Central whitelist questions

Vernon Schryver vjs@calcite.rhyolite.com
Mon Oct 14 20:31:05 UTC 2002


> From: Gary Mills <mills@cc.UManitoba.CA>

> ...
> > > Should I be adding them to the server whitelist, then?
> > 
> > Only if you will have more than a few 10,000 entries, including IP addreses.
>
> I recently added 131072 IP addresses, for our class B networks.

Since things are working and 131K is more than 80K, you must have added
them to your servers's whitelists to be incorporated into your servers's
databases by dbclean.
Since you're already using server white-lists for IP addresses,
it seems reasonable to use them for other purposes.
Of course, unlike DCC client white lists where changes are noticed 
a few minutes after they're made, server white lists are updated only
when you run dbclean.

(Never mind that I'd probably use one sendmail access DB entry to
white-list each class-B network instead of 64K DCC server entries.)

>                                                                  How
> about the `ok' entries?  Which whitelist is best for them?

I doubt I understand.  Server white list entries can be "ok", "ok2", or
"many".  "Many" is a blacklisting.  A message must have two checksums with
"ok2" to be considered white-listed.

> ...
> It says: `1 ms queue wait'.  `dccm' is down to 397 file descriptors
> now, and is using 67 threads.  By contrast, the Trend Micro milter has
> 29 of 1024 file descriptors and is using 41 threads.

I wish 400 file descriptors for 70 dccm threads did not sound like 
a file descriptor leak.
As far as I know, other systems including one on "SunOS 5.8", are not
having similar problems.


Vernon Schryver    vjs@rhyolite.com



More information about the DCC mailing list

Contact vjs@rhyolite.com by mail or use the form.