white lists

Vernon Schryver vjs@calcite.rhyolite.com
Sat Apr 20 14:40:00 UTC 2002


> From: "Mark Motley" <mark@motleynet.com>

> I think you've brought this up before, but have you given any additional
> thought to allowing more flexible whitelisting especially on 'From'
> (e.g. regex or just simple substring match)?
>
> My understanding is the reason this is not possible today is due to the
> fact that the DCC client computes a checksum on the 'from' and compares
> that to checksums on the whitelist (could be wrong here).  Since 'From'
> matching in DCC appears to be somewhat deprecated, I wonder if this
> still makes sense.

I wouldn't say From checksum matching is deprecated because I use it a lot.
Instead I would say it is limited.

I remain fearful of adding regular expression matching to the DCC client
code because of portability and speed problems.  It also seems like
an overlap with procmail. 

When regular expressions are required, why not combine procmail and the
DCC by either using dccproc within procmail or by combining procmail
regular expressions on X-DCC headers with other procmail regular
expressions?

I don't like to say "never" about a feature, but I think it is much
more important to see if it might be possible to teach dccm and sendmail
to allow per-user whitelists and log files, and to write some sample
CGI scripts to maintain the whitelists and examine the log files.

Such CGI scripts sound like a wedge for handling per-user .procmailrc
scripts.  They also sound like something that someone would already
have invented.  Do you know of such?


> I'm getting very close to piloting DCC in my enterprise (nothing like a
> Blackberry to drive the spam problem home).  I know the whitelisting is
> going to become a big headache; it would be nice to have a more flexible
> way of doing it so end-users could understand.  If you wanted to avoid
> all the overhead with regex matching, I'm sure substring matching would
> probably fit the bill.

You could be right, but I suspect substring matching would be the
camel's nose for full regular expressions.  People would probably want
to look for strings in only some headers, and so would want at least
"^from:.*example\.com$"

And then there are the problems of where to keep the substrings or
expressions in the DCC, what format to use, and the rest of the
problems that procmail has solved.


Vernon Schryver    vjs@rhyolite.com



More information about the DCC mailing list

Contact vjs@rhyolite.com by mail or use the form.