Possible? dccifd/dccd greylisting as Postfix filter?

Vernon Schryver vjs@calcite.rhyolite.com
Sun Dec 21 04:23:57 UTC 2003

> From: Paul Vixie <paul@vix.com>

> > If you know how to wire dccifd to Postfix, ...
> i'd like to do this.  postfix's content filtering is at the smtp level,
> such that its smtp listener will (when content filtering is enabled) send
> the whole smtp session toward the content filter, which can be a local
> program speaming smtp on stdin/stdout, or a real smtp listener on some
> host:port.  the content filter has the responsibility to either reject
> the mail or accept it; if it accepts, it can drop or reinject it.  postfix
> provides several reinjection methods that are basically "do smtp again
> but this time don't run the content filter."
> it's clunky compared to milter, and i'm not convinced that a milter-
> compatible "content filter" could not be written, but it's speculation.
> vern, given that framework, what's the right way to touch dcc?

As far as DCC itself is concerned, it's best to not touch it more than
necessary.  The simplistic ASCII protocol that dccifd speaks should
have good enough performance for likely mail volumes.

There are C and Perl sample interfaces to dccifd in
dccifd/dccif-test/dccif-test.c and dccifd/dccif-test/dccif-test.pl
See http://www.dcc-servers.net/dcc/dcc-tree/dccifd/dccif-test/
They don't have a lot of documentation.  Both act a lot like dccproc.
Dccproc can be used as a simple filter in series with delivery,
such as by procmail (hence the name dccPROC).
See http://www.dcc-servers.net/dcc/dcc-tree/dccproc.html

The dccifd protocol is documented in the dccifd man page.
See http://www.dcc-servers.net/dcc/dcc-tree/dccifd.html#Protocol

However, if I understant what you've said, they are not enough. 
It sounds as if the filter program must have a complete SMTP server
implementation.   I started to list the hassles that would be needed
in that task.  After I'd typed a lot more than would be required to
switch any likely system to sendmail, I gave up.
If I am wrong, I hope that "content filter" could be a minor variation
on one of those two samples.

Vernon Schryver    vjs@rhyolite.com

