| Age | Commit message (Collapse) | Author |
|---|
|
ok krw@ deraadt@
diff from ray lai;
|
|
|
|
- note that greylisting does stutter slightly
- make clear role of spamdb and spamd.conf
- few minor tweaks
ok beck@
|
|
full speed. By default do this for 10 seconds. Many spammers disconnect by
then. Adds -S option to select the amount of time greylisted connections
will be stuttered at.
feedback from jmc@, deraadt@, ok deraadt@
|
|
a list of spamtrap destination addresses in the spamd database. When
a spamtrap address gets an attempted greylist delivery, blacklist the
offending host for a day. Does not affect hosts already whitelisted.
ok deraadt@, jmc@, dhartmei@ to get it in so it can be whacked on
|
|
|
|
MTA's with a quadratic retry schedule have a retry after 26 minutes, and
then again after an hour, so this probably makes a lot more sense than the
old 30 minute default.
ok henning@
|
|
people on misc, and some observations by Evan harris on the greylisting
mailing list that a number of clustered mailers like aol behave better
(and retry from the same IP) when they see a 451, but do not when
they see a 450 (traditionally used for mailbox lock failure)
450 was the original for spamd, as the default for the tarpit is to
encourage quick retries to punish blacklisted smtp servers more. This
got carried over to the greylisting implementation, and isnt' really
optimal for that case.
ok millert@, henning@, todd@
|
|
|
|
connections to something less than maxcon when greylisting. This ensures
you don't completely run out of connections tarpitting spammers, and not
allow real mail through.
ok dhartmei@ millert@
|
|
|
|
ok xsa@ henning@
|
|
yongari@kt-is.co.kr
ok deraadt@
|
|
ok beck@
|
|
originates from a paper by Evan Harris which can be found at
http://projects.puremagic.com/greylisting/. This implementation makes
spamd allow for non-blacklisted addresses to be treated as "greylisted".
where they are tracked in a db file, and whitelisted by addition to a
pf table when the same envelope from and to are retried from the same
source IP address. Testing by many, ok deraadt@
|
|
the outside world -- in fact 'rdr pass' was designed for this, but once
again someone forgot to updated the bloody man page; mcbride ok
|
|
- new sentence, new line
- .Dv for variables
- fix .Xr
|
|
and blacklist matches. Add -v (verbose) flag to allow other detailed
logging (subject, body, smtp dialogue, etc.) when it's needed.
ok dhartmei@ -> ok deraadt@
|
|
- use -offset rather than indenting the actual display
- kill unnecessary .Pp
|
|
|
|
default. in reponse to pr3435. ok beck deraadt dhartmei
|
|
(causing a small TCP window size, tying up sender's resources), additional
states: keep connection until ten body lines have been received, improved
logging through syslog (envelope from/to, From:/To:/Subject: in header,
first lines of body) at various levels. ok deraadt@
|
|
- correct .Xr
- .Ox instead of OpenBSD
- whitespace between punctuation
|
|
|
|
add arguments to the flags that take them in the DESCRIPTION
add "inet" to the rdr rule example to match etc/pf.conf example
ok dhartmei@ henning@
|
|
ok miod@ jmc@
|
|
|
|
|
|
ok jmc@
|
|
ok beck@
|
|
|
|
|
|
their ports. Adds "spamd" and "spamd-cfg" services to /etc/services.
Mostly from Daniel Lucq <daniel@lucq.org>.
|
|
|
|
ok beck@
|
|
once is better than can be can be
guess who found that? yeah, David Krause, again. great!
|
|
ok henning@ jmc@
|
|
(fixes some sentences with only 1 space between)
ok henning@
|
|
|
|
|
|
|
|
ok deraadt@
|
|
|
|
|
|
|
|
which configures individual blacklists sources and deals with whitelists.
Perl still needs some stylistic changes as suggested by bmc which will go
in shortly.
ok deraadt@
|
|
ok mpech@
|
|
setextattr(8): example markus@
spamd(8): someone else found some of these on bugs/misc, but for the life
of me i can't find out who
pf.conf(5): from openbsd@davidkrause.com
raidctl(8): from ian@darwinsys.com
|
|
otherwise. Found by David Norman.
|
|
|
