spamdb - spamd database tool
Synopsis
Description
Database Output Format
Synchronisation
Files
See Also
History
spamdb [-D] [-Y synctarget] [-W whiteexp] [[-Tt] -a keys] [[-Tt] -d keys]
spamdb manipulates the spamd database in /var/db/spamd used for spamd(8).The options are as follows:
-D debug mode -Y synctarget Add a target to receive synchronisation messages; see SYNCHRONISATION below. This option can be specified multiple times. -W whiteexp Adjust the time for whiteexp in hours (default is 864 hours, approximately 36 days. Min is 1 hour, max is 2160 hours approximately 90 days). -a keys Add or update the entries for keys. This can be used to whitelist one or more IP addresses (i.e. circumvent the greylisting process altogether) by adding all IP addresses as keys to the spamd database for WHITE entries. If any keys specified match entries already in the spamd database, spamdb updates the entrys time last seen to now. -d keys Delete entries for keys. -T Add or delete the keys as SPAMTRAP entries. See the GREYTRAPPING section of spamd(8) for more information. Must be used in conjunction with the -a or -d option. -t Add or delete the keys as TRAPPED entries. See the GREYTRAPPING section of spamd(8) for more information. Must be used in conjunction with the -a or -d option. If adding or deleting a SPAMTRAP address (-T), keys should be specified as email addresses:
Otherwise keys must be numerical IP addresses.
If invoked without any arguments, spamdb lists the contents of the database in a text format. For SPAMTRAP entries the format is:
type|mailaddress
where type will be SPAMTRAP and mailaddress will be the email address for which any connections received by spamd(8) will be blacklisted if mail is sent to this address.
For TRAPPED entries the format is:
type|ip|expire
where type will be TRAPPED, IP will be the IP address blacklisted due to hitting a spamtrap, and expire will be when the IP is due to be removed from the blacklist.
For GREY entries, the format is:
type|source IP|helo|from|to|first|pass|expire|block|pass
For WHITE entries, the format is:
type|source IP|||first|pass|expire|block|pass
The fields are as follows:
type WHITE if whitelisted or GREY if greylisted source IP IP address the connection originated from helo what the connecting host sent as identification in the HELO/EHLO command in the SMTP dialogue from envelope-from address for GREY (empty for WHITE entries) to envelope-to address for GREY (empty for WHITE entries) first time the entry was first seen pass time the entry passed from being GREY to being WHITE expire time the entry will expire and be removed from the database block number of times a corresponding connection received a temporary failure from spamd(8) pass number of times a corresponding connection has been seen to pass to the real MTA by spamlogd(8) Note that times are in seconds since the Epoch, in the manner returned by time(3). Times may be converted to human readable format using:
$ date -r <value>
spamdb supports realtime synchronisation of white or blacklist entries between a number of spamd(8) daemons running on multiple machines, using the -Y option.The following example will send a unicast synchronisation messages.
whitelisting # /usr/local/sbin/spamdb -Y foo.example.org -a 1.2.3.4 2.3.4.5 # /usr/local/sbin/spamdb -Y foo.example.org -Y bar.example.org -a 1.2.3.4blacklisting # /usr/local/sbin/spamdb -Y foo.example.org -ta 1.2.3.4 2.3.4.5
The IP send to peers is logged via syslogd(8) at LOG_INFO level. The following syslog.conf(5) section can be used to log connection details to a dedicated file:
!spamdb daemon.info /var/log/spamdb
/var/db/spamd/usr/local/etc/spamd/spamd.key
spamd.conf(5), spamd(8), spamd-setup(8), spamlogd(8)
The spamdb command appeared in
OpenBSD 3.5 .
September 11, 2007 | SPAMDB (8) |