> # -- silly dont't do this !
> # -- !! This file is no table, it is even not for usage
in pf
> ruleset !!
> # remove this! table <spamd-alloweddomains>
persist
> # remove this! file
"/usr/local/etc/spamd/spamd.alloweddomains"
Removed.
> OK, back to the ruleset.
>
> # -- Let all smtp traffic from the
<spamd-mywhite> table pass before
> # -- any other rules since we trust them (if you like
to log this
> # -- traffic with spamlogd remove the pass keyword)
> rdr (pass) inet proto tcp from <spamd-mywhite> to
216.70.250.4
> port = smtp -> 127.0.0.1 port 25
>
> # -- remove also the *pass* keyword if you use spamlogd
so the entry
> # -- can be refreshed with every mail during passtime
> rdr (pass) inet proto tcp from <spamd-white:0> to
216.70.250.4
> port = smtp -> 127.0.0.1 port 25
>
> # -- OK, this rule *with pass*
> rdr pass inet proto tcp from <spamd:0> to
216.70.250.4
> port = smtp -> 127.0.0.1 port 8025
>
> # -- change this table from <spamd-mywhite> to
<spamd-white>,
> # -- since <spamd-mywhite> processed two rules
before
> rdr pass inet proto tcp from ! <spamd-white:0> to
216.70.250.4
> port = smtp -> 127.0.0.1 port 8025
>
>
> # -- Now traffic from the tables <spamd-mywhite>
and <spamd-white>
> # -- flows in with logging (good with spamlogd)
> pass in log inet proto tcp from any to 216.70.250.4
> port = smtp flags S/SA synproxy state
>
Now I'm seeing mail flowing into our smtp server from
addresses within
spamd-mywhite.
Incidentially, I'm using the rules from Dan Langille's
article on pf and
spamd at
http://www.freebsd
diary.org/pf.php
and
http://www.onlamp.com/pub/a/bsd/2007/01/18/gr
eylisting-with-pf.html
I'm wondering if his rules needs to be changed?
Thanks to Olli & Jeremy who helped me through this!
~Doug
_______________________________________________
freebsd-pf freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe, send any mail to
"freebsd-pf-unsubscribefreebsd.org"
|
