it's transient fast-changing information, there isn't a lot of point
Are you by any chance using this on a non-OpenBSD OS?
If so, please ask on their lists for help, I don't know if it
applies to spamd, but other network daemons I have looked at that
have been ported to some OS that needs fdescfs for spamd have
had chunks of them ripped out to make them work (due to missing
OS features). It's a bit of an unknown quantity for people who
Then, you can arrange so that cron ftp's the list for you and point
When you greylist, you just need to redirect all traffic from
addresses not in spamd-white to spamd. PF doesn't need to know
whether that's "currently subject to greylisting" or "on a
blacklist" - either way, spamd needs the packets - so no point
keeping the table in kernel memory as well as in spamd's memory.
Yes, FreeBSD. I remember when I upgraded spamd once during it's 3.x era,
it suddenly started to complain about missing fdescfs and refused to
start so I had to mount that in FreeBSD even though I only ran spamd in
blacklisting mode only. This time I didn't even try to run it without
fdescfs... still interested to know how fdescfs is used in combination
A couple of caffeine pills and a glass of coke makes wonders. Dropped
This piece fell into place now thanks to Peter Hansteen's post. I love
Yes, this was the first mental obstacle to overcome but I managed to do
that. I was just curious to know what happened then, when spamd was hit
by requests from both black- and grey-listed hosts as well as unknown
hosts. But I understand now that spamd tells them apart with the help of
that internal list I can't see anywhere... :-)
Thanks again all of you who have answered my questions.
I need to ask a follow-up question here cause I may have completely
misunderstood some basic concept. When I blacklist a host it stay
blacklisted forever... or at least until they come crawling back and beg
me to be removed from the blacklist - there's nothing transiet or
fast-changing about it.
How would I handle the hosts that have been dynamically blacklisted
during the computer's uptime if I have to reboot it? I wouldn't want to
loose those addresses and begin from scratch. The <spamd-white> table is
also dynamically populated but I can save the contents of that table
with pfctl and a cronjob. Is there a mechanism to correctly deal with
this that I have missed?