#
1.135 |
|
24-Jul-2019 |
mestre |
Ever since I introduced pledge(2) on spamd(8) the chroot'ed process, if running in default, cannot get anywhere near the filesystem since its only promises are "stdio inet". Furthermore, in blacklist mode this same codepath is not chroot'ed but once again it gets the same pledge(2).
Therefore we can remove the BUGS section from spamd(8)'s manpage.
OK millert@ deraadt@
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE OPENBSD_6_4_BASE OPENBSD_6_5_BASE
|
#
1.134 |
|
02-Apr-2017 |
jmc |
note that some hosts never generate tuples and are ignored; ok beck
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.133 |
|
16-Mar-2017 |
jmc |
define the role of spamd-setup a little better;
|
#
1.132 |
|
16-Mar-2017 |
jmc |
use one way to show filter rules, not two. the bits and pieces of the spamd setup are complex enough without freestyling the pf rules;
while here, Bk/Ek no longer required
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE
|
#
1.131 |
|
12-Aug-2015 |
jmc |
start replacing some \*([GL]t;
|
#
1.130 |
|
12-Aug-2015 |
jmc |
divert-to a table needs an address family; from steve shockley
ok sthen
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.129 |
|
27-Jul-2015 |
sobrado |
use file system path (.Pa) semantic markup macros where appropriate.
ok jmc@
|
#
1.128 |
|
18-May-2015 |
reyk |
Change spamd to use divert-to instead of rdr-to.
divert-to has many advantages over rdr-to for proxies. For example, it is much easier to use, requires less code, does not depend on /dev/pf, works in-band without the asynchronous lookup (DIOCNATLOOK ioctl), saves us from additional port allocations by the rdr/NAT code, and even avoids potential collisions and race conditions that could theoretically happen with the lookup.
Heads up: users will have to update their spamd PF rules from rdr-to to divert-to. spamd now also listens to 127.0.0.1 instead of "any" (0.0.0.0) by default which should be fine with most setups but has to be considered for some special configurations.
Based on a diff is almost two years old but got delayed several times ... beck@: "now is the time to get it in" :)
Tested by many With help from okan@ OK okan@ beck@ millert@
|
#
1.127 |
|
14-Apr-2015 |
deraadt |
wrap a long line
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.126 |
|
15-Feb-2015 |
bentley |
Don't use Aq macros when <> is intended; they are not the same thing.
ok schwarze@
|
#
1.125 |
|
07-Feb-2015 |
jmc |
put -G and it's args back onto one line in SYNOPSIS, to avoid having mandoc split it; while here, zap trailing whitespace;
|
#
1.124 |
|
07-Feb-2015 |
henning |
add STARTTLS support, using the shiny libtls. Rationale: when you publish DANE records for certificate pinning, you MUST offer TLS on the indicated service. Not offering TLS is verboten since that would re-open the door for a MitM. This is obviously fundamentally incompatible with having spamd in front of your mailservers - spamd kinda is a MitM here, but intentional and utterly valid. DANE is desirable because it allows one to not have to trust the broken SSL CA model, and, depending on the mode chosen, even show the SSL cert mafia the middle finger by not needing them at all. ok reyk jsing bob
|
#
1.123 |
|
22-Nov-2014 |
deraadt |
/dev/random has created the same effect as /dev/arandom (and /dev/urandom) for quite some time. Mop up the last few, by using /dev/random where we actually want it, or not even mentioning arandom where it is irrelevant.
|
#
1.122 |
|
11-Oct-2014 |
landry |
Fix manpage: -y only takes interface names, and doesnt take ip addresses. Fix example while here. ok back@
|
#
1.121 |
|
16-Sep-2014 |
jmc |
less sendmail;
|
#
1.120 |
|
01-Sep-2014 |
guenther |
Simplify the syslog.conf example: .info means that *and higher*
ok beck@
|
Revision tags: OPENBSD_5_3_BASE OPENBSD_5_4_BASE OPENBSD_5_5_BASE OPENBSD_5_6_BASE
|
#
1.119 |
|
27-Sep-2012 |
jmc |
remove some history details which have been around for long enough to no longer be relevant;
ok beck
|
Revision tags: OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE
|
#
1.118 |
|
19-Mar-2011 |
okan |
fix rdr-to example (requires direction); from James Turner
ok jmc@
|
Revision tags: OPENBSD_4_7_BASE OPENBSD_4_8_BASE OPENBSD_4_9_BASE
|
#
1.117 |
|
17-Sep-2009 |
jmc |
merge/update the spamlogd rules into spamd - there were some subtle problems because of the recent pf nat changes that caused problems; i've fleshed out the example in spamd and just added a pointer to it from spamlogd;
ok beck
|
#
1.116 |
|
07-Sep-2009 |
jmc |
the example pf rules should be "pass in", not just "pass"; ok henning
|
#
1.115 |
|
01-Sep-2009 |
todd |
match samples here with pf.conf(5) sample ruleset following recent pf changes ok henning@
|
Revision tags: OPENBSD_4_6_BASE
|
#
1.114 |
|
20-Apr-2009 |
jmc |
tweak previous;
|
#
1.113 |
|
20-Apr-2009 |
beck |
PR 6090 - from Olli Hauer <ohauer@gmx.de>
A number of small improvements:
- patch for empty lines and comments in alloweddomains_file - remove some whitespaces at end of line. - document comment and empty line handling - Remove unused parameter 'r' from getopt in spamd.c, it is removed in the 'switch statement' but not in getopt. http://www.openbsd.org/cgi-bin/cvsweb/src/libexec/spamd/spamd.c.diff?r1=1.94;r2=1.95;f=h - replace atoi with strtonum - make debug output more usefull, display only what will be synced and not a second message which prints always "sync trapped %s"
- some cosemtic and whitespace fixes.
|
Revision tags: OPENBSD_4_5_BASE
|
#
1.112 |
|
17-Feb-2009 |
jmc |
clarification for the MX stuff; requested by Stephan A. Rickauer ok beck
|
#
1.111 |
|
20-Sep-2008 |
jmc |
document spamd log entry format; requested by Stephan A. Rickauer ok beck
|
#
1.110 |
|
11-Aug-2008 |
jmc |
some documentation updates for spamd synchronisation: - whitelisted entries are not synced - entries added manually (using spamdb) are not synced
suggested by Stephan A. Rickauer; ok reyk
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.109 |
|
28-Mar-2008 |
grunk |
typo, ok beck@
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.108 |
|
08-Jan-2008 |
jmc |
simplify the suggested pf ruleset; ok beck
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.107 |
|
11-Aug-2007 |
jmc |
tweak previous: - this document talks about "default mode", not "greylisting mode" - kill trailing whitespace
|
#
1.106 |
|
11-Aug-2007 |
jsg |
Add note to the effect that the spamd pf table is no longer used in greylisting mode. ok ckuethe@
|
#
1.105 |
|
07-Jul-2007 |
jmc |
document maximum values for -S and -s; from Saint Aardvark the Carpeted, documentation/5535;
|
#
1.104 |
|
25-Jun-2007 |
tom |
s/is is/it is/. From Jim Razmus, jim (at) bonetruck (dot) org; thanks.
|
#
1.103 |
|
31-May-2007 |
jmc |
convert to new .Dd format;
|
#
1.102 |
|
26-May-2007 |
jmc |
remove a redundant paragraph; ok beck also, this section is blacklist-only, so tweak .Sh
|
#
1.101 |
|
19-May-2007 |
jmc |
spamd-setup needs -b for blacklist-only mode; from Nick Templeton
|
#
1.100 |
|
26-Mar-2007 |
jmc |
kill trailing whitespace...shame on me if i sent bob a diff w/ whitespace at eol
|
#
1.99 |
|
26-Mar-2007 |
beck |
A couple of spamd improvements
1) Implement the NOOP command, which now seems necessary for certain windows mail wrappers and sender verification schemes. Tested by me and sidcarter@symonds.net, who noticed the problem on his site. ok millert@
2) Change the behaviour of the maxblack parameter, instead of hanging up immediately on new blacklisted connections when the maxblack parameter is reached, we instead make spamd not stutter at them, so the connection is instead completed quickly. This seems to handle peaks and spikes much better than the old way of doing this. ok deraadt@, with some man page changes by jmc@
|
#
1.98 |
|
15-Mar-2007 |
jmc |
fix -y example;
closes user/5408 from sthen ok reyk
|
Revision tags: OPENBSD_4_1_BASE
|
#
1.97 |
|
07-Mar-2007 |
millert |
Add some emphasis for easier reading and clarify MX trapping by explicitly mentioning IP aliases, which is typically how you would implement MX trapping using a single host. OK beck@, trusted by deraadt@
|
#
1.96 |
|
07-Mar-2007 |
jmc |
clean up the greytrap stuff;
|
#
1.95 |
|
07-Mar-2007 |
jmc |
some spelling fixes;
|
#
1.94 |
|
07-Mar-2007 |
jmc |
new sentence, new line kill whitespace at eol
|
#
1.93 |
|
06-Mar-2007 |
beck |
Add -M option to specify a local address that is a lower priority MX address than the primary one. spamd will trap hosts that contact this address first without first contacting the primary. - get it in, deraadt@
|
#
1.92 |
|
06-Mar-2007 |
jmc |
tweak -c; sort FILES;
|
#
1.91 |
|
06-Mar-2007 |
jmc |
- move LOGGING into the main body - move some relevant bits of SYNCHRONISATION into -Yy descriptions - tweaks for SYNCHRONISATION
ok reyk beck
|
#
1.90 |
|
06-Mar-2007 |
beck |
document allowing -c to increase to within 200 of kern.maxfiles
|
#
1.89 |
|
05-Mar-2007 |
beck |
remove -r option that didn't work anyway. ok jmc@, reyk@
|
#
1.88 |
|
05-Mar-2007 |
reyk |
better dd options for the spamd.key generation example.
|
#
1.87 |
|
05-Mar-2007 |
reyk |
document spamd.key better. what format does the file take? how do i create one? and so on...
help from jmc@
|
#
1.86 |
|
04-Mar-2007 |
joel |
correct location of spamd.key
|
#
1.85 |
|
04-Mar-2007 |
beck |
Database synchronizaton for spamd/spamlogd
This adds an HMAC protected synchronization protocol for use by spamd and spamlogd.
- spamd can receive updates from other hosts for GREY, WHITE, and TRAPPED db entries, and will update the local /var/db/spamd accordingly.
- spamd can send updates when it makes changes to the GREY or TRAPPED entries in the db to other hosts running spamd. (Note it does not send WHITE entries because the other spamd will see the GREY changes and have complete information to make appropritate decisions)
- spamlogd can send updates for WHITE db entries that it performs on the local db to other hosts running spamd, which will then apply them on remote hosts.
note that while this diff provides synchronization for changes made to the spamd db by the daemons, it does *not* provide for sychonizing changes to the spamd db made manually with the spamdb command.
Synchronization protocol and most of the work by reyk@, with a bunch of the spamd, and spamlogd stuff by me.
testing mostly at the U of A, running happily there under big load.
ok reyk@ jmc@
|
#
1.84 |
|
02-Mar-2007 |
jmc |
improve the sections on pf rules; ok beck
|
#
1.83 |
|
01-Mar-2007 |
jmc |
first pass at simplifying the language in this page; more to come
|
#
1.82 |
|
28-Feb-2007 |
david |
double word: be be
|
#
1.81 |
|
27-Feb-2007 |
jmc |
prevent .Em abuse: .Dq for services .Aq for tables
|
#
1.80 |
|
27-Feb-2007 |
jmc |
forgot to remove this comment;
|
#
1.79 |
|
27-Feb-2007 |
jmc |
- don;t mark up colons - no need for <> for tables - use escapes for <> where needed
|
#
1.78 |
|
27-Feb-2007 |
jmc |
no -g flag for spamd-setup;
|
#
1.77 |
|
27-Feb-2007 |
jmc |
explain the concepts of black/white/greylisting, briefly; diff from Okan Demirmen, tweaked by myself and beck
ok beck
|
#
1.76 |
|
27-Feb-2007 |
beck |
the tempfail message happens after the DATA command, and has for a little while now - it got changed so people don't get hooped by certain stupid sender verification schemes.
|
#
1.75 |
|
27-Feb-2007 |
jmc |
initial shot at making greylisting seem normal...
|
#
1.74 |
|
27-Feb-2007 |
jmc |
sort options and usage();
|
#
1.73 |
|
27-Feb-2007 |
beck |
Flag day for spamd - 1) config files move to /etc/mail 2) -g option goes away in spamd-setup and spamd - greylisting is now the default 3) option change to spamd, -b addr becomes -l addr. 4) -b option in spamd-setup and spamd to turn on old blacklisting mode.
Man page shortly to be flensed to make this easier to explain ok deraadt@ millert@
|
#
1.72 |
|
25-Feb-2007 |
jmc |
- HELO/EHLO is part of the tuple - remove misleading sentence
ok millert
|
#
1.71 |
|
25-Feb-2007 |
millert |
Attempt to clarify new greylisting rules.
|
#
1.70 |
|
24-Feb-2007 |
millert |
When greylisting we don't actually need to use the <spamd> pf table. We just do no-rdr for things in <spamd-white> and rdr the rest to spamdb. OK beck@
|
#
1.69 |
|
24-Feb-2007 |
jmc |
tweaks;
|
#
1.68 |
|
23-Feb-2007 |
beck |
to_suffixes -> alloweddomains, that got missed, noticed by okan@demirmen.com
|
#
1.67 |
|
23-Feb-2007 |
beck |
greytrapping improvements 1) remove requirement for <> around spamtrap addresses 2) add support for /etc/spamd/alloweddomains to specify suffixes for which any destinations that don't match get trapped
various knf's by theo, feedback from jmc, millert, deraadt
|
#
1.66 |
|
14-Nov-2006 |
jmc |
improve previous;
|
#
1.65 |
|
14-Nov-2006 |
jmc |
clarify "maxcon" somewhat, particularly its upper limit; from jared rr spiegel (pr #5292), tweaked somewhat;
|
#
1.64 |
|
19-Oct-2006 |
jmc |
no need to escape "'";
|
#
1.63 |
|
17-Oct-2006 |
beck |
Make this easier for people who aren't aware of what shell they are running. ok deraadt@
|
#
1.62 |
|
29-Sep-2006 |
jmc |
typo; from sthen
|
Revision tags: OPENBSD_4_0_BASE
|
#
1.61 |
|
15-Aug-2006 |
kjell |
-r only applies to blacklists. ok beck@
|
#
1.60 |
|
15-May-2006 |
jcs |
add an -h option to override the hostname that is reported in the SMTP banner
ok beck@
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.59 |
|
01-Dec-2005 |
tom |
Spell "blacklisted" consistently.
ok jmc@
|
#
1.58 |
|
24-Nov-2005 |
jmc |
missing full stop;
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.57 |
|
06-Aug-2005 |
jmc |
replace port number 8025 w/ symbolic `spamd'; ok krw@ deraadt@
diff from ray lai;
|
#
1.56 |
|
17-May-2005 |
jmc |
update FILES;
|
#
1.55 |
|
17-May-2005 |
jmc |
- describe start up better - note that greylisting does stutter slightly - make clear role of spamdb and spamd.conf - few minor tweaks
ok beck@
|
#
1.54 |
|
14-Apr-2005 |
beck |
Make spamd stutter at greylisted connections for a short period before talking full speed. By default do this for 10 seconds. Many spammers disconnect by then. Adds -S option to select the amount of time greylisted connections will be stuttered at.
feedback from jmc@, deraadt@, ok deraadt@
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.53 |
|
11-Mar-2005 |
beck |
"Greytrapping" for spamd - allow for spamd greylisting to maintain a list of spamtrap destination addresses in the spamd database. When a spamtrap address gets an attempted greylist delivery, blacklist the offending host for a day. Does not affect hosts already whitelisted.
ok deraadt@, jmc@, dhartmei@ to get it in so it can be whacked on
|
#
1.52 |
|
19-Jan-2005 |
deraadt |
clarification; ok beck
|
#
1.51 |
|
05-Oct-2004 |
beck |
Change the default passtime to 25 minutes, MTA's with a quadratic retry schedule have a retry after 26 minutes, and then again after an hour, so this probably makes a lot more sense than the old 30 minute default.
ok henning@
|
#
1.50 |
|
05-Oct-2004 |
beck |
change default to 451 for greylisting, thanks to a number of people on misc, and some observations by Evan harris on the greylisting mailing list that a number of clustered mailers like aol behave better (and retry from the same IP) when they see a 451, but do not when they see a 450 (traditionally used for mailbox lock failure)
450 was the original for spamd, as the default for the tarpit is to encourage quick retries to punish blacklisted smtp servers more. This got carried over to the greylisting implementation, and isnt' really optimal for that case.
ok millert@, henning@, todd@
|
Revision tags: OPENBSD_3_5_BASE OPENBSD_3_6_BASE
|
#
1.49 |
|
16-Mar-2004 |
jmc |
sort options and escape a minus sign;
|
#
1.48 |
|
15-Mar-2004 |
beck |
Add -B option, with maxblack limit to limit the number of blacklist connections to something less than maxcon when greylisting. This ensures you don't completely run out of connections tarpitting spammers, and not allow real mail through. ok dhartmei@ millert@
|
#
1.47 |
|
12-Mar-2004 |
jmc |
sort options;
|
#
1.46 |
|
12-Mar-2004 |
beck |
Fix typo, spotted by Eduardo Alvarenga <eduardo@eduardo.lan.cei> ok xsa@ henning@
|
#
1.45 |
|
10-Mar-2004 |
beck |
add -b option to specify local bind address, sent by yongari@kt-is.co.kr ok deraadt@
|
#
1.44 |
|
01-Mar-2004 |
xsa |
typo; we do have spamlogd(8) not spamlog(8); ok beck@
|
#
1.43 |
|
26-Feb-2004 |
beck |
Add -g option for greylisting support for spamd. The greylisting techinque originates from a paper by Evan Harris which can be found at http://projects.puremagic.com/greylisting/. This implementation makes spamd allow for non-blacklisted addresses to be treated as "greylisted". where they are tracked in a db file, and whitelisted by addition to a pf table when the same envelope from and to are retried from the same source IP address. Testing by many, ok deraadt@
|
#
1.42 |
|
21-Jan-2004 |
deraadt |
the example should use 'rdr pass' so that you do not have to open 8025 to the outside world -- in fact 'rdr pass' was designed for this, but once again someone forgot to updated the bloody man page; mcbride ok
|
#
1.41 |
|
23-Oct-2003 |
jmc |
- add -v to SYNOPSIS - new sentence, new line - .Dv for variables - fix .Xr
|
#
1.40 |
|
22-Oct-2003 |
beck |
make logging less verbose by default - default logs connect, disconnect and blacklist matches. Add -v (verbose) flag to allow other detailed logging (subject, body, smtp dialogue, etc.) when it's needed. ok dhartmei@ -> ok deraadt@
|
#
1.39 |
|
25-Sep-2003 |
jmc |
- add .Bk/.Ek to SYNOPSIS - use -offset rather than indenting the actual display - kill unnecessary .Pp
|
#
1.38 |
|
24-Sep-2003 |
deraadt |
crank max connections to 800 (really, there are poeple doing this)
|
Revision tags: OPENBSD_3_4_BASE
|
#
1.37 |
|
03-Sep-2003 |
tedu |
permit the window/receive buffer to be adjustable. default back to system default. in reponse to pr3435. ok beck deraadt dhartmei
|
#
1.36 |
|
23-Aug-2003 |
dhartmei |
add -s to specify stuttering delay, set receive buffer size to 1 byte (causing a small TCP window size, tying up sender's resources), additional states: keep connection until ten body lines have been received, improved logging through syslog (envelope from/to, From:/To:/Subject: in header, first lines of body) at various levels. ok deraadt@
|
#
1.35 |
|
02-Jun-2003 |
jmc |
- remove .Pp's before .Sh - correct .Xr - .Ox instead of OpenBSD - whitespace between punctuation
|
#
1.34 |
|
12-Apr-2003 |
deraadt |
attempt not to wrap a line, bad nroff
|
Revision tags: OPENBSD_3_3_BASE
|
#
1.33 |
|
20-Mar-2003 |
david |
cmdline options and descriptions in alphabetical order in usage() and manpage add arguments to the flags that take them in the DESCRIPTION add "inet" to the rdr rule example to match etc/pf.conf example
ok dhartmei@ henning@
|
#
1.32 |
|
18-Mar-2003 |
david |
duplicate words: on on, in in ok miod@ jmc@
|
#
1.31 |
|
15-Mar-2003 |
pvalchev |
spamd is running on port 8025, not 25; from Adrian Knoth
|
#
1.30 |
|
13-Mar-2003 |
henning |
correct table usage in rdr example, spotted by todd
|
#
1.29 |
|
11-Mar-2003 |
david |
EOL whitespace ok jmc@
|
#
1.28 |
|
11-Mar-2003 |
david |
new sentence, new line ok beck@
|
#
1.27 |
|
09-Mar-2003 |
pvalchev |
also mention max connections default; ok deraadt
|
#
1.26 |
|
09-Mar-2003 |
pvalchev |
mention error code 450 is default; ok deraadt
|
#
1.25 |
|
09-Mar-2003 |
beck |
Fix a few typos, Make spamd and spamd-setup use /etc/services to find their ports. Adds "spamd" and "spamd-cfg" services to /etc/services. Mostly from Daniel Lucq <daniel@lucq.org>.
|
#
1.24 |
|
08-Mar-2003 |
beck |
remove some more ambigious bs
|
#
1.23 |
|
08-Mar-2003 |
jmc |
spamd typos;
ok beck@
|
#
1.22 |
|
06-Mar-2003 |
henning |
can be can be, but also may not be, or cannot be, and in any case can be once is better than can be can be guess who found that? yeah, David Krause, again. great!
|
#
1.21 |
|
06-Mar-2003 |
david |
date should be written formally: .Dd Month day, year ok henning@ jmc@
|
#
1.20 |
|
06-Mar-2003 |
david |
new sentence, new line (fixes some sentences with only 1 space between) ok henning@
|
#
1.19 |
|
06-Mar-2003 |
henning |
pasto, from thierry, who does not want to be a pf-like commiter ;-)
|
#
1.18 |
|
04-Mar-2003 |
henning |
typos; Daniel Lucq
|
#
1.17 |
|
04-Mar-2003 |
deraadt |
spam not SPAM; nick@electric-pickle.net
|
#
1.16 |
|
03-Mar-2003 |
cedric |
"an table" -> "a table", add persist keyword. ok deraadt@
|
#
1.15 |
|
02-Mar-2003 |
deraadt |
more tweaking
|
#
1.14 |
|
02-Mar-2003 |
deraadt |
more
|
#
1.13 |
|
02-Mar-2003 |
deraadt |
knf
|
#
1.12 |
|
02-Mar-2003 |
beck |
Spamd changes to add blacklist awareness to spamd, new spamd-setup.pl which configures individual blacklists sources and deals with whitelists. Perl still needs some stylistic changes as suggested by bmc which will go in shortly. ok deraadt@
|
#
1.11 |
|
26-Feb-2003 |
david |
start new sentence on a new line ok mpech@
|
#
1.10 |
|
13-Feb-2003 |
jmc |
typos;
setextattr(8): example markus@ spamd(8): someone else found some of these on bugs/misc, but for the life of me i can't find out who pf.conf(5): from openbsd@davidkrause.com raidctl(8): from ian@darwinsys.com
|
#
1.9 |
|
10-Feb-2003 |
dhartmei |
Add "inet proto tcp" to the last rdr example, it produces a syntax error otherwise. Found by David Norman.
|
#
1.8 |
|
20-Jan-2003 |
deraadt |
typos; alan@alanday.com
|
#
1.7 |
|
01-Jan-2003 |
deraadt |
the the; bsd@openbsd.rutgers.edu
|
#
1.6 |
|
31-Dec-2002 |
avsm |
fxi som tpyos
|
#
1.5 |
|
31-Dec-2002 |
dhartmei |
Mention pf rdr rules and anchors.
|
#
1.4 |
|
25-Dec-2002 |
deraadt |
remove nasty verbiage
|
#
1.3 |
|
23-Dec-2002 |
deraadt |
minor minor tweaks; mjc@bitz.ca
|
#
1.2 |
|
21-Dec-2002 |
deraadt |
fixes; openbsd@davidkrause.com
|
#
1.1 |
|
21-Dec-2002 |
deraadt |
spamd: work in progress
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.134 |
|
02-Apr-2017 |
jmc |
note that some hosts never generate tuples and are ignored; ok beck
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.133 |
|
16-Mar-2017 |
jmc |
define the role of spamd-setup a little better;
|
#
1.132 |
|
16-Mar-2017 |
jmc |
use one way to show filter rules, not two. the bits and pieces of the spamd setup are complex enough without freestyling the pf rules;
while here, Bk/Ek no longer required
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE
|
#
1.131 |
|
12-Aug-2015 |
jmc |
start replacing some \*([GL]t;
|
#
1.130 |
|
12-Aug-2015 |
jmc |
divert-to a table needs an address family; from steve shockley
ok sthen
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.129 |
|
27-Jul-2015 |
sobrado |
use file system path (.Pa) semantic markup macros where appropriate.
ok jmc@
|
#
1.128 |
|
18-May-2015 |
reyk |
Change spamd to use divert-to instead of rdr-to.
divert-to has many advantages over rdr-to for proxies. For example, it is much easier to use, requires less code, does not depend on /dev/pf, works in-band without the asynchronous lookup (DIOCNATLOOK ioctl), saves us from additional port allocations by the rdr/NAT code, and even avoids potential collisions and race conditions that could theoretically happen with the lookup.
Heads up: users will have to update their spamd PF rules from rdr-to to divert-to. spamd now also listens to 127.0.0.1 instead of "any" (0.0.0.0) by default which should be fine with most setups but has to be considered for some special configurations.
Based on a diff is almost two years old but got delayed several times ... beck@: "now is the time to get it in" :)
Tested by many With help from okan@ OK okan@ beck@ millert@
|
#
1.127 |
|
14-Apr-2015 |
deraadt |
wrap a long line
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.126 |
|
15-Feb-2015 |
bentley |
Don't use Aq macros when <> is intended; they are not the same thing.
ok schwarze@
|
#
1.125 |
|
07-Feb-2015 |
jmc |
put -G and it's args back onto one line in SYNOPSIS, to avoid having mandoc split it; while here, zap trailing whitespace;
|
#
1.124 |
|
07-Feb-2015 |
henning |
add STARTTLS support, using the shiny libtls. Rationale: when you publish DANE records for certificate pinning, you MUST offer TLS on the indicated service. Not offering TLS is verboten since that would re-open the door for a MitM. This is obviously fundamentally incompatible with having spamd in front of your mailservers - spamd kinda is a MitM here, but intentional and utterly valid. DANE is desirable because it allows one to not have to trust the broken SSL CA model, and, depending on the mode chosen, even show the SSL cert mafia the middle finger by not needing them at all. ok reyk jsing bob
|
#
1.123 |
|
22-Nov-2014 |
deraadt |
/dev/random has created the same effect as /dev/arandom (and /dev/urandom) for quite some time. Mop up the last few, by using /dev/random where we actually want it, or not even mentioning arandom where it is irrelevant.
|
#
1.122 |
|
11-Oct-2014 |
landry |
Fix manpage: -y only takes interface names, and doesnt take ip addresses. Fix example while here. ok back@
|
#
1.121 |
|
16-Sep-2014 |
jmc |
less sendmail;
|
#
1.120 |
|
01-Sep-2014 |
guenther |
Simplify the syslog.conf example: .info means that *and higher*
ok beck@
|
Revision tags: OPENBSD_5_3_BASE OPENBSD_5_4_BASE OPENBSD_5_5_BASE OPENBSD_5_6_BASE
|
#
1.119 |
|
27-Sep-2012 |
jmc |
remove some history details which have been around for long enough to no longer be relevant;
ok beck
|
Revision tags: OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE
|
#
1.118 |
|
19-Mar-2011 |
okan |
fix rdr-to example (requires direction); from James Turner
ok jmc@
|
Revision tags: OPENBSD_4_7_BASE OPENBSD_4_8_BASE OPENBSD_4_9_BASE
|
#
1.117 |
|
17-Sep-2009 |
jmc |
merge/update the spamlogd rules into spamd - there were some subtle problems because of the recent pf nat changes that caused problems; i've fleshed out the example in spamd and just added a pointer to it from spamlogd;
ok beck
|
#
1.116 |
|
07-Sep-2009 |
jmc |
the example pf rules should be "pass in", not just "pass"; ok henning
|
#
1.115 |
|
01-Sep-2009 |
todd |
match samples here with pf.conf(5) sample ruleset following recent pf changes ok henning@
|
Revision tags: OPENBSD_4_6_BASE
|
#
1.114 |
|
20-Apr-2009 |
jmc |
tweak previous;
|
#
1.113 |
|
20-Apr-2009 |
beck |
PR 6090 - from Olli Hauer <ohauer@gmx.de>
A number of small improvements:
- patch for empty lines and comments in alloweddomains_file - remove some whitespaces at end of line. - document comment and empty line handling - Remove unused parameter 'r' from getopt in spamd.c, it is removed in the 'switch statement' but not in getopt. http://www.openbsd.org/cgi-bin/cvsweb/src/libexec/spamd/spamd.c.diff?r1=1.94;r2=1.95;f=h - replace atoi with strtonum - make debug output more usefull, display only what will be synced and not a second message which prints always "sync trapped %s"
- some cosemtic and whitespace fixes.
|
Revision tags: OPENBSD_4_5_BASE
|
#
1.112 |
|
17-Feb-2009 |
jmc |
clarification for the MX stuff; requested by Stephan A. Rickauer ok beck
|
#
1.111 |
|
20-Sep-2008 |
jmc |
document spamd log entry format; requested by Stephan A. Rickauer ok beck
|
#
1.110 |
|
11-Aug-2008 |
jmc |
some documentation updates for spamd synchronisation: - whitelisted entries are not synced - entries added manually (using spamdb) are not synced
suggested by Stephan A. Rickauer; ok reyk
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.109 |
|
28-Mar-2008 |
grunk |
typo, ok beck@
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.108 |
|
08-Jan-2008 |
jmc |
simplify the suggested pf ruleset; ok beck
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.107 |
|
11-Aug-2007 |
jmc |
tweak previous: - this document talks about "default mode", not "greylisting mode" - kill trailing whitespace
|
#
1.106 |
|
11-Aug-2007 |
jsg |
Add note to the effect that the spamd pf table is no longer used in greylisting mode. ok ckuethe@
|
#
1.105 |
|
07-Jul-2007 |
jmc |
document maximum values for -S and -s; from Saint Aardvark the Carpeted, documentation/5535;
|
#
1.104 |
|
25-Jun-2007 |
tom |
s/is is/it is/. From Jim Razmus, jim (at) bonetruck (dot) org; thanks.
|
#
1.103 |
|
31-May-2007 |
jmc |
convert to new .Dd format;
|
#
1.102 |
|
26-May-2007 |
jmc |
remove a redundant paragraph; ok beck also, this section is blacklist-only, so tweak .Sh
|
#
1.101 |
|
19-May-2007 |
jmc |
spamd-setup needs -b for blacklist-only mode; from Nick Templeton
|
#
1.100 |
|
26-Mar-2007 |
jmc |
kill trailing whitespace...shame on me if i sent bob a diff w/ whitespace at eol
|
#
1.99 |
|
26-Mar-2007 |
beck |
A couple of spamd improvements
1) Implement the NOOP command, which now seems necessary for certain windows mail wrappers and sender verification schemes. Tested by me and sidcarter@symonds.net, who noticed the problem on his site. ok millert@
2) Change the behaviour of the maxblack parameter, instead of hanging up immediately on new blacklisted connections when the maxblack parameter is reached, we instead make spamd not stutter at them, so the connection is instead completed quickly. This seems to handle peaks and spikes much better than the old way of doing this. ok deraadt@, with some man page changes by jmc@
|
#
1.98 |
|
15-Mar-2007 |
jmc |
fix -y example;
closes user/5408 from sthen ok reyk
|
Revision tags: OPENBSD_4_1_BASE
|
#
1.97 |
|
07-Mar-2007 |
millert |
Add some emphasis for easier reading and clarify MX trapping by explicitly mentioning IP aliases, which is typically how you would implement MX trapping using a single host. OK beck@, trusted by deraadt@
|
#
1.96 |
|
07-Mar-2007 |
jmc |
clean up the greytrap stuff;
|
#
1.95 |
|
07-Mar-2007 |
jmc |
some spelling fixes;
|
#
1.94 |
|
07-Mar-2007 |
jmc |
new sentence, new line kill whitespace at eol
|
#
1.93 |
|
06-Mar-2007 |
beck |
Add -M option to specify a local address that is a lower priority MX address than the primary one. spamd will trap hosts that contact this address first without first contacting the primary. - get it in, deraadt@
|
#
1.92 |
|
06-Mar-2007 |
jmc |
tweak -c; sort FILES;
|
#
1.91 |
|
06-Mar-2007 |
jmc |
- move LOGGING into the main body - move some relevant bits of SYNCHRONISATION into -Yy descriptions - tweaks for SYNCHRONISATION
ok reyk beck
|
#
1.90 |
|
06-Mar-2007 |
beck |
document allowing -c to increase to within 200 of kern.maxfiles
|
#
1.89 |
|
05-Mar-2007 |
beck |
remove -r option that didn't work anyway. ok jmc@, reyk@
|
#
1.88 |
|
05-Mar-2007 |
reyk |
better dd options for the spamd.key generation example.
|
#
1.87 |
|
05-Mar-2007 |
reyk |
document spamd.key better. what format does the file take? how do i create one? and so on...
help from jmc@
|
#
1.86 |
|
04-Mar-2007 |
joel |
correct location of spamd.key
|
#
1.85 |
|
04-Mar-2007 |
beck |
Database synchronizaton for spamd/spamlogd
This adds an HMAC protected synchronization protocol for use by spamd and spamlogd.
- spamd can receive updates from other hosts for GREY, WHITE, and TRAPPED db entries, and will update the local /var/db/spamd accordingly.
- spamd can send updates when it makes changes to the GREY or TRAPPED entries in the db to other hosts running spamd. (Note it does not send WHITE entries because the other spamd will see the GREY changes and have complete information to make appropritate decisions)
- spamlogd can send updates for WHITE db entries that it performs on the local db to other hosts running spamd, which will then apply them on remote hosts.
note that while this diff provides synchronization for changes made to the spamd db by the daemons, it does *not* provide for sychonizing changes to the spamd db made manually with the spamdb command.
Synchronization protocol and most of the work by reyk@, with a bunch of the spamd, and spamlogd stuff by me.
testing mostly at the U of A, running happily there under big load.
ok reyk@ jmc@
|
#
1.84 |
|
02-Mar-2007 |
jmc |
improve the sections on pf rules; ok beck
|
#
1.83 |
|
01-Mar-2007 |
jmc |
first pass at simplifying the language in this page; more to come
|
#
1.82 |
|
28-Feb-2007 |
david |
double word: be be
|
#
1.81 |
|
27-Feb-2007 |
jmc |
prevent .Em abuse: .Dq for services .Aq for tables
|
#
1.80 |
|
27-Feb-2007 |
jmc |
forgot to remove this comment;
|
#
1.79 |
|
27-Feb-2007 |
jmc |
- don;t mark up colons - no need for <> for tables - use escapes for <> where needed
|
#
1.78 |
|
27-Feb-2007 |
jmc |
no -g flag for spamd-setup;
|
#
1.77 |
|
27-Feb-2007 |
jmc |
explain the concepts of black/white/greylisting, briefly; diff from Okan Demirmen, tweaked by myself and beck
ok beck
|
#
1.76 |
|
27-Feb-2007 |
beck |
the tempfail message happens after the DATA command, and has for a little while now - it got changed so people don't get hooped by certain stupid sender verification schemes.
|
#
1.75 |
|
27-Feb-2007 |
jmc |
initial shot at making greylisting seem normal...
|
#
1.74 |
|
27-Feb-2007 |
jmc |
sort options and usage();
|
#
1.73 |
|
27-Feb-2007 |
beck |
Flag day for spamd - 1) config files move to /etc/mail 2) -g option goes away in spamd-setup and spamd - greylisting is now the default 3) option change to spamd, -b addr becomes -l addr. 4) -b option in spamd-setup and spamd to turn on old blacklisting mode.
Man page shortly to be flensed to make this easier to explain ok deraadt@ millert@
|
#
1.72 |
|
25-Feb-2007 |
jmc |
- HELO/EHLO is part of the tuple - remove misleading sentence
ok millert
|
#
1.71 |
|
25-Feb-2007 |
millert |
Attempt to clarify new greylisting rules.
|
#
1.70 |
|
24-Feb-2007 |
millert |
When greylisting we don't actually need to use the <spamd> pf table. We just do no-rdr for things in <spamd-white> and rdr the rest to spamdb. OK beck@
|
#
1.69 |
|
24-Feb-2007 |
jmc |
tweaks;
|
#
1.68 |
|
23-Feb-2007 |
beck |
to_suffixes -> alloweddomains, that got missed, noticed by okan@demirmen.com
|
#
1.67 |
|
23-Feb-2007 |
beck |
greytrapping improvements 1) remove requirement for <> around spamtrap addresses 2) add support for /etc/spamd/alloweddomains to specify suffixes for which any destinations that don't match get trapped
various knf's by theo, feedback from jmc, millert, deraadt
|
#
1.66 |
|
14-Nov-2006 |
jmc |
improve previous;
|
#
1.65 |
|
14-Nov-2006 |
jmc |
clarify "maxcon" somewhat, particularly its upper limit; from jared rr spiegel (pr #5292), tweaked somewhat;
|
#
1.64 |
|
19-Oct-2006 |
jmc |
no need to escape "'";
|
#
1.63 |
|
17-Oct-2006 |
beck |
Make this easier for people who aren't aware of what shell they are running. ok deraadt@
|
#
1.62 |
|
29-Sep-2006 |
jmc |
typo; from sthen
|
Revision tags: OPENBSD_4_0_BASE
|
#
1.61 |
|
15-Aug-2006 |
kjell |
-r only applies to blacklists. ok beck@
|
#
1.60 |
|
15-May-2006 |
jcs |
add an -h option to override the hostname that is reported in the SMTP banner
ok beck@
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.59 |
|
01-Dec-2005 |
tom |
Spell "blacklisted" consistently.
ok jmc@
|
#
1.58 |
|
24-Nov-2005 |
jmc |
missing full stop;
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.57 |
|
06-Aug-2005 |
jmc |
replace port number 8025 w/ symbolic `spamd'; ok krw@ deraadt@
diff from ray lai;
|
#
1.56 |
|
17-May-2005 |
jmc |
update FILES;
|
#
1.55 |
|
17-May-2005 |
jmc |
- describe start up better - note that greylisting does stutter slightly - make clear role of spamdb and spamd.conf - few minor tweaks
ok beck@
|
#
1.54 |
|
14-Apr-2005 |
beck |
Make spamd stutter at greylisted connections for a short period before talking full speed. By default do this for 10 seconds. Many spammers disconnect by then. Adds -S option to select the amount of time greylisted connections will be stuttered at.
feedback from jmc@, deraadt@, ok deraadt@
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.53 |
|
11-Mar-2005 |
beck |
"Greytrapping" for spamd - allow for spamd greylisting to maintain a list of spamtrap destination addresses in the spamd database. When a spamtrap address gets an attempted greylist delivery, blacklist the offending host for a day. Does not affect hosts already whitelisted.
ok deraadt@, jmc@, dhartmei@ to get it in so it can be whacked on
|
#
1.52 |
|
19-Jan-2005 |
deraadt |
clarification; ok beck
|
#
1.51 |
|
05-Oct-2004 |
beck |
Change the default passtime to 25 minutes, MTA's with a quadratic retry schedule have a retry after 26 minutes, and then again after an hour, so this probably makes a lot more sense than the old 30 minute default.
ok henning@
|
#
1.50 |
|
05-Oct-2004 |
beck |
change default to 451 for greylisting, thanks to a number of people on misc, and some observations by Evan harris on the greylisting mailing list that a number of clustered mailers like aol behave better (and retry from the same IP) when they see a 451, but do not when they see a 450 (traditionally used for mailbox lock failure)
450 was the original for spamd, as the default for the tarpit is to encourage quick retries to punish blacklisted smtp servers more. This got carried over to the greylisting implementation, and isnt' really optimal for that case.
ok millert@, henning@, todd@
|
Revision tags: OPENBSD_3_5_BASE OPENBSD_3_6_BASE
|
#
1.49 |
|
16-Mar-2004 |
jmc |
sort options and escape a minus sign;
|
#
1.48 |
|
15-Mar-2004 |
beck |
Add -B option, with maxblack limit to limit the number of blacklist connections to something less than maxcon when greylisting. This ensures you don't completely run out of connections tarpitting spammers, and not allow real mail through. ok dhartmei@ millert@
|
#
1.47 |
|
12-Mar-2004 |
jmc |
sort options;
|
#
1.46 |
|
12-Mar-2004 |
beck |
Fix typo, spotted by Eduardo Alvarenga <eduardo@eduardo.lan.cei> ok xsa@ henning@
|
#
1.45 |
|
10-Mar-2004 |
beck |
add -b option to specify local bind address, sent by yongari@kt-is.co.kr ok deraadt@
|
#
1.44 |
|
01-Mar-2004 |
xsa |
typo; we do have spamlogd(8) not spamlog(8); ok beck@
|
#
1.43 |
|
26-Feb-2004 |
beck |
Add -g option for greylisting support for spamd. The greylisting techinque originates from a paper by Evan Harris which can be found at http://projects.puremagic.com/greylisting/. This implementation makes spamd allow for non-blacklisted addresses to be treated as "greylisted". where they are tracked in a db file, and whitelisted by addition to a pf table when the same envelope from and to are retried from the same source IP address. Testing by many, ok deraadt@
|
#
1.42 |
|
21-Jan-2004 |
deraadt |
the example should use 'rdr pass' so that you do not have to open 8025 to the outside world -- in fact 'rdr pass' was designed for this, but once again someone forgot to updated the bloody man page; mcbride ok
|
#
1.41 |
|
23-Oct-2003 |
jmc |
- add -v to SYNOPSIS - new sentence, new line - .Dv for variables - fix .Xr
|
#
1.40 |
|
22-Oct-2003 |
beck |
make logging less verbose by default - default logs connect, disconnect and blacklist matches. Add -v (verbose) flag to allow other detailed logging (subject, body, smtp dialogue, etc.) when it's needed. ok dhartmei@ -> ok deraadt@
|
#
1.39 |
|
25-Sep-2003 |
jmc |
- add .Bk/.Ek to SYNOPSIS - use -offset rather than indenting the actual display - kill unnecessary .Pp
|
#
1.38 |
|
24-Sep-2003 |
deraadt |
crank max connections to 800 (really, there are poeple doing this)
|
Revision tags: OPENBSD_3_4_BASE
|
#
1.37 |
|
03-Sep-2003 |
tedu |
permit the window/receive buffer to be adjustable. default back to system default. in reponse to pr3435. ok beck deraadt dhartmei
|
#
1.36 |
|
23-Aug-2003 |
dhartmei |
add -s to specify stuttering delay, set receive buffer size to 1 byte (causing a small TCP window size, tying up sender's resources), additional states: keep connection until ten body lines have been received, improved logging through syslog (envelope from/to, From:/To:/Subject: in header, first lines of body) at various levels. ok deraadt@
|
#
1.35 |
|
02-Jun-2003 |
jmc |
- remove .Pp's before .Sh - correct .Xr - .Ox instead of OpenBSD - whitespace between punctuation
|
#
1.34 |
|
12-Apr-2003 |
deraadt |
attempt not to wrap a line, bad nroff
|
Revision tags: OPENBSD_3_3_BASE
|
#
1.33 |
|
20-Mar-2003 |
david |
cmdline options and descriptions in alphabetical order in usage() and manpage add arguments to the flags that take them in the DESCRIPTION add "inet" to the rdr rule example to match etc/pf.conf example
ok dhartmei@ henning@
|
#
1.32 |
|
18-Mar-2003 |
david |
duplicate words: on on, in in ok miod@ jmc@
|
#
1.31 |
|
15-Mar-2003 |
pvalchev |
spamd is running on port 8025, not 25; from Adrian Knoth
|
#
1.30 |
|
13-Mar-2003 |
henning |
correct table usage in rdr example, spotted by todd
|
#
1.29 |
|
11-Mar-2003 |
david |
EOL whitespace ok jmc@
|
#
1.28 |
|
11-Mar-2003 |
david |
new sentence, new line ok beck@
|
#
1.27 |
|
09-Mar-2003 |
pvalchev |
also mention max connections default; ok deraadt
|
#
1.26 |
|
09-Mar-2003 |
pvalchev |
mention error code 450 is default; ok deraadt
|
#
1.25 |
|
09-Mar-2003 |
beck |
Fix a few typos, Make spamd and spamd-setup use /etc/services to find their ports. Adds "spamd" and "spamd-cfg" services to /etc/services. Mostly from Daniel Lucq <daniel@lucq.org>.
|
#
1.24 |
|
08-Mar-2003 |
beck |
remove some more ambigious bs
|
#
1.23 |
|
08-Mar-2003 |
jmc |
spamd typos;
ok beck@
|
#
1.22 |
|
06-Mar-2003 |
henning |
can be can be, but also may not be, or cannot be, and in any case can be once is better than can be can be guess who found that? yeah, David Krause, again. great!
|
#
1.21 |
|
06-Mar-2003 |
david |
date should be written formally: .Dd Month day, year ok henning@ jmc@
|
#
1.20 |
|
06-Mar-2003 |
david |
new sentence, new line (fixes some sentences with only 1 space between) ok henning@
|
#
1.19 |
|
06-Mar-2003 |
henning |
pasto, from thierry, who does not want to be a pf-like commiter ;-)
|
#
1.18 |
|
04-Mar-2003 |
henning |
typos; Daniel Lucq
|
#
1.17 |
|
04-Mar-2003 |
deraadt |
spam not SPAM; nick@electric-pickle.net
|
#
1.16 |
|
03-Mar-2003 |
cedric |
"an table" -> "a table", add persist keyword. ok deraadt@
|
#
1.15 |
|
02-Mar-2003 |
deraadt |
more tweaking
|
#
1.14 |
|
02-Mar-2003 |
deraadt |
more
|
#
1.13 |
|
02-Mar-2003 |
deraadt |
knf
|
#
1.12 |
|
02-Mar-2003 |
beck |
Spamd changes to add blacklist awareness to spamd, new spamd-setup.pl which configures individual blacklists sources and deals with whitelists. Perl still needs some stylistic changes as suggested by bmc which will go in shortly. ok deraadt@
|
#
1.11 |
|
26-Feb-2003 |
david |
start new sentence on a new line ok mpech@
|
#
1.10 |
|
13-Feb-2003 |
jmc |
typos;
setextattr(8): example markus@ spamd(8): someone else found some of these on bugs/misc, but for the life of me i can't find out who pf.conf(5): from openbsd@davidkrause.com raidctl(8): from ian@darwinsys.com
|
#
1.9 |
|
10-Feb-2003 |
dhartmei |
Add "inet proto tcp" to the last rdr example, it produces a syntax error otherwise. Found by David Norman.
|
#
1.8 |
|
20-Jan-2003 |
deraadt |
typos; alan@alanday.com
|
#
1.7 |
|
01-Jan-2003 |
deraadt |
the the; bsd@openbsd.rutgers.edu
|
#
1.6 |
|
31-Dec-2002 |
avsm |
fxi som tpyos
|
#
1.5 |
|
31-Dec-2002 |
dhartmei |
Mention pf rdr rules and anchors.
|
#
1.4 |
|
25-Dec-2002 |
deraadt |
remove nasty verbiage
|
#
1.3 |
|
23-Dec-2002 |
deraadt |
minor minor tweaks; mjc@bitz.ca
|
#
1.2 |
|
21-Dec-2002 |
deraadt |
fixes; openbsd@davidkrause.com
|
#
1.1 |
|
21-Dec-2002 |
deraadt |
spamd: work in progress
|