White Lists

Vernon Schryver vjs@calcite.rhyolite.com
Thu May 15 14:49:20 UTC 2003


> From: Evgeniy <evgeniy@riscom.net>

> i have DCCM latest version (1.1.36), 
> after 24 hour testing i see that dccm rejecting mailing list,
> example securityfocus.com
> in file whitecommon i have records
>
> # BUGTRAQ
> ok	substitute mail_host securityfocus.com
> 	substitute Sender: focus-linux@securityfocus.com
> ok	substitute mail_host outgoing2.securityfocus.com
> ok	substitute mail_host lists.securityfocus.com

Given the headers in the message, I would use only 

   ok	substitute List-Id: <focus-linux.list-id.securityfocus.com>


> ...
> VERSION: 3
> DATE: 05/14/03 18:30:43 EEST
> IP: ns.riscom.net ::ffff:195.138.96.90
> HELO: ns.riscom.net
> env_From: <focus-linux-return-1861-web=riscom.net@securityfocus.com>  
> mail_host=securityfocus.com.
> env_To: <ameoba32@[195.138.96.154]>  addr=ameoba32  dir=

> ...
> List-Id: <focus-linux.list-id.securityfocus.com>
> List-Post: <mailto:focus-linux@securityfocus.com>
> List-Help: <mailto:focus-linux-help@securityfocus.com>
> List-Unsubscribe: <mailto:focus-linux-unsubscribe@securityfocus.com>
> List-Subscribe: <mailto:focus-linux-subscribe@securityfocus.com>

> ...
> X-DCC-Etherboy-Metrics: setcom.riscom.net 1002; bulk Body=116 Fuz1=116
> 	Fuz2=116
>                                                       checksum  server      
>                        IP: 3e7e139e f6504a8c bc4e9b73 5d1440bc              
>                  env_From: e9a921a6 386b9f30 0d8504c4 3566c63a              
>                      From: ae31e18d a48ef900 4868ad3f 0fc3ed40              
>                Message-ID: 21efb874 fe794d26 2809637d 96d69da6              
>                  Received: 152f2eb9 fb30ae43 f936581b 028c7c01              
>                      Body: 76c56ecd f51959fa c9ea1e8c d4486eda     115      
>                      Fuz1: 4dc07bf3 100b36e8 a8f2698d f8b10bad     115      
>                      Fuz2: a7ef1239 80f64288 98b01984 bf489482     115      

That dccm did not compute any of the substitute headers suggests that
it was not told to by -S args

> ...
> #   a common value is
> #   DCCM_ARGS="-SHELO -SX-Habeas-SWE-3 -Smail_host -SSender -SList-ID"
> DCCM_ARGS="-a REJECT -t CMN,5,15"
> ...

Yes, adding 
    -Smail_host -SSender
should white-list those messages 

However, for that mailing list I would use List-ID


Vernon Schryver    vjs@rhyolite.com



More information about the DCC mailing list

Contact vjs@rhyolite.com by mail or use the form.