ISD 820 Knowledge Base

User Tools

Site Tools

You are here: start » network » packet_filter » spamd
network:packet_filter:spamd

This is an old revision of the document!

Table of Contents

Packet Filter Spamd

/usr/local/etc/spamd/spamd.conf

# $OpenBSD: spamd.conf,v 1.3 2007/05/12 00:43:41 cnst Exp $
#
# spamd(8) configuration file, read by spamd-setup(8).
# See also spamd.conf(5).
#
# Configures lists for spamd(8).
#
# Strings follow getcap(3) convention escapes, other than you
# can have a bare colon (:) inside a quoted string and it
# will deal with it. See spamd-setup(8) for more details.
#
# "all" must be here, and defines the order in which lists are applied.
# Lists specified with the :white: capability apply to the previous
# list with a :black: capability.
#
# As of November 2004, a place to search for blacklists is
#     http://spamlinks.net/filter-bl.htm

all:\
        :uatraps:nixspam:china:korea:

# University of Alberta greytrap hits.
# Addresses stay in it for 24 hours from time they misbehave.
uatraps:\
        :black:\
        :msg="Your address %A has sent mail to a ualberta.ca spamtrap\n\
        within the last 24 hours":\
        :method=http:\
        :file=www.openbsd.org/spamd/traplist.gz

# Nixspam recent sources list.
# Mirrored from http://www.heise.de/ix/nixspam
nixspam:\
        :black:\
        :msg="Your address %A is in the nixspam list\n\
        See http://www.heise.de/ix/nixspam/dnsbl_en/ for details":\
        :method=http:\
        :file=www.openbsd.org/spamd/nixspam.gz

# Mirrored from http://www.okean.com/chinacidr.txt
china:\
        :black:\
        :msg="SPAM. Your address %A appears to be from China\n\
        See http://www.okean.com/asianspamblocks.html for more details":\
        :method=http:\
        :file=www.openbsd.org/spamd/chinacidr.txt.gz:

# Mirrored from http://www.okean.com/koreacidr.txt
korea:\
        :black:\
        :msg="SPAM. Your address %A appears to be from Korea\n\
        See http://www.okean.com/asianspamblocks.html for more details":\
        :method=http:\
        :file=www.openbsd.org/spamd/koreacidr.txt.gz:

# An example of a list containing addresses which should not talk to spamd.
#
#override:\
#       :white:\
#       :method=file:\

#       :file=/var/db/override.txt:

/usr/local/etc/spamd/whitelist.txt

#gmail
209.85.128.0/17
74.125.0.0/16

#apple
17.0.0.0/8

#misc
147.202.23.122
69.176.253.34

/etc/pf.conf

external_addr="10.1.0.73"

table <blacklist> persist file "/usr/local/etc/spamd/blacklist.txt"
table <whitelist> persist file "/usr/local/etc/spamd/whitelist.txt"
table <spamd> persist
table <spamd-white> persist

scrub in all

# redirect to spamd
rdr pass inet proto tcp from {<spamd-white>, <whitelist>} to $external_addr port smtp -> 127.0.0.1 port smtp
rdr pass inet proto tcp from {<spamd>, !<spamd-white>, !<whitelist>} to $external_addr port smtp -> 127.0.0.1 port spamd

# mail!
block in inet proto tcp from <blacklist> to any port smtp
pass in log inet proto tcp from any to $external_addr port smtp flags S/SA synproxy state
pass out log inet proto tcp from $external_addr to !10.1.0.22 port smtp flags S/SA synproxy state

/etc/rc.conf

pf_enable="YES"
pf_rules="/etc/pf.conf"
obspamd_enable="YES"
obspamd_flags="-v -G 2:4:864"
obspamlogd_enable="YES"

/boot/loader.conf

pf_load="YES"
pflog_load="YES"
network/packet_filter/spamd.1363629637.txt.gz · Last modified: 2013/03/18 13:00 by tschulz

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki