Mailing list embargo log problem

Vernon Schryver vjs@calcite.rhyolite.com
Sat Jan 17 22:09:36 UTC 2004


> From: Spike Ilacqua <spike@indra.com>

> ...
> ### end of message body ########################
> /var/dcc/userdirs/local/someone/whiteclnt-->OK
>
> X-DCC-indra.com-Metrics: net.indra.com 1044; Body=4 Fuz1=4 Fuz2=4
>                                                       checksum  server wlist
>                        IP: dc1b4e1e 15a8ca8a 89cdedcc 48b10fd9
>                  env_From: c4433092 af61c6d4 6dc387a9 0a4f7397
>                      From: b4ea8b87 49e43b6e 8aea811a d008a0ea
>      substitute mail_host: 20194759 58887f17 90680dd6 2118d211
>                                                       ok
>                Message-ID: da51b601 07f85370 5246db8f 11ed12b4
>                  Received: b4fc11f6 caef07dd efb7efe5 0cfd9ecd
>                      Body: 4433bd13 0ad366ce 0e0641de 1819b2fd       0
>                      Fuz1: 04105537 4e10f7bb 984faed3 b08f3fc2       0
>                      Fuz2: b27f3846 83765c79 c3a868cb b7845719       0
>
> rejection message: mail i0HHtDCC029150 from 207.235.6.29 temporary greylist embargoed
> result: temporary greylist embargo #1
>
> Note the lack of greylist checksums and the whiteclnt OK message.
>
> I'm pretty sure this is being cause by the case where a message has
> multiple recipents, some whom's whitelist would allow the message and
> some whom's lack of whitelisting would cause the message to be
> embargoed.  DCC can't selectivly embargo per recipient the message is
> embargoed despite the whitelist entry. 

Yes, I bet you'll find that's the case in the log file in the main
dccm /var/dcc/log directory.

>                                         Some how this leads to the odd
> log entries and I'm guessing that's a bug. 

Perhaps it is a bug that the greylist checksums are not present in
the per-user log file.  I'm not sure.  Are they present in the main
log file in /var/dcc/log?
  
However, even if the greylist checksums were present, they might
not be not be helpful to the users.  At most your scripts could
say "greylisted by some other user," but they could do that now.

>                                             Also the messages *are not*
> being retried by the remote server and I haven't been able to determine
> if that's their problem or DCCs (but the list is coming through
> sendmail, so it's pretty odd that there have been 0 retries).

That is not a problem in the DCC unless the message is being rejected
with a 5yz instead 4yz status code.  The onus is on them to retry
after a 4yz regardless of the reason for the 4yz.  It makes no difference
whether the 4yz says "disk temporarily full," "too busy," or "greylist
embargo."  If they don't retry after a "450 greylist embargo," then
they also don't retry after "450 disk full" and so will lose mail.
Something like `grep i0HHtDCC029150 /var/log/maillog` will disclose
whether your sendmail+dccm did the right thing.


> Beyond the above issues, this is a problem because it means people on
> mailing lists with more than one local recipent can't whitelist a list
> if it would otherwise be greyed.  Beyond an option to make the whitelist
> apply to all recipents in this case, I'm not sure how it can be worked
> around.

Such an option would not be a good idea at larger sites.  A single user
that likes spam would poison filtering for many other people.

The only alternative I see is to have dccm all reject Rcpt_To commands
after the first.  That would have its own problems, including SMTP
clients that do other wrong things.


Vernon Schryver    vjs@rhyolite.com



More information about the DCC mailing list

Contact vjs@rhyolite.com by mail or use the form.