Chris Gleba
chris@soma.978.org
Fri Nov 8 22:49:44 UTC 2002
Mr, Schryver,
Thank you very much for your reply as well as your help. I combed
through my configuration files taking your comments into consideration
however the problem still persists; if dcc servers can not be contacted
mail is rejected. I busted out my big sendmail book (I have to admit
that I am not a sendmail guru -- .mc files I understand, .cf I still
don't quite completely comprehend) and I could not quite figure out what
is going on. Below is some info from log files as well as answers to
your questions:
On Fri, 2002-11-01 at 00:19, Vernon Schryver wrote:
> > From: Chris Gleba <chris@soma.978.org>
>
> > ...
> > I am using dccm [with sendmail -- just the client -- VERY small site]
> > and it seems that if dccm can not contact any of the dcc servers
> > that it defaults to "REJECT". This had some very nasty repercussions
> > when I had some DNS issues earlier today. . . .
> >
> > Is there any CLI option, #define or sendmail macro where I can easily
> > tell dccm to default to "ACCEPT" when it can not contact the dcc
> > servers?
>
> Are you sure you are not also using some other sendmail Milter filter
> such as one of the SpamAssassin milter interfaces?
No -- just the plain dcc milter interface using the dccdnsbl macro.
> However, if you use misc/hackmc to tell sendmail to report relay
> attempts to the DCC server as spam, then sendmail is told to reject
> mail if the DCC fails so that the system does act as an open relay.
I'm not using hackmc either -- this has me stumped. . .
First, here is my .mc file that I use to generate sendmail.cf -- a few
values are changed for security reasons and are noted by "REMOVED":
include(`../m4/cf.m4')dnl
define(`confDEF_USER_ID',``mail:mail'')dnl
OSTYPE(`linux')dnl
undefine(`UUCP_RELAY')dnl
undefine(`BITNET_RELAY')dnl
define(`confALIAS_WAIT', `30')dnl
define(`confTO_CONNECT', `1m')dnl
define(`confMATCH_GECOS', true)dnl
define(`confDOMAIN_NAME', `REMOVED')dnl
define(`confTRY_NULL_MX_LIST',true)dnl
define(`confDONT_PROBE_INTERFACES',true)dnl
define(`PROCMAIL_MAILER_PATH',`/usr/bin/procmail')dnl
MASQUERADE_AS(`REMOVED')dnl
MASQUERADE_DOMAIN(`REMOVED')dnl
FEATURE(`masquerade_envelope')dnl
FEATURE(`allmasquerade')dnl
FEATURE(`masquerade_entire_domain')dnl
FEATURE(`smrsh',`/usr/sbin/smrsh')dnl
FEATURE(mailertable)dnl
FEATURE(`virtusertable',`hash -o /etc/mail/virtusertable')dnl
FEATURE(genericstable)dnl
FEATURE(always_add_domain)dnl
FEATURE(redirect)dnl
FEATURE(use_cw_file)dnl
FEATURE(local_procmail)dnl
FEATURE(`access_db')dnl
FEATURE(`blacklist_recipients')dnl
FEATURE(`relay_based_on_MX')dnl
FEATURE(dccdnsbl, `relays.ordb.org', `"Mail from " $`'&{client_addr}
"reject to DCC - see http://www.ordb.org/faq/"')
FEATURE(`delay_checks')dnl
FEATURE(`stickyhost')dnl
define(`confPRIVACY_FLAGS',`goaway,restrictqrun,restrictmailq')dnl
dnl define(`confSMTP_LOGIN_MSG', `$j server ready at $b')dnl
MAILER(smtp)dnl
MAILER(procmail)dnl
To test whether mail gets rejected when dcc servers could not be
contacted I created a phony domain in my name server for
dcc.dcc-servers.net:
zone "dcc-servers.net" {
type master;
notify no;
file "pz/test";
};
Tested it with nslookup as well as cdcc and it worked --
dcc.dcc-servers.net could not be resolved while everything else resolved
fine.
Then I sent a mail to myself from hotmail -- maillog said as follows:
Nov 8 16:59:41 harp sendmail[23202]: gA8LxekZ023202:
from=<cgleba@hotmail.com>, size=750, class=0, nrcpts=1, msgid=<F23
eyyfIIhs6hdn1KVH00000519@hotmail.com>, proto=ESMTP, daemon=MTA,
relay=[209.185.241.23]
Nov 8 16:59:41 harp sendmail[23202]: gA8LxekZ023202: Milter: data,
reject=550 5.7.1 Mail from 209.185.241.23 reject to
DCC - see http://www.ordb.org/faq/
and /var/dcc/log had the following entry:
VERSION: 3
DATE: 11/08/02 16:59:40 EST
IP: [209.185.241.23] ::ffff:209.185.241.23
HELO: hotmail.com
env_From: <cgleba@hotmail.com> mail_host=hotmail.com.
env_To: <cgleba@soma.978.org> addr=cgleba dir=userdirs/local/cgleba
Received: from mail pickup service by hotmail.com with Microsoft
SMTPSVC;
Fri, 8 Nov 2002 13:59:35 -0800
Received: from 24.147.25.222 by lw3fd.law3.hotmail.msn.com with HTTP;
Fri, 08 Nov 2002 21:59:35 GMT
X-Originating-IP: [24.147.25.222]
From: "Christopher Gleba" <cgleba@hotmail.com>
To: cgleba@soma.978.org
Bcc:
Subject: test2
Date: Fri, 08 Nov 2002 21:59:35 +0000
Mime-Version: 1.0
Content-Type: text/plain; format=flowed
Message-ID: <F23eyyfIIhs6hdn1KVH00000519@hotmail.com>
X-OriginalArrivalTime: 08 Nov 2002 21:59:35.0575 (UTC)
FILETIME=[202EBA70:01C28772]
test2
_________________________________________________________________
Help STOP SPAM with the new MSN 8 and get 2 months FREE*
http://join.msn.com/?page=features/junkmail
### end of message body ########################
sendmail.cf-->{dcc_isspam}: "Mail from 209.185.241.23 reject to DCC -
see http://www.ordb.org/faq/"
X-DCC-wanadoo-be-Metrics: harp 1016; bulk Body=many Fuz1=many Fuz2=many
checksum
IP: 7fb8d660 66325464 27d9b297
57d13f76
env_From: 22eac2e6 1d9e31f1 492151ba
4279f08f
From: 1c53f8a5 c4da7766 d697be1c
75b7e47c
substitute mail_host: f77684a4 b02ce0de 0cb79348
7fbf33a1
Message-ID: 039bde14 9c478499 3943a9aa
a5dac0e5
Received: 27b77a5a 89ceebcc 4964cb0f
4e783362
Body: 6d3b6bed 1bfce1b9 9c5aca25
207f8c6a
Fuz1: 93457975 eb3e963b a1cfb004
925dfa38
Fuz2: ba2596b1 77c37832 bfac8a2e 4f9d4033
rejection message: 550 5.7.1 Mail from 209.185.241.23 reject to DCC -
see http://www.ordb.org/faq/
result: reject
then I turned off my fake dcc-servers.net domain and the next test from
hotmail came through fine.
There is probably something plainly obvious that I am missing and if it
is a stupid question I apologize. Again, your help is appreciated!
Thanks,
-- Chris
_________________________________
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
_/ _/ _/
_/ _/ ||||
_/ _/_/_/ _/_/ _/ _/_/ c ..
_/ _/ _/ _/ _/ _/ \ >
_/ _/ _/ _/ _/ _/_/ \_-
==>chris@soma.978.org<==
_________________________________
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
More information about the DCC
mailing list
