1.\" $OpenBSD: spamlogd.8,v 1.18 2013/09/15 20:02:34 schwarze Exp $ 2.\" 3.\" Copyright (c) 2004 Bob Beck. All rights reserved. 4.\" 5.\" Permission to use, copy, modify, and distribute this software for any 6.\" purpose with or without fee is hereby granted, provided that the above 7.\" copyright notice and this permission notice appear in all copies. 8.\" 9.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 10.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 11.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 12.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 13.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 14.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 15.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 16.\" 17.Dd $Mdocdate: September 15 2013 $ 18.Dt SPAMLOGD 8 19.Os 20.Sh NAME 21.Nm spamlogd 22.Nd spamd whitelist updating daemon 23.Sh SYNOPSIS 24.Nm spamlogd 25.Op Fl DI 26.Op Fl i Ar interface 27.Op Fl l Ar pflog_interface 28.Op Fl W Ar whiteexp 29.Op Fl Y Ar synctarget 30.Sh DESCRIPTION 31.Nm 32manipulates the 33.Xr spamd 8 34database in 35.Pa /var/db/spamd 36used for greylisting. 37.Nm 38updates the 39.Pa /var/db/spamd 40whitelist entries whenever a connection 41to port 25 is logged to the 42.Xr pflog 4 43interface. 44The source addresses of inbound connections are whitelisted 45when seen by 46.Nm 47to ensure that their entries in 48.Pa /var/db/spamd 49do not expire if the connecting host continues to send legitimate mail. 50The destination addresses of outbound connections are whitelisted 51when seen by 52.Nm 53so that replies to outbound mail may be received without initial 54greylisting delays. 55Greylisting is explained more fully in 56.Xr spamd 8 . 57.Pp 58The options are as follows: 59.Bl -tag -width Ds 60.It Fl D 61Debugging mode. 62.Nm 63does not disassociate from the controlling terminal. 64.It Fl I 65Specify that 66.Nm 67is only to whitelist inbound SMTP connections. 68By default 69.Nm 70will whitelist the source of inbound SMTP connections, and the 71target of outbound SMTP connections. 72.It Fl i Ar interface 73Specify a network interface on which packets must arrive. 74The default is to watch for connections logged from all interfaces. 75.It Fl l Ar pflog_interface 76Specify a 77.Xr pflog 4 78interface to listen for connection notifications. 79The default is to watch for connections logged on 80.Dq pflog0 . 81.It Fl W Ar whiteexp 82Adjust the time for 83.Ar whiteexp 84in hours. 85The default is 864 hours (approximately 36 days); maximum is 2160 hours 86(approximately 90 days). 87.It Fl Y Ar synctarget 88Add a target to receive synchronisation messages; see 89.Sx SYNCHRONISATION 90below. 91This option can be specified multiple times. 92.El 93.Pp 94It is important to log any connections to and from the real 95MTA in order for 96.Nm 97to update the whitelist entries. 98See 99.Xr spamd 8 100for an example ruleset for logging such connections. 101.Pp 102.Nm 103sends log messages to 104.Xr syslogd 8 105using facility 106.Em daemon . 107.Nm 108will log each connection it sees at level 109.Dv LOG_DEBUG . 110.Sh SYNCHRONISATION 111.Nm 112supports realtime synchronisation of whitelist states by sending 113the information it updates to 114a number of 115.Xr spamd 8 116daemons running on multiple machines. 117To enable synchronisation, use the command line option 118.Fl Y 119to specify the machines to which 120.Nm 121will send messages when it updates the state information. 122For more information, see 123.Xr spamd 8 . 124.Sh FILES 125.Pa /var/db/spamd 126.Sh SEE ALSO 127.Xr syslog 3 , 128.Xr pflog 4 , 129.Xr spamd.conf 5 , 130.Xr pflogd 8 , 131.Xr spamd 8 , 132.Xr spamd-setup 8 , 133.Xr spamdb 8 , 134.Xr syslogd 8 , 135.Xr tcpdump 8 136.Sh HISTORY 137The 138.Nm 139command first appeared in 140.Ox 3.5 . 141