persistently down servers

Vernon Schryver vjs@calcite.rhyolite.com
Mon Jul 28 13:53:30 UTC 2003


> From: "Stephen Misel" <steve@neonova.net>

> Hmm, care to tell us anything about 1.2.0? :-)

It contains substantial changes for a form of greylisting.  People who
prefer avoiding new bugs might want to install the current version.

> Also, I've noticed a good number of 1.1.1x servers out there.  How useful
> is such an old server to the rest of the network?  Assuming their client
> code is the same age, what are the implications of having
> differently-computed checksums floating around between peers?
>
> If either of these are detrimental to the network, perhaps we should
> incorporate woefully-out-of-date client/server software as part of the
> leaf concept.

Some people update their client code more frequently than their servers.
I think none of the servers are old enough to have any bad effects
outside their own networks.

Old clients compute checksums of some (but far from all) mail differently.
The bad effects of that are limited to increasing the size of the
consensus database.  Your client will only notice counts reported by
other clients that compute checksums the same as your client.

> Identify releases where the changes are important to the health of the
> server network as a whole.  Give a short bake-in period ("see, it's
> stable!") and implementation period.  After that, if you haven't upgraded
> your server, have the server peers remove flood authorization.  Better
> yet, have the dcc-servers.net domain provide DNSBL style blacklisting of
> unmaintained/abandoned servers.  Only list servers which are no longer
> authorized and make dccd check the blacklist zone for it's peers from
> time-to-time.

It might someday come to that, but I don't think it's necessary today. 
There are relatively few servers in the network.  Everyone can watch
their neighbors.  None of the new stuff in
https://www.rhyolite.com/anti-spam/dcc/private/ is new.  Dccd has
always whined in the system log when flooding peers stop working.
I've always been puzzled why so few server operators notice when
their flooding peers disappear indefinitely.

The many ancient clients using the public servers justify bigger
worries.  More people than I would have predicted install DCC clients
and never bother to see if the DCC is doing anything, not to mention
installing new versions.  That is demonstrated by the clients behind
firewalls that allow outoing requests to the public servers but filter
incoming responses.  (Those can be identified in `cdcc clients` or in
the private client list web pages as the clients that send only NOPs.)
Then there are the lame "ports" of the DCC code to WIN32 and other
situations that generate bogus DCC packets.  These problems are the
justification for the /var/dcc/blacklist file of client IP addresses.


Vernon Schryver    vjs@rhyolite.com



More information about the DCC mailing list

Contact vjs@rhyolite.com by mail or use the form.