dccm timeout lets some spam through

Gary Mills mills@cc.UManitoba.CA
Fri Apr 25 16:37:41 UTC 2003


On Fri, Apr 25, 2003 at 08:42:04AM -0600, Vernon Schryver wrote:
> > From: Gary Mills <mills@cc.UManitoba.CA>
> 
> > Apr 25 02:47:40 electra sm-mta[541]: [ID 801593 mail.error] h3P7lNDp000541: Milter (dcc): timeout before data read
> 
> Judging from that error message, one of the milter timeouts is too short
> for your system.

But, why would connections between sendmail and dccm time out only
during the time when the local dccd database was being rebuilt?
How long does it take dccm to notice that one dccd is not responding,
and switch over to the other one?

> Again, have you compared the milter timeout settings in sendmail.cf
> to the comments in misc/dcc.m4 in the DCC source?
> 
>     # To change the default milter failture settings or timeouts as described
>     # in the sendmail milter README file, use something like:
>     #       `FEATURE(dcc,``F=T, T=S:1s;R:1s;E:5m'')'
>     # The default parameters are T=C:30s;S:10s;R:10s;E:30s to wait
>     #   30 seconds for the initial connection from sendmail to dccm (C),
>     #   10 seconds sendmail sending (S) as well as receiving responses (R)
>     #   from dccm, and 30 seconds for dccm to check the message at its end (E).

These are my two filter definitions from sendmail.cf:

	Xdcc, S=inet:xxxx@electra.cc.umanitoba.ca, F=T
	Xismilter, S=inet:xxxx@localhost, F=T, T=S:2m;R:2m;E:5m

So, dcc is using the defaults, which should be, according to the
documentation: `T=C:5m;S:10s;R:10s;E:5m'.  Should I increase the `S'
and `R' timeouts to 2 minutes like the Trend virus filter?  That seems
awefully long for communications between sendmail and dccm.

-- 
-Gary Mills-    -Unix Support-    -U of M Academic Computing and Networking-



More information about the DCC mailing list

Contact vjs@rhyolite.com by mail or use the form.