1.\" $OpenBSD: spamd.conf.5,v 1.23 2019/09/02 21:18:41 deraadt Exp $ 2.\" 3.\" Copyright (c) 2003 Jason L. Wright (jason@thought.net) 4.\" Copyright (c) 2003 Bob Beck 5.\" All rights reserved. 6.\" 7.\" Redistribution and use in source and binary forms, with or without 8.\" modification, are permitted provided that the following conditions 9.\" are met: 10.\" 1. Redistributions of source code must retain the above copyright 11.\" notice, this list of conditions and the following disclaimer. 12.\" 2. Redistributions in binary form must reproduce the above copyright 13.\" notice, this list of conditions and the following disclaimer in the 14.\" documentation and/or other materials provided with the distribution. 15.\" 16.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 17.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED 18.\" WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 19.\" DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, 20.\" INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES 21.\" (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 22.\" SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 23.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 24.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN 25.\" POSSIBILITY OF SUCH DAMAGE. 26.\" 27.Dd $Mdocdate: September 2 2019 $ 28.Dt SPAMD.CONF 5 29.Os 30.Sh NAME 31.Nm spamd.conf 32.Nd spamd-setup configuration file 33.Sh DESCRIPTION 34The 35.Nm 36file is read by 37.Xr spamd-setup 8 38to configure 39.Em blacklists 40for 41.Xr spamd 8 . 42Blacklists are lists of addresses of likely spammers. 43Mail from these addresses never reaches the actual mail server, 44but is instead redirected to 45.Xr spamd 8 46and tarpitted. 47.Pp 48.Nm 49follows the syntax of configuration databases as documented in 50.Xr cgetent 3 . 51Here is an example: 52.Bd -literal -offset indent 53all:\e 54 :nixspam:override:myblack: 55 56nixspam:\e 57 :black:\e 58 :msg="Your address %A is in the nixspam list\en\e 59 See http://www.heise.de/ix/nixspam/dnsbl_en/ for details":\e 60 :method=https:\e 61 :file=www.openbsd.org/spamd/nixspam.gz 62 63override:\e 64 :white:\e 65 :method=file:\e 66 :file=/etc/mail/override.txt: 67 68myblack:\e 69 :black:\e 70 :msg=/etc/mail/myblackmsg.txt:\e 71 :method=file:\e 72 :file=/etc/mail/myblack.txt: 73.Ed 74.Pp 75The default configuration file must include the entry 76.Ar all , 77which specifies the order in which lists 78are to be applied. 79Lists are constructed by name: 80blacklists are identified by the capability 81.Pf : Ar black : . 82If a list is instead given the 83.Pf : Ar white : 84capability, 85addresses in it will not be blacklisted. 86The addresses in such a list are removed from the preceding blacklist. 87.Pp 88In the above example, 89if an address was present in all three lists, 90blacklists 91.Ar nixspam 92and 93.Ar myblack , 94as well as the exceptions list 95.Ar override , 96the address would be removed from list 97.Ar nixspam 98by the subsequent 99.Ar override 100list. 101However, the address would not be removed from the 102.Ar myblack 103list. 104To remove all the addresses in 105.Ar override 106from 107.Ar myblack , 108the following configuration 109would be used instead: 110.Bd -literal -offset indent 111all:\e 112 :nixspam:override:myblack:override: 113.Ed 114.Pp 115The source of the addresses for lists is 116specified using the 117.Ar method 118and 119.Ar file 120capability entries. 121.Pp 122.Ar method 123specifies the method by which to retrieve a file containing a list of 124addresses and may be one of 125.Ar http , 126.Ar https , 127.Ar ftp , 128.Ar file , 129or 130.Ar exec . 131The 132.Ar http , 133.Ar https , 134.Ar ftp , 135and 136.Ar file 137methods will make 138.Nm 139retrieve the file from the location specified by the 140.Ar file 141capability. 142The 143.Ar exec 144method will make 145.Nm 146spawn the program with arguments indicated in the 147.Ar file 148capability for the list, and reads a list of addresses 149from the output of the program. 150.Pp 151The format of the list of addresses is expected to consist of one 152network block or address per line (optionally followed by a space and 153text that is ignored). 154Comment lines beginning with 155.Ar # 156are ignored. 157Network blocks may be specified in any of the formats as in 158the following example: 159.Bd -literal -offset indent 160# CIDR format 161192.168.20.0/24 162# A start - end range 163192.168.21.0 - 192.168.21.255 164# As a single IP address 165192.168.23.1 166.Ed 167.Pp 168Each blacklist must include a message, specified in the 169.Ar msg 170capability as a string. 171If the 172.Ar msg 173string is enclosed in double quotes, the characters in the quoted string 174are escaped as specified in 175.Xr cgetent 3 176with the exception that a colon (:) is allowed in the quoted string. 177The resulting string is used as the message. 178Alternatively, if the 179.Ar msg 180string is not specified in quotes, it is assumed to be a local filename 181from which the message text may be read. 182.Pp 183The message is configured in 184.Xr spamd 8 185to be displayed in the SMTP dialogue to any connections that match 186addresses in the blacklist. 187The sequence \e" in the message will produce a double quote in the output. 188The sequence %% will produce a single % in the output, 189and the sequence \&%A will be expanded in the message by 190.Xr spamd 8 191to display the connecting IP address in the output. 192.Sh FILES 193.Bl -tag -width "/etc/mail/spamd.conf" 194.It Pa /etc/mail/spamd.conf 195Configuration file for 196.Xr spamd-setup 8 . 197.El 198.Sh SEE ALSO 199.Xr spamd 8 , 200.Xr spamd-setup 8 201