Re: spamd backfiring ?

George Pontis <gpontis@xxxxxxxxxxx> wrote:
While watching dropped packets on pflogf0, I noticed that almost
everything that was logged was an outgoing packet from spamd. Upon
further investigation it seems that the spam source has stopped
listening, but not closed the connection. Thus, the OS keeps trying to
send its one byte response back for a long time and the socket remains
in use.

Could this be a deliberate tactic by spammers ? At the least it seems
that the punishment value of spamd is reduced, at worst the OpenBSD
machine is the only thing that is getting punished.

If it appears on pflog0, pf(4) is blocking it - this has very little to
do with what the other host is trying to do.

You have most likely misconfigured your firewall; using keep state would
allow spamd to respond.

Joachim
.

Relevant Pages

  • Re: spamd backfiring ?
    ... everything that was logged was an outgoing packet from spamd. ... further investigation it seems that the spam source has stopped ... seems that the punishment value of spamd is reduced, ... other replies fail to match state. ...
    (comp.unix.bsd.openbsd.misc)
  • Re: spamd backfiring ?
    ... everything that was logged was an outgoing packet from spamd. ... further investigation it seems that the spam source has stopped ... seems that the punishment value of spamd is reduced, ... other replies fail to match state. ...
    (comp.unix.bsd.openbsd.misc)
  • spamd backfiring ?
    ... While watching dropped packets on pflogf0, ... everything that was logged was an outgoing packet from spamd. ... that the punishment value of spamd is reduced, ...
    (comp.unix.bsd.openbsd.misc)
  • Re: [SLE] Postfix error
    ... Carlos E. R. wrote: ... >>Here you can see that spamd is started and listening on port 783. ...
    (SuSE)