SPAMLOGD(8) BSD System Manager's Manual SPAMLOGD(8)NAMEspamlogd — spamd whitelist updating daemon
SYNOPSISspamlogd [-DI] [-i interface] [-l pflog_interface] [-W whiteexp]
[-Y synctarget]
DESCRIPTIONspamlogd manipulates the spamd(8) database in /var/db/spamd used for
greylisting. spamlogd updates the /var/db/spamd whitelist entries when‐
ever a connection to port 25 is logged to the pflog(4) interface. The
source addresses of inbound connections are whitelisted when seen by
spamlogd to ensure that their entries in /var/db/spamd do not expire if
the connecting host continues to send legitimate mail. The destination
addresses of outbound connections are whitelisted when seen by spamlogd
so that replies to outbound mail may be received without initial
greylisting delays. Greylisting is explained more fully in spamd(8).
The options are as follows:
-D Debugging mode. spamlogd does not disassociate from the control‐
ling terminal.
-I Specify that spamlogd is only to whitelist inbound SMTP connec‐
tions. By default spamlogd will whitelist the source of inbound
SMTP connections, and the target of outbound SMTP connections.
-i interface
Specify a network interface on which packets must arrive. The
default is to watch for connections logged from all interfaces.
-l pflog_interface
Specify a pflog(4) interface to listen for connection notifica‐
tions. The default is to watch for connections logged on
“pflog0”.
-W whiteexp
Adjust the time for whiteexp in hours (default is 864 hours,
approximately 36 days. Min is 1 hour, max is 2160 hours approxi‐
mately 90 days).
-Y synctarget
Add a target to receive synchronisation messages; see
SYNCHRONISATION below. This option can be specified multiple
times.
-m mode
Firewall type. Can be pf (default) or ipfw.
It is important to be sure to log any connections to and from your real
MTA in order for spamlogd to update the whitelist entries. An example
pf.conf(5) configuration for logging such connections is as follows:
EXT_IF = "fxp0"
MAILHOSTS = "{129.128.11.10, 129.128.11.43}"
pass in log on $EXT_IF inet proto tcp to $MAILHOSTS \
port smtp
pass out log on $EXT_IF inet proto tcp from $MAILHOSTS \
to any port smtp
spamlogd sends log messages to syslogd(8) using facility daemon.
spamlogd will log each connection it sees at level LOG_DEBUG.
SYNCHRONISATIONspamlogd supports realtime synchronisation of whitelist states by sending
the information it updates to a number of spamd(8) daemons running on
multiple machines. To enable synchronisation, use the command line
option -Y to specify the machines to which spamlogd will send messages
when it updates the state information. For more information, see
spamd(8).
FILES
/var/db/spamd
SEE ALSOsyslog(3), pflog(4), spamd.conf(5), pflogd(8), spamd(8), spamd-setup(8),
spamdb(8), syslogd(8), tcpdump(8)HISTORY
The spamlogd command first appeared in OpenBSD 3.5.
BSD July 2, 2009 BSD