Per-recipient DCC summaries

Vernon Schryver vjs@calcite.rhyolite.com
Thu May 30 01:41:00 UTC 2002


> From: Gary Mills <mills@cc.UManitoba.CA>

> ...
> When I analyzed the types of recipient addresses that showed up, I
> found some interesting things.  DCC is currently logging all mail with
> more than 100 copies

that's a quite high threshold even for logging.

>              ...   Of the local addresses, 20% were unknown users, and
> 40% were inactive acounts, leaving only 40% for active accounts.  Many
> of the unknown users were actually Usenet message IDs.  This means
> that 60% of the summaries will never be seen by a user.

That sounds like a rich mine of spam traps.

> Is there a way to whitelist all local IP addresses?  We have two
> class B networks, so there are a lot of them.

Dccm honors sendmail white-listing.  For example, consider the
effects of `misc/hackmc -O`

2 class-Bs would need 128 K entries in the client or the server white list
generated with 512  10.1.0.0/24 lines in an ASCII white list file.

The current limit on the client white list hash table is about
82,000 entries, which is less than 128K.
However, if you can ensure that your DCC clients talk only to your
own DCC servers, you could easily put 128K white-listed entries
in your server databases.


> Some of the remote addresses were for domains for which the mail
> server does MX service.  The mail was routed to the remote mail
> server, but the DCC logs and summaries were left behind.  I don't
> have a way to do user authentication for the remote users, so a
> CGI script won't work for them. ...

Why not?  It seems as if anything sufficiently secure for use inside
a university would be fine on the Internet.

But to avoid filtering on mail for outside MX SMTP servers, why not
teach sendmail.cf to set the $&{dcc_notspam} macro and so tell dccm
to keep off?  (the same sort of thing as that done by `misc/hackmc -O`)


Vernon Schryver    vjs@rhyolite.com



More information about the DCC mailing list

Contact vjs@rhyolite.com by mail or use the form.