Using DCC in an enterprise

Vernon Schryver vjs@calcite.rhyolite.com
Fri Jan 4 03:41:53 UTC 2002


> From: "Mark Motley" <mark@motleynet.com>

> ...
> We're talking 8,000+ email users and about 6,000 Internet email
> messages per hour.  In this case, procmail is out of the question as
> Exchange is used as the email infrastructure.  DCCM can be used as
> sendmail is on the email bastion host and receives and ultimately
> sends all Internet-bound email.  Luckily my group controls the sendmail
> configs so adding libmilter & dccm is possible (and now that I've done
> it, rather easy).

> ...
> 1)  How to deal with individual whitelists in a pure sendmail/dccm
> environment, with the ability of users to modify their own.  These
> are non-technical types so it would have to be easy to do (perhaps
> Web based).

I would not be surprised if 8000 users would be unwilling to share
a single whitelist, except as a basis for bulk mail such as company
wide mailing lists.  (And those might be popular blackmarket
blacklist entries.)

That suggests using sendmail+dccm only to add X-DCC headers and hoping
that some Exchange clients can be taught to apply regular expressions
to X-DCC headers in mail that does not also match individual white-listing
regular expressions.

The trouble with common whitelists in a big organization is that many
of the popular bulk mail senders like to include a significant number
of "introductory subscriptions" or third party busybodies like to sign
up their "friends", which amount the same thing as far as the unwilling
recipients are concerned.  If you whitelist those senders, the unwilling
recipients are unhappy, and if you don't, the real subscribers are
unhappy.  In a corporate environment you can sometimes get away with
declaring that recreational mail such as "news updates" and "frequent
flyer special offers" are not allowed while big customer "newsletters"
are ok, and so  ruling on individual sources by fiat.  But only
sometimes, and never with complete support from everyone.

If there is real interest, I'll look at making the dccm whitelist
2-dimensional, and so giving each envelope-To value its own whitelist.
Please let me know if there is real interest.
And please suggest what to put in the X-DCC header when the whitelist
values for two addressees of a message disagree.


> 2)  I know I can use the -W command on dccm to whitelist recipients
> by default, at which point users would have the choice of "turning
> on" spam control.  I'm still not 100% clear on this command as the
> description is rather obtuse...  I assume the users who wanted spam
> control would be added to the whitelist as "ok2", is this correct?
> ...

The idea with `dccm -W` is that you would add the addresses of those
who want spam to be rejected or discarded by sendmail+dccm into
the dccm whitelist with counts of "OK2".  Mail for addresses
that should not be checked at all including reported to the DCC server
is listed with "OK."  Mail for unlisted targets gets an X-DCC header
but is not subject to spam rejection.

Is that less unclear?

The -W mechanism might work for the most spam-adverse among those
8000+ users provided they can accept a common whitelist of solicited
bulk mail senders.


Vernon Schryver    vjs@rhyolite.com



More information about the DCC mailing list

Contact vjs@rhyolite.com by mail or use the form.