Frequent database rebuilds for greylisting

Gary Mills mills@cc.UManitoba.CA
Mon Dec 8 03:39:41 UTC 2003

On Sun, Dec 07, 2003 at 08:20:19PM -0700, Vernon Schryver wrote:
> > From: Gary Mills <mills@cc.UManitoba.CA>
> > Is there something different with database cleaning for greylisting?
> > It seems to happen about once a minute.  ...
> When a message is determined to be spam by the DCC after having
> been reported to a greylist server, the greylist server is told to
> delete its records.  This prevents obvious holes in greylisting.
> To be sure that all records of a deleted checksum are deleted from a
> DCC database, you must run dbclean.  When dccd deletes a record, it
> schedules and then starts dbclean.  For dccm and dccifd, a greylist
> server is merely dccd run in a slightly different mode.

So, this is normal behavior.  I had assumed that it was a bug, and
was prepared to shut down greylisting.  This procedure seems to run
constantly.  I can see dbclean running.  When it completes, it becomes
a zombie.  As soon as the zombie disappears, another dbclean starts up.
This seems too resource-intensive for my liking.

The usual way to delete a record in a database is to mark it deleted,
and then compress out the marked records later.  Can't dccd do this?

> My hope is that frequent dbclean passes over the greylist database
> will be ok, because the greylist database should be very small compared
> to the DCC database of all spam seen in the Internet.  If I'm wrong
> about that, please let me know.

They are certainly smaller...

  -rw-r--r--   1 daemon   other    16760832 Dec  7 21:26 grey_db
  -rw-r--r--   1 daemon   other    16760832 Dec  7 21:26 grey_db.hash
  -rw-r--r--   1 daemon   other    16760832 Dec  7 21:25 grey_db-old
  -rw-r--r--   1 daemon   other    452542464 Dec  7 21:13 dcc_db
  -rw-r--r--   1 daemon   other    150847488 Dec  7 03:51 dcc_db.hash
  -rw-r--r--   1 daemon   other    502824960 Dec  7 03:16 dcc_db-old

> If you are running a large system with multiple DCC servers, you
> probably should run multple greylist servers.  All of your DCC clients
> should know about all of your greylist servers so that they can apply
> the DCC client load balancing and fail-over code to pick the fastest
> available greylist server.  Of course, all of your greylist servers
> should flood each other by being listed in your /var/dcc/grey_flod
> files.

Yes, I have them set up that way, with two greylist servers.

-Gary Mills-    -Unix Support-    -U of M Academic Computing and Networking-

More information about the DCC mailing list

Contact by mail or use the form.