Vernon Schryver
vjs@calcite.rhyolite.com
Thu, 11 Jul 2002 17:42:46 -0600 (MDT)
> From: Tim Wicinski <tim@meer.net> > ... > This is interesting and leads to some good questions. We have > customers who would like to run their mail through DCC filters, where > they can query a server for an answer, ala the RBL. > > We don't want to MX all the mail through our servers, if it can be > avoided for various reasons. > > It looks like customers will either need to MX thru our servers or > install DCCM and set up client IDs. Correct? I don't see the connection between that and using client-IDs, so I doubt I understand the question. To use DCC filtering, there is no alternative to feeding the mail to dccproc or dccm. To do that, dccproc or dccm must be in the path the mail takes, and that implies either routing the mail through an MX forwarder (or equivalent) that runs dccproc or dccm, or installing dccproc or dccm on a machine in the current path. Dccm is far more efficient that dccproc and clearly the best choice if you are running sendmail. Otherwise, it must be dccproc. Whether dccproc or dccm is used, and whether the mail is re-routed, I think assigning and using DCC client-IDs is a good thing. However, client-IDs don't make sense for anonymous clients. There are 100's of organizations using the public DCC servers listed in http://www.rhyolite.com/anti-spam/dcc/#operational with the anonymous client-ID of 1. Depending on the value of `dccd -u` used at each server, the anonymous clients get worse service than known clients. If the anonymous clients become a burden, the public servers can increase their -u values to discourage the anonymous clients, and especially the large outfits. A small domain receiving 1000 or fewer messages/day would probably not notice if DNS blacklist servers or DCC servers started delaying responses by a second or two, but an outfit dealing with a several 100,000 messages/day would notice. Vernon Schryver vjs@rhyolite.com