":\ | + | |
- | :method=http:\ | + | |
- | :file=www.openbsd.org/spamd/traplist.gz | + | |
- | + | ||
- | # Nixspam recent sources list. | + | |
- | # Mirrored from http://www.heise.de/ix/nixspam | + | |
- | nixspam:\ | + | |
- | :black:\ | + | |
- | :msg="Your address %A is in the nixspam list\n\ | + | |
- | See http://www.heise.de/ix/nixspam/dnsbl_en/ for details":\ | + | |
- | :method=http:\ | + | |
- | :file=www.openbsd.org/spamd/nixspam.gz | + | |
- | + | ||
- | # Mirrored from http://www.okean.com/chinacidr.txt | + | |
- | china:\ | + | |
- | :black:\ | + | |
- | :msg="SPAM. Your address %A appears to be from China\n\ | + | |
- | See http://www.okean.com/asianspamblocks.html for more details":\ | + | |
- | :method=http:\ | + | |
- | :file=www.openbsd.org/spamd/chinacidr.txt.gz: | + | |
- | + | ||
- | # Mirrored from http://www.okean.com/koreacidr.txt | + | |
- | korea:\ | + | |
- | :black:\ | + | |
- | :msg="SPAM. Your address %A appears to be from Korea\n\ | + | |
- | See http://www.okean.com/asianspamblocks.html for more details":\ | + | |
- | :method=http:\ | + | |
- | :file=www.openbsd.org/spamd/koreacidr.txt.gz: | + | |
- | + | ||
- | # An example of a list containing addresses which should not talk to spamd. | + | |
- | # | + | |
- | #override:\ | + | |
- | # :white:\ | + | |
- | # :method=file:\ | + | |
- | + | ||
- | # :file=/var/db/override.txt: | + | |
</file> | </file> | ||
Line 151: | Line 84: | ||
block in inet proto tcp from <blacklist> to any port smtp | block in inet proto tcp from <blacklist> to any port smtp | ||
pass in log inet proto tcp from any to $external_addr port smtp flags S/SA synproxy state | pass in log inet proto tcp from any to $external_addr port smtp flags S/SA synproxy state | ||
- | pass out log inet proto tcp from $external_addr to !10.1.0.22 port smtp flags S/SA synproxy state | ||
</file> | </file> | ||
- | ==== /etc/rc.conf ==== | + | ===== /etc/rc.conf ===== |
<file> | <file> | ||
pf_enable="YES" | pf_enable="YES" | ||
Line 163: | Line 95: | ||
</file> | </file> | ||
- | ==== /boot/loader.conf ==== | + | ===== /boot/loader.conf ===== |
<file> | <file> | ||
pf_load="YES" | pf_load="YES" | ||
pflog_load="YES" | pflog_load="YES" | ||
</file> | </file> | ||
- |