DCC as outbound bulk detector?

Kelsey Cummings kgc@sonic.net
Sat Apr 17 00:25:33 UTC 2004


On Fri, Apr 16, 2004 at 06:02:53PM -0600, Vernon Schryver wrote:
> > From: Kelsey Cummings 
> 
> > Has anyone tried using DCC to monitor outbound email flows for SPAM?
> > Presumably, a private server mesh could be built for all outbound server
> > and if you don't outright start rejecting mail, it could notify your abuse
> > desk of a potential problem.
> 
> Starting a couple years ago and continuing for at least a year or
> so and perhaps even now, a very large Far Eastern free and for-hire
> mail provider was using the DCC to detect and perhaps squelch
> outgoing bulk mail.

Sounds like a plan to me then.  I was thinking how I am sick of people
exploiting customer cgi's to send spam and how I didn't have any decent way
to prevent it.  Then, euraka!

> After running without rejecting for a few weeks while building a
> whitelist of legitimate internal bulk mail sources such as mailing
> lists, why not reject?  Tell users that if they want to set up a mailing
> list or do some "push advertising" that they need to contact the NOC
> or Abuse Desk first.  You might pitch it as insurance against the
> entire organization getting blacklisted as the result of a user mistake.

I shouldn't have trouble there, and we have list servers for our customers
so I don't see a problem.  Out of curiosity, do you have any suggestions
at what level dccm should be configured to reject at or is this really
dependent on our own policies?

Thanks for your support Vernon.
 
-- 
Kelsey Cummings - kgc@sonic.net           sonic.net, inc.
System Administrator                      2260 Apollo Way
707.522.1000 (Voice)                      Santa Rosa, CA 95407
707.547.2199 (Fax)                        http://www.sonic.net/
Fingerprint = D5F9 667F 5D32 7347 0B79  8DB7 2B42 86B6 4E2C 3896



More information about the DCC mailing list

Contact vjs@rhyolite.com by mail or use the form.