Gary Mills
mills@cc.umanitoba.ca
Sun, 22 Jan 2006 22:24:34 -0600
On Sun, Jan 22, 2006 at 08:45:00PM -0700, Vernon Schryver wrote: > > From: Gary Mills > > > Later, I noticed that an e-mail message from one of our internal > > servers had been rejected for bulkiness. This shouldn't have happened > > because the server's IP address is listed in a CIDR block in the > > server whitelist. What could have gone wrong? I'm bracing myself > > for lots of complaints tomorrow is this problem persists. Thanks for the response. I appreciate the help. We have a campus- wide calendar server that's been broken for a month because of an `upgrade'. I don't want to do it again with e-mail! > Are there permission or other problems with the server whitelist? They haven't changed from the previous version of DCC, except that I removed the `many from Hahaha <hahaha@sexyfun.net>' line from the whitecommon file because dbclean complained about it on my test server. All files are world-readable. > Was dccm using the server it should have been, as indicated by > the X-DCC header? Yes, although both dccd servers should contain the same data. > Was the IP address in the server's whitelist? You can check > by feeding a test message to `dccproc -QCi /tmp/msg -a 10.2.3.4` This doesn't show an IP= field at all, just this: X-DCC-UofM-Metrics: electra 1032; Body=0 Fuz1=0 > > We have two class B networks that need to be whitelisted. They're in > > a file called localnets.wh that's included by the whitelist file, as > > 512 /24 subnets. I thought I could work around this problem by > > including it in the whiteclnt file, but then I got: > > > > dccm[15639]: [ID 702911 mail.error] too many CIDR blocks in line 513 of localnets.wh included from whiteclnt > > > > The limit seems to be 64. I hope that limit doesn't apply to the > > server whitelist? Can I whitelist those two networks using larger > > CIDR blocks? > > You can have as many /16 or smaller blocks as you want in server whitelist. > CIDR blocks in client whitelists can be as large as you want, but there > can be only 64. Ah, I see. > It would probably be best to whitelist your two class-B networks with > two lines in your client whitelists. Yes, I've just done that. That should work nicely. Thanks. -- -Gary Mills- -Unix Support- -U of M Academic Computing and Networking-