DCC and qmail turns out to be easy

John R Levine johnl@iecc.com
Sun Dec 21 23:34:05 UTC 2003

Once I got a greylist server and dccifd going, splicing that all into
qmail turns out to be pretty easy.

If you've applied the QMAILQUEUE patch to qmail, which most people have,
you can specify at startup time the name of the program to run to queue
the mail instead of the standard qmail-queue.  There's a program called
qmail-qfilter designed to be run from that interface which puts the
envelope addresses into environment variables and then runs whatever
programs you want as filters, looking at the exit codes to decide whether
to accept or reject the mail.

So I took Vern's sample dccifd perl script and modified it a little bit to
be a backend for qmail-qfilter that passes the message through dccifd and
returns an appropriate exit code.  At the moment I'm doing a 4xx fail if
the code is G and success otherwise since I'm not confident that my global
whitelists are complete.  The perl script is only 139 lines.

The one thing this doesn't do is selective acceptance since qmail-qfilter
doesn't provide a way to edit the envelope.  That's not much of a problem
here since my users rarely disagree about what's spam, but if I wanted to
adjust it to be called directly with the QMAILQUEUE interface, I could do
that, too.

Question: the dccifd man page refers to a -a flag to say whether to fail
or just note messages that are bulky, but the dccifd code doesn't support
such a flag.  Is that a bug in the doc or in the code?

Another question: are users expected to edit the -U whiteclnt files?  Does
dccifd have to be able to write them?  Should I fudge it by making them
group writable?  On this host, most of the users have shell accounts with
their own uids.  The others are mail-only, so I can figure out how to do
those through CGI.

