spamd-white refuses to stay flushed

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

spamd-white refuses to stay flushed

Mario Theodoridis
Hello everyone,

after having read BookofPf3 almost in it's entirety before moving my
spamd setup
from FreeBSD to OpenBSD, im having a problem flushing my spamd-white table.

When i run
pfctl -t spamd-white -T flush
or
pfctl -t spamd-white -T expire 36

then i get the expected
pfctl -t spamd-white -T show | wc -l
        0

But less than a minute later
pfctl -t spamd-white -T show | wc -l
    68760

The same happens if i try to kill the table and then reload it by
reloading pf.conf

I do not have any cron jobs that restore this table from a file.

It's like a zombie table.

I'm running openbsd 6 amd64

I have these questions.
* Are the tables being recreated, because i'm flushing/expiring them the
wrong way, or is this a bug?
* Even after a reboot the table was restored. Where is it stored.

I could really use some help on this and can always supply more details
if needed.

Another piece of info that might be of interest is that this machine
runs on a Virtualbox 5 VM and has been suspended during VM host reboots.
But then after rebooting the VM i had the same problem.



Mit freundlichen Grüßen/Kind Regards

Mario Theodoridis
Reply | Threaded
Open this post in threaded view
|

Re: spamd-white refuses to stay flushed

Peter N. M. Hansteen-3
Hi,

This sounds like you're fighting spamdb. It's possible it's not clear enough from
the spamd chapters in the book, but modern spamd really depends on the spamdb
database for most things so backfilling the spamd-white table is to be expected.

spamdb is the more appropriate tool for manipulating the white, grey and black status of entries.

If you want to empty the whitelist, I'd go for spamdb -d on individual entries, doable
via a for loop or something, eg

for foo in `doas spamdb | grep WHITE | awk -F\| '{print $2}'`; do doas spamdb -d $foo; done

(untested but you get the drift)

--
Peter N. M. Hansteen, member of the first RFC 1149 implementation team
http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/
"Remember to set the evil bit on all malicious network traffic"
delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
Reply | Threaded
Open this post in threaded view
|

Re: spamd-white refuses to stay flushed

Mario Theodoridis
On 08/03/17 09:17, Peter N. M. Hansteen wrote:

> Hi,
>
> This sounds like you're fighting spamdb. It's possible it's not clear enough from
> the spamd chapters in the book, but modern spamd really depends on the spamdb
> database for most things so backfilling the spamd-white table is to be expected.
>
> spamdb is the more appropriate tool for manipulating the white, grey and black status of entries.
>
> If you want to empty the whitelist, I'd go for spamdb -d on individual entries, doable
> via a for loop or something, eg
>
> for foo in `doas spamdb | grep WHITE | awk -F\| '{print $2}'`; do doas spamdb -d $foo; done
>
> (untested but you get the drift)
>
Duh!
That answers both questions.

I guess i forgot the 'Managing Lists with spamdb' section.

Thank you Peter


--
Mit freundlichen Grüßen/Best Regards

Mario Theodoridis