More headers for whitelisting?

Vernon Schryver vjs@calcite.rhyolite.com
Mon Jul 16 16:56:00 UTC 2001


> From: "Brian J. Murrell" <dcc-list@interlinx.bc.ca>

> ...
> > as the header From value.  Personally, I'd not whitelist except on
> > values that are unlikely to be forged, including the envelope Rcpt_To
> > value and the IP address of the SMTP client.
>
> Indeed, and I agree.  But in dccproc (which is less than optimal
> itself) those are not available. ...

Generally, where dccproc is used, the Rcpt_to can be available, such
as in the value of the $USER environment variable or the -d value
given to procmail.

> ...
> I don't think I was thinking about checksumming them, just using them
> to tell dccproc not to checksum/database file/lookup the e-mail. ...

For speed, the client-side whitelisting uses much the same checksumming
mechanism.  Dccproc generates checksums and then looks them up 
in a local or private hash table.  Based on those results it passes
the message (when white-listed) or talks to the DCC server (when
not listed or locally blacklisted).


Vernon Schryver    vjs@rhyolite.com



More information about the DCC mailing list

Contact vjs@rhyolite.com by mail or use the form.