Vernon Schryver
vjs@calcite.rhyolite.com
Wed, 16 Jan 2002 23:41:27 -0700 (MST)
> From: "Mark Motley" <mark@motleynet.com>
> ...
> Yep, "many message_id <>" is in the whitecommon file. There was no
> X-DCC header in the log, the only thing I removed from the log was the
> message body.
oh, yes, the Env_To whitelisting is supposed to keep dccm from asking
the DCC server about the message, and so there shouldn't have been
an X-DCC header.
> ... I had it set this way before but changed it in
> prep for spam traps.
I figure spam traps should discard their catches, but I also
figure that spam traps should never get any legitimate mail.
Report-and-discard spam traps need to be able to work on a system
that accepts or bounces mail addressed to real addresses.
Two convenient ways to rig spam traps are:
- sendmail access_db entries with messages that start with "DCC: DISCARD"
and a sendmail.cf that has been modified by the script misc/hackmc
An explicit example is in http://www.rhyolite.com/anti-spam/dict-attack.html
and the files that page points to.
- /etc/mail/aliases entries for trap addresses of the form:
trapaddr1: dccproc
trapaddr2: dccproc
trapaddr3: dccproc
...
dccproc: "| /usr/local/bin/dccproc -t many -R"
I actually use this to get log files:
dccproc: "| /usr/local/bin/dccproc-alias"
where /usr/local/bin/dccproc-alias is approximately:
#! /bin/sh
LOG0=`date "+/var/dcc/log/msg.$$-%s"`
LOG=$LOG
while test -f $LOG; do
CNT=`expr 0$CNT + 1`
LOG=$LOG0.$CNT
done
/usr/local/bin/dccproc -t many -R -o $LOG
Maybe I should teach dccproc about log files.
Vernon Schryver vjs@rhyolite.com