When running spamd in greylisting mode, it is not uncommon for an
IP to get whitelisted that later shows up on a spam blacklist.
However, that blacklist entry never takes effect because the IP is
already whitelisted and thus appears in the spamd-white of table,
This is exacerbated by spamlogd which will keep the whitelist entry
updated as long as the IP keeps connecting, which is something
spammers are good at.
The following diff causes spamd to check the blacklists before
adding a WHITE entry to the spamd-white pf table. If the IP matches
a blacklist, the WHITE entry will be removed.
It has helped a lot on the mailing list server which often receives
spam from an IP and passes greylisting before the IP ends up on a
This does means that you cannot simply use "spamdb -a" to temporarily
override a blacklist, but the proper way to override a blacklist
is via a :white: entry in spamd.conf.
You'll need to apply my "speed up blacklist lookups" diff before
diff -u spamd.bsearch/grey.c spamd.rmblack/grey.c
--- spamd.bsearch/grey.c Tue Oct 17 05:27:37 2017
+++ spamd.rmblack/grey.c Tue Oct 17 05:39:40 2017
@@ -49,6 +49,7 @@
extern FILE *grey;
extern int debug;
extern int syncsend;
+extern int greyback;
/* From netinet/in.h, but only _KERNEL_ gets them. */
#define satosin(sa) ((struct sockaddr_in *)(sa))
@@ -323,6 +324,7 @@
struct addrinfo hints, *res;
+ char ch;