dccm feature request

Vernon Schryver vjs@calcite.rhyolite.com
Thu May 20 13:19:31 UTC 2004


> From: Kelsey Cummings 

> After deploying dccm for outbound bulk detection it's become clear that
> there is one feature that we'd really like to see.  It would be very handy
> if we were able to control the log/reject thresholds in a similiar fashion
> to the existing whitelist files.  This would allow us to change the limits
> based on source adressess (IP or envelope) to allow for more flexible
> configuration.   We are short on developer time now but might be able to
> provide patches if there is interest in the feature.  I don't see how it
> would useful for anything but outbound mail processing.

Where would those additional per-send values be stored?  Currently
dccm has space only for a choice among OK, OK2, and MANY for each
SMTP client value including HELO, IP address, and envelope and header
from values.

Whilelist values of "OK" or nothing for a sender IP address can be used
for a boolean reject threshold.  Do you need more than that?  For 
detecting and stopping "trojaned" systems or other spamming customers,
why do you need more than one threshold?  I can see the utility of
finer control than "trust this user implicitly" vs. a global threshold
for billing and accounting, but do you really need fine controls for
stopping outgoing spam?


Vernon Schryver    vjs@rhyolite.com



More information about the DCC mailing list

Contact vjs@rhyolite.com by mail or use the form.