On May 26, 2019, at 04:41, Mik J <mikydevel@yahoo.fr> wrote:
>
> Hello,
>
> I'm coming back on this topic. I added the -K option
> # /usr/libexec/spamd -v -s 5 -S 5 -w 1 -G5:24:2400 -l 127.0.0.1 -h myhost.mydomain.org -y vmx0 -Y myhost2.mydomain.org -K /etc/mail/spamd.key -n ABCD
> # spamd: need key and certificate for TLS
>
> So it seems it expects some kind of certificat/privatekey rather than a key
>
> Does anyone uses the -K option successfully ?
Yes. :-). Looks like you forgot the '-C /etc/ssl/<whatever>.crt' option. Granted, this is on 6.3.
My full args are:
-h <myhost> -v -G 2:4:864 -y vio0 -Y <myotherhost> -K /etc/ssl/private/<myhost>.key -C /etc/ssl/<myhost>.crt
Works fine.
Sean
> So far I didn't manage to make the synchro to work. udp packets on port 8025 are not dropped.
> However spamd doesn't seem to send any 8025/udp packet at all.
>
> Regards
>
> Le mardi 23 avril 2019 à 02:57:31 UTC+2, Rudy Baker <rizzz2pro@gmail.com> a écrit :
>
> On Mon, Apr 22, 2019, 10:43 AM Thuban, <thuban@yeuxdelibad.net> wrote:
>
>> * Otto Moerbeek <otto@drijf.net> le [21-04-2019 12:49:07 +0200]:
>>> On Sun, Apr 21, 2019 at 09:53:52AM +0000, Mik J wrote:
>>>
>>>> Hello,
>>>> I read the man but it's not so clear to me
>>>> https://man.openbsd.org/spamd#SYNCHRONISATION
>>>> a) I chose unicast synchronisation but I don't know which port should
>> I open on the firewall ?
>>>> Is it going to use the spamd-cfg service ?
>>>
>>> It will use spamd-sync (udp port 8025)
>>
>> Good to know, I was blocking this traffic. It might be interesting to
>> add a word about this in the manpage, what do you think?
>>
>
> tcpdump -nettti pflog0
>
> That command tells you if anything is being blocked. I normally start
> there. You would have seen port 8025 being blocked right away
>
>>
>>
>
No comments:
Post a Comment