[Fwd: Re: dccm default to reject when servers can't be contacted?]

Chris Gleba chris@soma.978.org
Sun Nov 10 23:51:35 UTC 2002


Mr Schryver,

This is very odd.  I tested it as you had by putting in an invalid host
with cdcc and it worked as expected -- it accepted the mail without
adding the X-DCC header.  Then I tried my DNS trick again and this time
it worked as expected: passed the mail without the X-DCC mail header and
the following in the sendmail log:

Nov 10 12:38:03 harp sendmail[19168]: gAAHbrkZ019168: Milter (dcc): to error state

I spent the whole day trying to reproduce my previous error again so that
I could at least try to figure out why it was happening and what made it stop
happening for future users but I couldn't get it to do what it was doing before.
The only thing that I had done between the last time the problem happened and
this time was rebuild the map file but I don't have any evidence to prove that
that was the issue.

In summary, the issue is no longer there and I am very happy about it, however
I have to sadly report that I have no idea what fixed it nor what was causing it.
The only change between then and now is a rebuilt map file.

I appreciate your help as well as all the work that you put into this issue and
I am sorry that it did not bear any fruit.  If there is anything that I can do
in the future to help you let me know (I am an OK C programmer).

--Chris

On Fri, 2002-11-08 at 21:04, Vernon Schryver wrote:
> > From: Chris Gleba <chris@soma.978.org>
> 
> > FEATURE(dccdnsbl, `relays.ordb.org', `"Mail from " $`'&{client_addr}
> > "reject to DCC - see http://www.ordb.org/faq/"')
> 
> I rebuilt my sendmail.cf with that line in the .mc file.  That
> resulted in these additional lines:
> 
>  # DNS based IP address spam list relays.ordb.org connected to DCCM
>  R$*			$: $&{client_addr}
>  R::ffff:$-.$-.$-.$-	$: <?> $(host $4.$3.$2.$1.relays.ordb.org. $: OK $)
>  R$-.$-.$-.$-		$: <?> $(host $4.$3.$2.$1.relays.ordb.org. $: OK $)
>  R<?>OK			$: OKSOFAR
>  R<?>$+			$@ $(macro {dcc_isspam} $@ "Mail from " $&{client_addr} "reject to DCC - see http://www.ordb.org/faq/" $) REJECT
> 
> 
> > ...
> > To test whether mail gets rejected when dcc servers could not be
> > contacted I created a phony domain in my name server for
> > dcc.dcc-servers.net:
> 
> I can't easily do that, because my DNS server is a secondary for
> dcc-servers.net.  Instead I used cdcc to switch to a non-existent DCC
> server.
> 
> > ...
> > Tested it with nslookup as well as cdcc and it worked --
> > dcc.dcc-servers.net could not be resolved while everything else resolved
> > fine.
> 
> I didn't send from hotmail, but from z.dcc-servers.net.  With a working
> DCC server, things worked fine.
> 
> > Then I sent a mail to myself from hotmail -- maillog said as follows:
> 
> When I used the non-existent DCC server, things worked also fine.
> The only differences in my tests were that no X-DCC header was added
> to the message and there were some complaints from dccm in the system
> log aobut the bad DCC server.
> 
> 
> > ...
> > sendmail.cf-->{dcc_isspam}: "Mail from 209.185.241.23 reject to DCC -
> > see http://www.ordb.org/faq/"
> 
> I don't see how that message could have been generated unless sendmail
> set the ${dcc_isspam} macro.  How else could dccm have found that text?
> (I checked the source for uninitialized variables, but found none.)
> 
> 
> > X-DCC-wanadoo-be-Metrics: harp 1016; bulk Body=many Fuz1=many Fuz2=many
> 
> That X-DCC header should not have been generated unless that DCC server
> answered.  But I see no sign that dccm heard from a DCC server in the
> list of checksums.
> 
> All I can see to do is to check more things:
> 
>   - does that "reject to DCC - see http://www.ordb.org/faq/" appear
>       anywhere else in your sendmail.cf file?  (not .mc file)
> 
>   - what happens if you delete that line from your sendmail.cf file?
>       My guess is that dccm won't reject the message.  If that's right,
>       then we'll know that dccm is doing as it's told, but being told
>       the wrong thing.
> 
>   - what version of sendmail are you using?  8.12.5?  If so, that ought
>       to be similar to what I'm using.  Which version of the DCC source
>       are you using?
> 
>    - I copied the lines generated by FEATURE(dccdnsbl) from some version
>       of sendmail's DNSBL support.  I see they've changed things in
>       or before 8.12.7, and so I'll change misc/dccdnsbl.m4 in the
>       next version of the DCC source to match.  It might be interesting
>       to try that version:
> 
> ***************
> *** 41,49 ****
>   divert(8)
>   # DNS based IP address spam list _DCCDNSBL_SRV_ connected to DCCM
>   R$*			$: $&{client_addr}
> - R::ffff:$-.$-.$-.$-	$: <?> $(host $4.$3.$2.$1._DCCDNSBL_SRV_. $: OK $)
>   R$-.$-.$-.$-		$: <?> $(host $4.$3.$2.$1._DCCDNSBL_SRV_. $: OK $)
>   R<?>OK			$: OKSOFAR
>   R<?>$+			$@ $(macro {dcc_isspam} $@ _DCCDNSBL_MSG_ $) REJECT
>   divert(-1)
>   
> --- 41,49 ----
>   divert(8)
>   # DNS based IP address spam list _DCCDNSBL_SRV_ connected to DCCM
>   R$*			$: $&{client_addr}
>   R$-.$-.$-.$-		$: <?> $(host $4.$3.$2.$1._DCCDNSBL_SRV_. $: OK $)
>   R<?>OK			$: OKSOFAR
> + R<?>$+<TMP>		$: TMPOK
>   R<?>$+			$@ $(macro {dcc_isspam} $@ _DCCDNSBL_MSG_ $) REJECT
>   divert(-1)
> 
> 
> As far as I can see, they've changed tactics for IPv6 and are doing 
> something for temporary failures by the DNS blacklist.
> If somehow the change to your DNS server caused temporary DNS failures in
> asking relays.ordb.org, then most of the mysteries would be explained.
> 
> 
> Vernon Schryver    vjs@rhyolite.com
> _______________________________________________
> DCC mailing list      DCC@rhyolite.com
> http://www.rhyolite.com/mailman/listinfo/dcc
-- 
 _________________________________
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
       _/ _/         _/
    _/   _/                  ||||
   _/   _/_/_/ _/_/ _/ _/_/  c ..
  _/   _/  _/ _/   _/  _/    \  >
   _/ _/  _/ _/   _/ _/_/     \_-

  ==>chris@soma.978.org<==
 _________________________________ 
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-- 
 _________________________________
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
       _/ _/         _/
    _/   _/                  ||||
   _/   _/_/_/ _/_/ _/ _/_/  c ..
  _/   _/  _/ _/   _/  _/    \  >
   _/ _/  _/ _/   _/ _/_/     \_-

  ==>chris@soma.978.org<==
 _________________________________ 
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




More information about the DCC mailing list

Contact vjs@rhyolite.com by mail or use the form.