Body Checksum Calculation

Vernon Schryver vjs@calcite.rhyolite.com
Tue Apr 2 00:22:03 UTC 2002


> From: "Tony L. Svanstrom" <lists@svanstrom.com>

> ...
>  If I were to check rejected e-mails once a week I'd be looking at a list of a
> cpl of 100 (actually, it might be down to less than a 100 per week now, don't
> know if the SPAMmers are taking a break or if a cpl of days of EXITCODE=67 got
> me removed from some very active network of SPAMmers).
> ...

There are ISP's using dccm with enough incoming spam to regularly
generate a couple of hundred log files in a minute, not to mention 3
or 4 days.  Recent versions of dccproc and dccm have the strange,
optional values "[HMH]?name' for -l in an attempt to keep log file
directories from blowing up larger than Linux will tolerate.

I suspect ISPs are handling white list entries with a single, system
wide list.  I think they initially populate their white lists by running
dccm the rejections turned off and the logging threshold at or below
the future rejection threshold.  During this initial period, they watch
for legitimate bulk mail in the logs and white-list its senders

This mode clearly makes sense on a corporate gateway where users receive
only company mail and "company mail" is defined by the operators of
the gateway.  I'm surprised this mode works for ISPs selling to the
general public.  I would have expected a scheme like Dave Lugu's to be
required.  That a single, system-wide white list works for ISPs with
plenty of users may show how unhappy the general public is about spam.


Vernon Schryver    vjs@rhyolite.com



More information about the DCC mailing list

Contact vjs@rhyolite.com by mail or use the form.