Manual Reference Pages  - SPAMLOGD (8)

NAME

spamlogd - spamd whitelist updating daemon

CONTENTS

Synopsis
Description
Synchronisation
Files
See Also
History

SYNOPSIS

spamlogd [-DI] [-i interface] [-l pflog_interface] [-W whiteexp] [-Y synctarget]

DESCRIPTION

spamlogd manipulates the spamd(8) database in /var/db/spamd used for greylisting. spamlogd updates the /var/db/spamd whitelist entries whenever a connection to port 25 is logged to the pflog(4) interface. The source addresses of inbound connections are whitelisted when seen by spamlogd to ensure that their entries in /var/db/spamd do not expire if the connecting host continues to send legitimate mail. The destination addresses of outbound connections are whitelisted when seen by spamlogd so that replies to outbound mail may be received without initial greylisting delays. Greylisting is explained more fully in spamd(8).

The options are as follows:
-D Debugging mode. spamlogd does not disassociate from the controlling terminal.
-I Specify that spamlogd is only to whitelist inbound SMTP connections. By default spamlogd will whitelist the source of inbound SMTP connections, and the target of outbound SMTP connections.
-i interface
  Specify a network interface on which packets must arrive. The default is to watch for connections logged from all interfaces.
-l pflog_interface
  Specify a pflog(4) interface to listen for connection notifications. The default is to watch for connections logged on "pflog0".
-W whiteexp
  Adjust the time for whiteexp in hours (default is 864 hours, approximately 36 days. Min is 1 hour, max is 2160 hours approximately 90 days).
-Y synctarget
  Add a target to receive synchronisation messages; see SYNCHRONISATION below. This option can be specified multiple times.
-m mode
  Firewall type. Can be pf (default) or ipfw.

It is important to be sure to log any connections to and from your real MTA in order for spamlogd to update the whitelist entries. An example pf.conf(5) configuration for logging such connections is as follows:

EXT_IF = "fxp0"
MAILHOSTS = "{129.128.11.10, 129.128.11.43}"
pass in log on $EXT_IF inet proto tcp to $MAILHOSTS \
        port smtp
pass out log on $EXT_IF inet proto tcp from $MAILHOSTS \
        to any port smtp

spamlogd sends log messages to syslogd(8) using facility daemon. spamlogd will log each connection it sees at level LOG_DEBUG.

SYNCHRONISATION

spamlogd supports realtime synchronisation of whitelist states by sending the information it updates to a number of spamd(8) daemons running on multiple machines. To enable synchronisation, use the command line option -Y to specify the machines to which spamlogd will send messages when it updates the state information. For more information, see spamd(8).

FILES

/var/db/spamd

SEE ALSO

syslog(3), pflog(4), spamd.conf(5), pflogd(8), spamd(8), spamd-setup(8), spamdb(8), syslogd(8), tcpdump(8)

HISTORY

The spamlogd command first appeared in
OpenBSD 3.5 .


July 2, 2009 SPAMLOGD (8)
Generated by manServer 1.07 from spamlogd.8 using doc macros.