# spamd + ipfw



## mgp (Nov 24, 2010)

Hi,
I decided to try spamd to fight spam but I can't get it working with ipfw.
I put the default config and added only "-m ipfw" to spamd. Of course it listens on port 8025 so I added this rule:

```
ipfw add 100 fwd ${ext_ip},8025 tcp from any to ${ext_ip} 25 in
```
And I have that:

```
# ps ax |grep spamd
63864  ??  Is     0:00.02 spamd: (ipfw table 1 update) (spamd)
63865  ??  I      0:00.26 spamd: [priv] (greylist) (spamd)
63867  ??  I      0:00.00 spamd: (/var/db/spamd update) (spamd)
```
This doesn't work...just nothing happens...I don't see anything in /var/log/messages when mails are being sent.
Apparently I need spamlogd but I can't get it running as it requires pflog (I don't have PF enabled at all)

```
# /usr/local/libexec/spamlogd -D -m ipfw
Listening on pflog0 for all interfaces. 
Failed to initialize: 
spamlogd: couldn't initialize pcap: Device not configured
```
Could you guys give me a hand?
I just want spamd graylisting + ipfw.

cheers


----------



## graudeejs (Nov 24, 2010)

Ye. I think it's broken... I tried to get spamd work with ipfw as well
After some time, I just quite trying and switched back to pf (spamd + pf no problem at all)


----------



## mgp (Nov 25, 2010)

Well, this is not an option for me. I don't want pf.
I'll try to contact the maintainer...will keep you posted.


----------



## quintessence (Nov 25, 2010)

Hello , 

It is not broken .

Take a look at section 5 from /usr/local/share/doc/spamd/ipfw-spamd.txt about spamd greylisting with ipfw .


----------



## mgp (Nov 25, 2010)

quintessence, you're right, it does work.
Thank you, brother.


----------



## ohauer (Nov 25, 2010)

quintessence said:
			
		

> Hello ,
> 
> It is not broken .
> 
> Take a look at section 5 from /usr/local/share/doc/spamd/ipfw-spamd.txt about spamd greylisting with ipfw .




Thanks, for pointing this out.
Maybe I should give this hint out as error message in the next version


----------



## graudeejs (Nov 25, 2010)

ohauer said:
			
		

> Thanks, for pointing this out.
> Maybe I should give this hint out as error message in the next version



Hmmm? Are you maintainer or developer of spamd?


----------



## ohauer (Nov 26, 2010)

killasmurf86 said:
			
		

> Hmmm? Are you maintainer or developer of spamd?



maintainer and porter, developers are from OpenBSD but I developed some additions which are sleeping in the OpenBSD PR system (sync for spamdb ...)


----------



## graudeejs (Nov 26, 2010)

```
${fwcmd} add allow tcp from table\(1\) to me 25 in
```
souldn't it be

```
${fwcmd} add allow tcp from table\(1\) to me 25 in keep-state
```


----------



## quintessence (Nov 26, 2010)

ohauer said:
			
		

> Thanks, for pointing this out.
> Maybe I should give this hint out as error message in the next version



Hello,

In my opinion better option is the content from the file to be placed in the corresponding manual page(s) for daemons ( spamdb , spamlogd ... ) .


----------

