dccm default to reject when servers can't be contacted?

Vernon Schryver vjs@calcite.rhyolite.com
Fri Nov 1 05:19:11 UTC 2002

> From: Chris Gleba <chris@soma.978.org>

> ...
> I am using dccm [with sendmail -- just the client -- VERY small site]
> and it seems that if dccm can not contact any of the dcc servers
> that it defaults to "REJECT".  This had some very nasty repercussions
> when I had some DNS issues earlier today. . . .
> Is there any CLI option, #define or sendmail macro where I can easily
> tell dccm to default to "ACCEPT" when it can not contact the dcc
> servers?

Are you sure you are not also using some other sendmail Milter filter
such as one of the SpamAssassin milter interfaces?  At least one of
them not only tells sendmail to reject mail when that milter fails,
but sets delays of 15 minutes before sendmail gives up.  Some people
running one of those SpamAssassin milters have mistakenly thought that
the DCC was causing sendmail crash or hang for those 15 minute dead times
while waiting for SpamAssassin.

Before version 1.1.16 of the DCC, the default DCC milter settings were
the sendmail defaults.  According to current versions of libmilter/README,
those are "T=C:5m;S:10s;R:10s;E:5m"  With that "the message is passed
through sendmail in case of filter errors as if the failing filters
were not present".  The four timeouts are from 5 minutes to 10 seconds.

In version 1.1.16, the DCC default is "T=C:5s;S:5s;R:5s;E:30s"
The difference between that and the sendmail default is a reduction
of the timeouts to 5 to 30 seconds.

However, if you use misc/hackmc to tell sendmail to report relay
attempts to the DCC server as spam, then sendmail is told to reject
mail if the DCC fails so that the system does act as an open relay.

You can change all of this by editing the generated sendmail.cf or
your .mc file.

See the misc/hackmc and misc/dcc.m4 files for even more words on all of this.

Vernon Schryver    vjs@rhyolite.com

