DCC a success at the University of Manitoba

Gary Mills mills@cc.UManitoba.CA
Sun Mar 30 23:43:16 UTC 2003


It was just a week ago that I finally enabled DCC rejection on the U
of M central mail servers.  There are two of these, with about 25 000
users, including students and employees.  Both run sendmail with DCC
running as a milter.  The rejection limit is set at 100.  All campus
IP addresses are whitelisted.  Users can also contribute to a central
whitelist through a web application.  This web application also allows
them to view a summary of their rejected bulk mail for the past week,
and to view the DCC log files for those messages.

The response has been quite enthusiastic.  One user reported that his
spam load dropped from 30-100 a day down to 3 a day.  We've had many
similar reports, although most were not that dramatic.  Comparing DCC
rejections to total mail deliveries shows about 30% rejection, which is
quite impressive.  The mail queue dropped from 50 000 to 15 000, over
a period of five days.  Most of this mail was either spam that was
addressed to over-quota mailboxes, or automatic responses to spam that
could not be delivered.  Keeping the spam out made quite a significant
reduction in the load on the mail server, too.

In general, the central whitelist works pretty well.  Users cooperate
in building this whitelist, which has about 1000 entries now.  The
advantage of this approach is that only one recipient has to whitelist
a source of legitimate bulk mail to make it available to all.  That is
also a disadvantage, of course, but it's a minor one.  We didn't want
to require each user to maintain his or her individual whitelist.

I'm using `pubcookie', an implimentation of WebISO, to authenticate
users who wish to access the central whitelist web application.  This
works pretty well, although it does add another layer of complexity.
The application itself is just a perl script, using the CGI perl
library.

We have heard from some people who are concerned about losing mail
because of DCC.  The most common case would be conference announcements,
which often are a true `one time mailing'.  I can't offer them much
in the way of a solution, other than to remind them that their e-mail
is usable again, now that the spam is gone, and that the conference
announcement mail will be returned to the sender, rather than being
simply discarded.  Return receipts have also been a problem, because
people often don't realize that they are even using them.  They don't
understand what is happening when DCC rejects them.

There is also some disagreement about what constitutes spam.  Some people
seem to be somewhat accepting of spam.  A few even whitelist offers for
breast enlargement products and free on-line casinos.  Others are quite
outraged at even a small amout of spam.  They say that it's clearly spam,
and that we should be able to block it.  Some people also were getting
large amounts of spam, whereas others were getting none at all.  This
difference seems to depend on how long their e-mail address has been
publically available.

I still get some spam, mainly that notorious MIME/HTML spam with very
little content.  All in all, though, I'm very pleased with DCC, and
I'm grateful to Vernon for all his work on it.

-- 
-Gary Mills-    -Unix Support-    -U of M Academic Computing and Networking-



More information about the DCC mailing list

Contact vjs@rhyolite.com by mail or use the form.