SpamD v4.3.7 on 1.2.1-RC1

cheesyboofs · Aug 29, 2008, 4:24 PM

1.2.1-RC1 - built on Sun Aug 17 23:30:22 EDT 2008

Why is SpamD whitelisting everything?
Why don't the buttons on the right work - they just wobble and nothing happens even after a browser refresh?
What does "spamd[57176]: /sbin/pfctl returned status 1" mean?
Why do I get my mails straight away, they aren't slowed a bit?

Cheers

cheesyboofs · Aug 20, 2008, 12:46 PM

I have read this thread to death:
http://forum.pfsense.org/index.php/topic,8952.75.html

I'm not sure is 1.2.1 has broke spamd but I am seeing all the problem reported prior to spamd becoming stable.

the jiggly buttons do NOT work even if browser refresh with F5 under firefox or IE7 and at the moment everything is being white listed? my understanding is that everything should be greyed and I am supposed to use the jiggly button to add it to the white list.

# cat /usr/local/etc/rc.d/spamd.sh
#!/bin/sh
# This file was automatically generated
# by the pfSense service handler.

rc_start() {
        /sbin/mount_fdescfs fdescfs /dev/fd
/usr/local/sbin/spamd-setup -d &
/sbin/pflogd &
/usr/local/libexec/spamd  -G 25:4:864 -n "pfsense" -c 800 -B 700 -w 1 127.0.0.1 &
/usr/local/libexec/spamlogd

}

rc_stop() {
        /usr/bin/killall spamd-setup
/usr/bin/killall spamlogd
/usr/bin/killall spamd
/usr/bin/killall pflogd
sleep 2
}

case $1 in
        start)
                rc_start
                ;;
        stop)
                rc_stop
                ;;
        restart)
                rc_stop
                rc_start
                ;;
esac

# /usr/local/etc/rc.d/spamd.sh start
/usr/local/etc/rc.d/spamd.sh: /sbin/mount_fdescfs: not found
spamd: whitelist whitelist 0 entries
blacklist blacklist 0 entries
bind: Address already in use

# /usr/local/etc/rc.d/spamd.sh start
/usr/local/etc/rc.d/spamd.sh: /sbin/mount_fdescfs: not found
whitelist whitelist 0 entries
blacklist blacklist 0 entries
# pfctl: /dev/fd/7: No such file or directory

sullrich · Aug 20, 2008, 3:42 PM

Please try the package on 1.3. I just spoke with Gary and he said that SpamD is working correctly (he helped finance the bounty to get it fixed).

cheesyboofs · Aug 20, 2008, 4:18 PM

ok! not quite the response I was thinking but yeh I have a pile of MicroVaults and Microdrives accumulating guess it won't take me long to cobble something together. Is this to prove that it is a 1.2.1 related problem and not the package its self?

sullrich · Aug 20, 2008, 4:38 PM

It apparently works in 1.3.

cheesyboofs · Aug 20, 2008, 6:48 PM

It apparently works in 1.3.

God knows how?

Can't try vanilla install of 1.3 as I don't have a spare CD-R at the moment but I fear it will be the same!

Upgrade from 1.2.1 TO-> 1.3-ALPHA-ALPHA built on Wed Aug 20 11:21:04 EDT 2008 FreeBSD 7.0-RELEASE-p3

# /usr/local/etc/rc.d/spamd.sh start
/usr/local/etc/rc.d/spamd.sh: /sbin/mount_fdescfs: not found
whitelist whitelist 0 entries
blacklist blacklist 0 entries
spamd: spamlogd: Can't find service "spamd-sync" in /etc/servicesCan't find service "spamd-sync" in /etc/services

cheesyboofs · Aug 22, 2008, 8:30 AM

Does the pfSense spamd package support multi WAN? i.e. If my mail comes in and goes out of my opt interface should it still work?

sullrich · Aug 23, 2008, 1:32 AM

Fixed the /etc/services issues.

I would think that spamd should be able to accept mail on all interfaces, IIRC. It listens on ..

cheesyboofs · Aug 27, 2008, 8:46 PM

fresh install from ISO 1.2.1-RC1 built on Wed Aug 13 04:23:51 EDT 2008 + spamd 4.3.7

Just not doing anything for me, mails arn't even slowed!

/usr/local/etc/rc.d/spamd.sh start

/usr/local/etc/rc.d/spamd.sh: /sbin/mount_fdescfs: not found
spamd: whitelist whitelist 0 entries
blacklist blacklist 0 entries
Getting http://www.openbsd.org/spamd/traplist.gz
bind: Address already in use

blacklist UofATraplist 38691 entries

/usr/local/etc/rc.d/spamd.sh restart

No matching processes were found
killall: warning: kill -TERM 21771: No such process
killall: warning: kill -TERM 21769: No such process
/usr/local/etc/rc.d/spamd.sh: /sbin/mount_fdescfs: not found
whitelist whitelist 0 entries
blacklist blacklist 0 entries
Getting http://www.openbsd.org/spamd/traplist.gz

pfctl: /dev/fd/7: No such file or directory

blacklist UofATraplist 38691 entries

Why does it say, Address already in use?
Why does it say, /sbin/mount_fdescfs: not found?

UPDATE to: 1.2.1-RC1 built on Mon Aug 25 07:40:58 EDT 2008

Executing custom_php_resync_config_command()…done.
Writing configuration... done.
Starting service.

All packages reinstalled.

/usr/local/etc/rc.d/spamd.sh restart

No matching processes were found
killall: warning: kill -TERM 3829: No such process
killall: warning: kill -TERM 3826: No such process
/usr/local/etc/rc.d/spamd.sh: /sbin/mount_fdescfs: not found
whitelist whitelist 0 entries
blacklist blacklist 0 entries
Getting http://www.openbsd.org/spamd/traplist.gz

pfctl: /dev/fd/7: No such file or directory

blacklist UofATraplist 38374 entries

Guest · Aug 28, 2008, 8:36 PM

SpamD is working fine for us in production on a single-WAN setup. We have not tested with multi-WAN, but for single-WAN it works very well, except for the RRD graphs not being updated.

wallabybob · Aug 28, 2008, 9:29 PM

@cheesyboofs:

Why does it say, Address already in use?

Something else is already listening on the port (smtp port?) spamd uses?

cheesyboofs · Aug 29, 2008, 11:20 AM

My understanding is that spamd listens on 127.0.0.1 and then forwards on to my mail server (ip)

rc_start() {
/sbin/mount_fdescfs fdescfs /dev/fd
/usr/local/sbin/spamd-setup -d &
/sbin/pflogd &
/usr/local/libexec/spamd -G 25:4:864 -n "pfsense" -c 800 -B 700 -w 1 127.0.0.1 &
/usr/local/libexec/spamlogd

}

I still have my NAT and firewall rule in place for port 25, should this be removed once spamd is installed? or should I change it so that port 25 is routed to 127.0.0.1 (pfsense) instead and then let spamd forward it on to exchange?

nocer · Aug 29, 2008, 12:23 PM

Hi.

My spamd runs fine on 1.3(I know nothing about 1.2.1, sorry) box, only difference is the port#, I use 8025 instead. I've configured "spamd -g" runs at localhost:8025. The following is my quick/dirty but works fine pf rules;

–-
table <spamd>persist
table <spamd-white>persist
no rdr on { lo0, lo1 } from any to any
rdr pass inet proto tcp from <spamd>to any port smtp -> 127.0.0.1 port 8025
rdr pass inet proto tcp from ! <spamd-white>os {"Windows 2000", "Windows XP"} to any port smtp -> 127.0.0.1 port 8025

It look like you're getting "fdescfs" nags because there's no "mount_fdescfs" command exists in /sbin, but spamd requires /dev/fd for updating its white-list. Copy mount_fdescfs from other FreeBSD or use /boot/kernel/fdescfs.ko instead. Add the following line in your fstab; fdescfs /dev/fd fdescfs rw 0 0

This is only my environment and may not fit yours but really hope this helps.</spamd-white></spamd></spamd-white></spamd>

cheesyboofs · Aug 29, 2008, 4:24 PM

I think I have figured it out and now have it working I think!

I removed my WAN -> LAN NAT entry and changed my port 25 rule and now I'm getting mails graylisted as I should.

Just look at how many I got in the first 40 seconds of the service being up and running and you will see why I was so keen to get it working.

@ Sullrich - might be an idea to have a prompt on the spamd config page to mention removing existing NAT entries.

@ MOD's please move to the packages section of the forum as this issue was clearly not related to 1.2.1, many thanks to all.

cheesyboofs · Aug 29, 2008, 3:11 PM

I think I'm nearly there, I am now correctly getting white list entries for known good servers but I'm still not getting the mails?
I can see them coming in via the logs on the firewall but I don't think they are getting sent on to exchange.

Apart from the NextMTA: 192.168.100.5 is there anything else I need to tweak? NAT maybe?

Help!

EDIT: @ sullrich I think nocer has something

but spamd requires /dev/fd for updating its white-list.

as none of the whitlist entries blow have been copied to /var/db/whitelist.txt. So I have used the white list tab to add some (not the silly button) and this updated /var/db/whitelist.txt still not getting any mails though.

nocer · Aug 30, 2008, 2:04 AM

@cheesyboofs:

EDIT: @ sullrich I think nocer has something

but spamd requires /dev/fd for updating its white-list.

as none of the whitlist entries blow have been copied to /var/db/whitelist.txt. So I have used the white list tab to add some (not the silly button) and this updated /var/db/whitelist.txt still not getting any mails though.

Hello, I'm not able to address your MTA issue but may /dev/fd or grey listing/white listing.

Well, while back ago I happend to see the following message every few minutes when struggling with spamd running;

–-
pfctl: /dev/fd/7: No such file or direcotry.

Then I realized that spamd uses pfctl to update its white-list table because looking thru the grey.c I found the following;

static char *pargv[11]= {
"pfctl", "-p", "/dev/pf", "-q", "-t",
"spamd-white", "-T", "replace", "-f" "-", NULL
};
–-

and it also does;

if (asprintf(&fdpath, "/dev/fd/%d", pfdev) == -1)
return(-1);
pargv[2] = fdpath;
–-

Basicall pfdev opens /dev/pf which is the file descriptor required. So I checked my /dev/fd and found so sad,

$ ls -l /dev/fd
total 0
crw-rw-rw- 1 root wheel 0, 18 Mar 4 23:14 0
crw-rw-rw- 1 root wheel 0, 20 Mar 4 23:14 1
crw-rw-rw- 1 root wheel 0, 22 Mar 4 23:14 2

There were only three of them, but as the error messages said pf needed 7 at least so I check another machine which ran OpenBSD, it had 65(0-64) of them there. So I did;

$ sudo mount_fdescfs fdescfs /dev/fd

which forced the kernel to make descriptors as needed and added the following into fstab;

fdescfs /dev/fd fdescfs rw 0 0

That's pretty much for now.

@ Sullrich
Would it be possible to add /sbin/mount_fdescfs at leaset because it is called in rc and modify fstab at the startup if there's spamd configured?

cheesyboofs · Aug 31, 2008, 11:30 AM

Thanks nocer,

Still not quite there yet!

sudo mount_fdescfs fdescfs /dev/fd

sudo: Command not found.

So;

vi /etc/fstab

Device Mountpoint FStype Options Dump Pass#

/dev/ad0s1a / ufs rw 1 1
/dev/ad0s1b none swap sw 0 0
fdescfs /dev/fd fdescfs rw 0 0
~

:wq!

mount -a

mount

/dev/ad0s1a on / (ufs, local)
devfs on /dev (devfs, local)
/dev/md0 on /var/run (ufs, local)
devfs on /var/dhcpd/dev (devfs, local)
fdescfs on /dev/fd (fdescfs)

ls -l /dev/fd

total 16
crw–w---- 1 root tty 0, 113 Aug 31 12:07 0
crw--w---- 1 root tty 0, 113 Aug 31 12:07 1
crw--w---- 1 root tty 0, 113 Aug 31 12:07 2
d-w------- 1 root wheel 512 Aug 20 18:37 3
d--------- 1 root wheel 512 Aug 29 17:06 4

/usr/local/etc/rc.d/spamd.sh restart

No matching processes were found
killall: warning: kill -TERM 96371: No such process
killall: warning: kill -TERM 96369: No such process
/usr/local/etc/rc.d/spamd.sh: /sbin/mount_fdescfs: not found
whitelist whitelist 0 entries
blacklist blacklist 0 entries

ls -l /sbin

total 2614
-r-xr-xr-x 1 root wheel 7364 Aug 13 04:51 adjkerntz
-r-xr-xr-x 1 root wheel 13664 Aug 13 04:51 atacontrol
-r-xr-xr-x 1 root wheel 819 Nov 16 2005 athctrl.sh
-r-xr-xr-x 1 root wheel 28636 Aug 13 04:51 bsdlabel
-r-xr-xr-x 1 root wheel 6096 Aug 13 04:51 conscontrol
-r-xr-xr-x 1 root wheel 342500 Aug 13 05:23 devd
-r-xr-xr-x 1 root wheel 10992 Aug 13 04:51 devfs
-r-xr-xr-x 1 root wheel 74456 Aug 13 04:51 dhclient
-r-xr-xr-x 1 root wheel 8876 Jul 2 2007 dhclient-script
-r-xr-xr-x 1 root wheel 28636 Aug 13 04:51 disklabel
-r-xr-xr-x 1 root wheel 6048 Aug 13 04:51 dmesg
-r-xr-xr-x 1 root wheel 47788 Aug 13 04:51 dump
-r-xr-xr-x 1 root wheel 11516 Aug 13 04:51 dumpfs
-r-xr-xr-x 1 root wheel 4676 Aug 13 04:51 dumpon
-r-xr-xr-x 1 root wheel 6848 Aug 13 04:51 fastboot
-r-xr-xr-x 1 root wheel 6848 Aug 13 04:51 fasthalt
-r-xr-xr-x 1 root wheel 23796 Aug 13 04:51 fdisk
-r-xr-xr-x 1 root wheel 14556 Aug 13 04:51 fsck
-r-xr-xr-x 1 root wheel 87016 Aug 13 04:51 fsck_4.2bsd
-r-xr-xr-x 1 root wheel 87016 Aug 13 04:51 fsck_ffs
-r-xr-xr-x 1 root wheel 27944 Aug 13 04:51 fsck_msdosfs
-r-xr-xr-x 1 root wheel 87016 Aug 13 04:51 fsck_ufs
-r-xr-xr-x 1 root wheel 20276 Aug 13 04:51 gcache
-r-xr-xr-x 1 root wheel 20276 Aug 13 04:51 gjournal
-r-xr-xr-x 1 root wheel 20276 Aug 13 04:51 glabel
-r-xr-xr-x 1 root wheel 20276 Aug 13 04:51 gmirror
-r-xr-xr-x 1 root wheel 20276 Aug 13 04:51 gmultipath
-r-xr-xr-x 1 root wheel 20276 Aug 13 04:51 gpart
-r-xr-xr-x 1 root wheel 39120 Aug 13 04:51 growfs
-r-xr-xr-x 1 root wheel 20276 Aug 13 04:51 gvirstor
-r-xr-xr-x 1 root wheel 6848 Aug 13 04:51 halt
-r-xr-xr-x 1 root wheel 6904 Aug 13 04:51 idmapd
-r-xr-xr-x 1 root wheel 87856 Aug 13 04:51 ifconfig
-r-xr-xr-x 1 root wheel 434100 Aug 13 04:51 init
-r-xr-xr-x 1 root wheel 76988 Aug 13 04:51 ipfw
-r-xr-xr-x 1 root wheel 26552 Aug 13 04:51 iscontrol
-r-xr-xr-x 1 root wheel 7272 Aug 13 04:51 kldconfig
-r-xr-xr-x 1 root wheel 3756 Aug 13 04:51 kldload
-r-xr-xr-x 1 root wheel 5312 Aug 13 04:51 kldstat
-r-xr-xr-x 1 root wheel 4412 Aug 13 04:51 kldunload
-r-xr-xr-x 1 root wheel 18476 Aug 13 04:51 ldconfig
-r-xr-xr-x 1 root wheel 9668 Aug 13 04:51 md5
-r-xr-xr-x 1 root wheel 10300 Aug 13 04:51 mdconfig
-r-xr-xr-x 1 root wheel 14284 Aug 13 04:51 mdmfs
-r-xr-xr-x 1 root wheel 4816 Aug 13 04:51 mknod
-r-xr-xr-x 1 root wheel 17036 Aug 13 04:51 mount
-r-xr-xr-x 1 root wheel 8812 Aug 13 04:51 mount_cd9660
-r-xr-xr-x 1 root wheel 14284 Aug 13 04:51 mount_mfs
-r-xr-xr-x 1 root wheel 10192 Aug 13 04:51 mount_msdosfs
-r-xr-xr-x 1 root wheel 6564 Aug 13 04:51 mount_nullfs
-r-xr-xr-x 1 root wheel 7124 Aug 13 04:51 mount_unionfs
-r-xr-xr-x 1 root wheel 29104 Aug 13 04:51 newfs
-r-xr-xr-x 1 root wheel 20024 Aug 13 04:51 newfs_msdos
lr-xr-xr-x 1 root wheel 17 Aug 20 18:28 nologin -> /usr/sbin/nologin
-r-xr-xr-x 1 root wheel 205672 Aug 13 04:51 pfctl
-r-xr-xr-x 1 root wheel 18772 Aug 13 04:51 pflogd
-r-xr-xr-x 1 root wheel 23872 Aug 13 04:51 ping
-r-xr-xr-x 1 root wheel 31196 Aug 13 04:51 ping6
-r-xr-xr-x 1 root wheel 6848 Aug 13 04:51 reboot
-r-xr-xr-x 1 root wheel 7812 Aug 13 04:51 recoverdisk
-r-xr-xr-x 1 root wheel 9668 Aug 13 04:51 rmd160
-r-xr-xr-x 1 root wheel 23644 Aug 13 04:51 route
-r-xr-xr-x 1 root wheel 85808 Aug 13 04:51 routed
-r-xr-xr-x 1 root wheel 14456 Aug 13 04:51 rtquery
-r-xr-xr-x 1 root wheel 22676 Aug 13 04:51 rtsol
-r-xr-xr-x 1 root wheel 58056 Aug 13 04:51 setkey
-r-xr-xr-x 1 root wheel 9668 Aug 13 04:51 sha1
-r-xr-xr-x 1 root wheel 9668 Aug 13 04:51 sha256
-r-xr-xr-x 1 root wheel 10700 Aug 13 04:51 shutdown
-r-xr-xr-x 1 root wheel 7472 Aug 13 04:51 swapctl
-r-xr-xr-x 1 root wheel 7472 Aug 13 04:51 swapoff
-r-xr-xr-x 1 root wheel 7472 Aug 13 04:51 swapon
-r-xr-xr-x 1 root wheel 14204 Aug 13 04:51 sysctl
-r-xr-xr-x 1 root wheel 10500 Aug 13 04:51 tunefs
-r-xr-xr-x 1 root wheel 14476 Aug 13 04:51 umount

@ Submicron, I am genuinely please yours is working for you but that doesn't change the fact that mine is not from a fresh install! It does not change the fact that there seems to be missing files IMHO.
Is it possible that yours is working because you have upgraded from 1.1 or 1.2 or have another app installed and that is why you have the missing files?

Regards to all.

nocer · Aug 31, 2008, 12:48 PM

@cheesyboofs:

sudo mount_fdescfs fdescfs /dev/fd

sudo: Command not found.

Ooops, command not exist so you need to copy from another FreeBSD machine. However,

vi /etc/fstab

Device Mountpoint FStype Options Dump Pass#

/dev/ad0s1a / ufs rw 1 1
/dev/ad0s1b none swap sw 0 0
fdescfs /dev/fd fdescfs rw 0 0
~

:wq!

is quite a way of workaround(this forces to load fdescfs.ko which is a heart of mount_fdescfs command), as I said in previous post.
Now you're not seeing fd related errors at least and can ignore "/usr/local/etc/rc.d/spamd.sh: /sbin/mount_fdescfs: not found" message.

cheers,

cheesyboofs · Aug 31, 2008, 1:07 PM

Its still not playing ball and its quite frustrating because I have traphic shaping, openvpn and load-balancing working so this should be a walk in the park.

I fired up an old 6.2 VM (1.2-Release) and sure enough there are extra files, missing in 7 (1.2.1-BETA) So I copied over mount_fdescfs from 6.2 to 7,

But now I get another file missing!

/usr/local/etc/rc.d/spamd.sh restart

No matching processes were found
killall: warning: kill -TERM 25083: No such process
/libexec/ld-elf.so.1: Shared object "libc.so.6" not found, required by "mount_fdescfs"
whitelist whitelist 0 entries
blacklist blacklist 0 entries

What a right pain in the arse :-\

cheesyboofs · Aug 31, 2008, 1:45 PM

ls /lib

geom libc.so.6 libmd.so.4
libalias.so.6 libc.so.7 libncurses.so.7
libalias_cuseeme.so libcam.so.4 libncursesw.so.7
libalias_dummy.so libcrypt.so.4 libpcap.so.5
libalias_ftp.so libcrypto.so.5 libreadline.so.7
libalias_irc.so libdevstat.so.6 libsbuf.so.4
libalias_nbt.so libedit.so.6 libssp.so.0
libalias_pptp.so libgcc_s.so.1 libthr.so.3
libalias_skinny.so libgeom.so.4 libufs.so.4
libalias_smedia.so libipsec.so.3 libutil.so.7
libbegemot.so.3 libkiconv.so.3 libz.so.4
libbsdxml.so.3 libkvm.so.4
libbsnmp.so.4 libm.so.5

cat /etc/fstab

Device Mountpoint FStype Options Dump Pass#

/dev/ad0s1a / ufs rw 1 1
/dev/ad0s1b none swap sw 0 0
fdescfs /dev/fd fdescfs rw 0 0

/usr/local/etc/rc.d/spamd.sh restart

No matching processes were found
killall: warning: kill -TERM 29643: No such process
killall: warning: kill -TERM 29641: No such process
whitelist whitelist 0 entries
blacklist blacklist 0 entries

I have now copied over libc.so.6 from 1.2-Release and now I get no errors but I'm also not getting any hits in my Spamd Database and no mails to exchange. I am getting hits on the firewall rule. please check my settings to confirm I'm not missing anything obvious.

I have no NAT set up for port 25 because I'm asuming Spamd does that

As you can see I have six mails coming in but none in the spamd database.

SpamD v4.3.7 on 1.2.1-RC1

/usr/local/etc/rc.d/spamd.sh start

blacklist UofATraplist 38691 entries

/usr/local/etc/rc.d/spamd.sh restart

pfctl: /dev/fd/7: No such file or directory

/usr/local/etc/rc.d/spamd.sh restart

pfctl: /dev/fd/7: No such file or directory

–- table <spamd>persist table <spamd-white>persist no rdr on { lo0, lo1 } from any to any rdr pass inet proto tcp from <spamd>to any port smtp -> 127.0.0.1 port 8025 rdr pass inet proto tcp from ! <spamd-white>os {"Windows 2000", "Windows XP"} to any port smtp -> 127.0.0.1 port 8025

–- pfctl: /dev/fd/7: No such file or direcotry.

$ ls -l /dev/fd total 0 crw-rw-rw- 1 root wheel 0, 18 Mar 4 23:14 0 crw-rw-rw- 1 root wheel 0, 20 Mar 4 23:14 1 crw-rw-rw- 1 root wheel 0, 22 Mar 4 23:14 2

$ sudo mount_fdescfs fdescfs /dev/fd

fdescfs /dev/fd fdescfs rw 0 0

sudo mount_fdescfs fdescfs /dev/fd

vi /etc/fstab

Device Mountpoint FStype Options Dump Pass#

mount -a

mount

ls -l /dev/fd

/usr/local/etc/rc.d/spamd.sh restart

ls -l /sbin

sudo mount_fdescfs fdescfs /dev/fd

vi /etc/fstab

Device Mountpoint FStype Options Dump Pass#

/usr/local/etc/rc.d/spamd.sh restart

ls /lib

cat /etc/fstab

Device Mountpoint FStype Options Dump Pass#

/usr/local/etc/rc.d/spamd.sh restart

–-
table <spamd>persist
table <spamd-white>persist
no rdr on { lo0, lo1 } from any to any
rdr pass inet proto tcp from <spamd>to any port smtp -> 127.0.0.1 port 8025
rdr pass inet proto tcp from ! <spamd-white>os {"Windows 2000", "Windows XP"} to any port smtp -> 127.0.0.1 port 8025

–-
pfctl: /dev/fd/7: No such file or direcotry.

$ ls -l /dev/fd
total 0
crw-rw-rw- 1 root wheel 0, 18 Mar 4 23:14 0
crw-rw-rw- 1 root wheel 0, 20 Mar 4 23:14 1
crw-rw-rw- 1 root wheel 0, 22 Mar 4 23:14 2