spamd/bgpd

'spamd' works indepedently of your Mail Transfer Agent (MTA) such as sendmail, postfix, and smtpd

Table of Contents

Basic configuration is to use OpenBSD's Packet Filter (PF) to route traffic into spamd and once spamd lets it through then it passes the connection through to your MTA.

pf - Packet Filter

File extract: /etc/pf.rules/spamd_settings.conf

Allow all 'whitelisted' servers to bypass spamd. If a packet fits this rule, then 'quick' complete and do not evaluate any further rules.

pass in quick log (to pflog1) on egress proto tcp from { <bgp_spamd_bypass>, <nospamd>, <spamd-white> } \
    to (egress) port { smtp, smtps } flags S/SA modulate state

Send previously detected spammers into spamd to hurt them.

pass in quick log (to pflog1) proto tcp from { <bgp_spamd>, <spamd> } \
    to (egress) port { smtp, smtps } rdr-to 127.0.0.1 port spamd

Everything else gets passed through to your MTA with standard rate limiting.

pass in log (to pflog1) proto tcp from any \
    to (egress) port { smtp, smtps } flags S/SA modulate state \
    (max-src-conn 50, max-src-conn-rate 25/5, overload <bruteforce> flush global)

File extract: /etc/pf.rules/spamd_rules.conf

spamd/spamdlog

pflog1 interface

File extract: /etc/hostname.pflog1

up
description "spamlogd logging interface"

Reference Resources