1.\" $OpenBSD: spamd.conf.5,v 1.16 2016/06/01 21:57:03 sthen Exp $ 2.\" 3.\" Copyright (c) 2003 Jason L. Wright (jason@thought.net) 4.\" Copyright (c) 2003 Bob Beck 5.\" All rights reserved. 6.\" 7.\" Redistribution and use in source and binary forms, with or without 8.\" modification, are permitted provided that the following conditions 9.\" are met: 10.\" 1. Redistributions of source code must retain the above copyright 11.\" notice, this list of conditions and the following disclaimer. 12.\" 2. Redistributions in binary form must reproduce the above copyright 13.\" notice, this list of conditions and the following disclaimer in the 14.\" documentation and/or other materials provided with the distribution. 15.\" 16.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 17.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED 18.\" WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 19.\" DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, 20.\" INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES 21.\" (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 22.\" SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 23.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 24.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN 25.\" POSSIBILITY OF SUCH DAMAGE. 26.\" 27.Dd $Mdocdate: June 1 2016 $ 28.Dt SPAMD.CONF 5 29.Os 30.Sh NAME 31.Nm spamd.conf 32.Nd spamd configuration file 33.Sh SYNOPSIS 34.Nm /etc/mail/spamd.conf 35.Sh DESCRIPTION 36The 37.Nm 38file is read by 39.Xr spamd-setup 8 40to configure 41.Em blacklists 42for 43.Xr spamd 8 . 44Blacklists are lists of addresses of likely spammers. 45Mail from these addresses never reaches the actual mail server, 46but is instead redirected to 47.Xr spamd 8 48and tarpitted. 49.Pp 50.Nm 51follows the syntax of configuration databases as documented in 52.Xr getcap 3 . 53Here is an example: 54.Bd -literal -offset indent 55all:\e 56 :nixspam:override:myblack: 57 58nixspam:\e 59 :black:\e 60 :msg="Your address %A is in the nixspam list\n\ 61 See http://www.heise.de/ix/nixspam/dnsbl_en/ for details":\ 62 :method=http:\e 63 :file=www.openbsd.org/spamd/nixspam.gz 64 65override:\e 66 :white:\e 67 :method=file:\e 68 :file=/var/mail/override.txt: 69 70myblack:\e 71 :black:\e 72 :msg=/var/mail/myblackmsg.txt:\e 73 :method=file:\e 74 :file=/var/mail/myblack.txt: 75.Ed 76.Pp 77The default configuration file must include the entry 78.Ar all , 79which specifies the order in which lists 80are to be applied. 81Lists are constructed by name: 82blacklists are identified by the capability 83.Pf : Ar black : . 84If a list is instead given the 85.Pf : Ar white : 86capability, 87addresses in it will not be blacklisted. 88The addresses in such a list are removed from the preceding blacklist. 89.Pp 90In the above example, 91if an address was present in all three lists, 92blacklists 93.Ar nixspam 94and 95.Ar myblack , 96as well as the exceptions list 97.Ar override , 98the address would be removed from list 99.Ar nixspam 100by the subsequent 101.Ar override 102list. 103However, the address would not be removed from the 104.Ar myblack 105list. 106To remove all the addresses in 107.Ar override 108from 109.Ar myblack , 110the following configuration 111would be used instead: 112.Bd -literal -offset indent 113all:\e 114 :nixspam:override:myblack:override: 115.Ed 116.Pp 117The source of the addresses for lists is 118specified using the 119.Ar method 120and 121.Ar file 122capability entries. 123.Pp 124.Ar method 125specifies the method by which to retrieve a file containing a list of 126addresses and may be one of 127.Ar http , 128.Ar ftp , 129.Ar file , 130or 131.Ar exec . 132The 133.Ar http , 134.Ar ftp , 135and 136.Ar file 137methods will make 138.Nm 139retrieve the file from the location specified by the 140.Ar file 141capability. 142The 143.Ar exec 144method will make 145.Nm 146spawn the program with arguments indicated in the 147.Ar file 148capability for the list, and reads a list of addresses 149from the output of the program. 150.Pp 151The format of the list of addresses is expected to consist of one 152network block or address per line (optionally followed by a space and 153text that is ignored). 154Comment lines beginning with 155.Ar # 156are ignored. 157Network blocks may be specified in any of the formats as in 158the following example: 159.Bd -literal -offset indent 160# CIDR format 161192.168.20.0/24 162# A start - end range 163192.168.21.0 - 192.168.21.255 164# As a single IP address 165192.168.23.1 166.Ed 167.Pp 168Each blacklist must include a message, specified in the 169.Ar msg 170capability as a string. 171If the 172.Ar msg 173string is enclosed in double quotes, the characters in the quoted string 174are escaped as specified in 175.Xr getcap 3 176with the exception that a colon (:) is allowed in the quoted string. 177The resulting string is used as the message. 178Alternatively, if the 179.Ar msg 180string is not specified in quotes, it is assumed to be a local filename 181from which the message text may be read. 182.Pp 183The message is configured in 184.Xr spamd 8 185to be displayed in the SMTP dialogue to any connections that match 186addresses in the blacklist. 187The sequence \e" in the message will produce a double quote in the output. 188The sequence %% will produce a single % in the output, 189and the sequence \&%A will be expanded in the message by 190.Xr spamd 8 191to display the connecting IP address in the output. 192.Sh SEE ALSO 193.Xr ftp 1 , 194.Xr spamd 8 , 195.Xr spamd-setup 8 196