Compiling on Windows, and a question of policy

Vernon Schryver vjs@calcite.rhyolite.com
Mon Dec 2 16:08:02 UTC 2002


> know whether they'll work or not. The thing that stops the build at the
> moment is that Cygwin's limited IPv6 support has
>
> struct in6_addr
> {
>         unsigned char s6_addr[16];
> };
>
> ie it does not have the union which enables the same data to be accessed
> as an array of larger types. The dccproc autoconf seems to assume either
> that this structure is not defined or that it contains the union. Not
> being an expert with autoconf I'm not sure what to do to fix
> this. Configuring with the option to disable IPv6 doesn't help.

I thought I remembered that someone had worked on DCC stuff with
Cygwin, but it turns out I was confused about who.  In looking at mail
logs, I find that Mark Moraes at Teleias did a bunch of work in July.
I don't remember how we left it and can't really tell from my logs.
I think he was going to submit something to Cygwin to help the IPv6
compiling problem.  He also suggested using the "AC_CHECK_MEMBER"
macro which is not in the verison of autoconf I have.

I don't see a good solution.  The Cygwin definition pollutes
the name space with a definition of in6_addr that is unusable and
that cannot easily be evaded.


> ...
> There are people out there who are willing to donate bandwidth and CPU
> time to provide DNS for various non-profit DNSBLs, such as the SBL or
> SPEWS. From what you've said in the past, the bandwidth used by the DCC
> client is not much greater than that used by running a DNSBL query.

My calculator disagrees, but this is the smaller question.  The
bandwidth used by a DCC transaction is strictly less than that used
by a DNS blacklist query.  I don't know how to compare DCC and DNS
servers handling millions of transactions per day, but I do know that
a 1,000,000 ops/day DCC server wants more hardware than most of the
public DCC servers.  I think recent talk in news.admin.net-abuse.email
from those who should know puts the SPEWS DNS load at 250 ops/second.
I'm not sure if that is for all public servers or the main ones and
I don't know if that is a peak or a long term average.  The current
public DCC server load is 16 ops/second average with peak hourly
averages of about 25 ops/sec.  My point is that the public DCC servers
are already almost within sight of the SPEWs servers.  (These are only
the public servers and not the private servers in the global network.
Some outfits' DCC servers do almost as much all by themselves as the
combined public DCC servers.)

> Although running a server means responding to both clients and to flooding
> from other servers,

Flooding is a trivial load of about 10 MBytes/day/peer in each direction.

>                     if the load is not too great, it's possible that
> people might provide similar help with a DCC network.

But don't you need to ask first?
Again, the current SpamPal load of 10-20K users would not be noticed,
and so doesn't count.

>                                                       I think it is less
> politically and legally risky to provide a DCC server than to provide a
> mirror of a DNSBL.

As long as your DNS blacklist data is objective and based on truth, my
ignorant legal guess is DCC and DNS blacklist cases are equally winable.
However, in the U.S. without "loser pays," that's not very comforting.


> The question is then whether it's acceptable to build a client which uses
> the current public DCC servers in anticipation that some kind souls will
> step into the breach if the client is too successful for its own good (if
> they don't, the client risks being like a spammer itself, as you say).

That is the bigger question. 


> AFAIK Razor has not yet had this problem despite a Windows client being
> available, which might mean that overload is unlikely to happen in
> practice. That said, Razor is not tracking every message.

What do you mean?  Http://www.cloudmark.com/ suggests a total number
of 10 million mail messages processed similar to the current number
processed by the DCC servers in network.  Reports from many sources
a month ago consistently had Cloudmark/Razor response times at 5
seconds, with a high rate of no responses at all.  I'd not want to
try running a busy SMTP server with 5 second delays.  I suspect those
delays are as much due to various design choices as anything else.


> ...
> The large ISPs in the UK don't seem to be very interested in spam
> filtering, with the exception of BTopenworld, who've just signed up with
> Brightmail.

Brightmail is the market leader.
There are some DCC servers in the UK, but none want to be public.

>             None of this is affecting me, since I'm running Linux and
> can use dccproc, but it'd give me a warm feeling to see Windows users
> able to effectively filter spam.

What about the necessary user training and support?  How do you teach
the typical Windows user about whitelists?  You'd have to have far
prettier GUI support than the CGI scripts in the DCC source and far
better documentation than I can imagine.

Brightmail doesn't seem to be selling to end-users.  I bet that's
not an oversight.

>                                  The Register has written that spam
> filtering is the new virus checking, which means there's an awful lot of
> snake oil out there for Windows.

Some of the most evil spammers are spamming ads for their supposed
spam filter software.


Vernon Schryver    vjs@rhyolite.com



More information about the DCC mailing list

Contact vjs@rhyolite.com by mail or use the form.