Unix Technical Forum

Running spamd (greylist) on a non firewall machine

This is a discussion on Running spamd (greylist) on a non firewall machine within the comp.unix.bsd.openbsd.misc forums, part of the OpenBSD category; --> Hello, I was wondering if it is possible to run spamd in greylisting mode (default) as a filter front-end ...


Go Back   Unix Technical Forum > Unix Operating Systems > OpenBSD > comp.unix.bsd.openbsd.misc

Running spamd (greylist) on a non firewall machine Running spamd (greylist) on a non firewall machine

FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply

 

LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old 05-24-2008, 06:07 AM
syn_nospam_uw
 
Posts: n/a
Default Running spamd (greylist) on a non firewall machine
Hello,

I was wondering if it is possible to run spamd in greylisting mode
(default) as a filter front-end to our mail server not on a firewall but
simply on a normal server on our network (behind the firewall) ?

I am not sure about it because spamd needs the originating IP of the
sender and maybe through NAT it gets lost or something ?

Regards
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #2 (permalink)  
Old 05-24-2008, 06:07 AM
Peter N. M. Hansteen
 
Posts: n/a
Default Re: Running spamd (greylist) on a non firewall machine
syn_nospam_uw <syn_nospam_uw@hotmail.com> writes:

> I was wondering if it is possible to run spamd in greylisting mode
> (default) as a filter front-end to our mail server not on a firewall
> but simply on a normal server on our network (behind the firewall) ?

You would need to have PF running on that machine with a very simple
rule set, but sure, there is no law of nature that dictates spamd has
to run on your gateway.

> I am not sure about it because spamd needs the originating IP of the
> sender and maybe through NAT it gets lost or something ?

I wouldn't worry about that specifically (at least if we're talking
regular nat), but rather how to make sure smtp traffic from untrusted
sources hits spamd and not your mail server. It's possible to paint
yourself into a corner with a complicated configuration and no real
gain.

--
Peter N. M. Hansteen, member of the first RFC 1149 implementation team
http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/
"Remember to set the evil bit on all malicious network traffic"
delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #3 (permalink)  
Old 05-24-2008, 06:07 AM
syn_nospam_uw
 
Posts: n/a
Default Re: Running spamd (greylist) on a non firewall machine
Peter N. M. Hansteen wrote:
> You would need to have PF running on that machine with a very simple
> rule set, but sure, there is no law of nature that dictates spamd has
> to run on your gateway.

Great news! My plan was maybe to move the spamd daemon from the firewall
of and to make have two openbsd servers behind the firewall doing just
that in load balancing and with spamd synchronisation.

Now I am also wondering if it is possible to use greylisting with
blacklisting. Because if I look the "-b" option it says "work in
blacklisting mode ONLY" so meaning that greylisting wouldn't work anymore ?

Regards
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
Reply

« A Few Noob Questions. | Implementing RBL functionality in spamd »

Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On
Forum Jump


All times are GMT. The time now is 07:47 PM.

Contact Us - Unix Technical Forums - Top

Powered by vBulletin® Version 3.6.5
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
SEO by vBSEO 3.2.0
www.UnixAdminTalk.com