Sat Mar 5 08:46:06 UTC 2005
Vernon Schryver wrote: > Version 1.2.70 of the DCC source is in > http://www.dcc-servers.net/dcc/source/dcc.tar.Z and > http://www.rhyolite.com/anti-spam/dcc/source/dcc.tar.Z > > http://www.dcc-servers.net/dcc/CHANGES starts with: > > Turn on IP TOS bits for DCC server-to-server flooding. > Add -B to dccproc, dccm, and dccifd to consult DNS blacklists. > This feature and greylisting are valuable supplements > to DCC target counting. However, greylisting is generally > significantly better where greylisting can be used. Most > dccproc and many dccifd installations cannot use greylisting. > > The DNS blacklist feature should probably be considered experimental. > Please let me know what you think of it. > If I can find enough ambition, I will add code to use res_query() to > check the MX of domain names in addition to IP addresses. Checking > MX IP addresses in blacklists is quite effective, but res_query() > is a lot more work then gethostbyname() etc. After upgrading dcc.niet.net, the dccifd daemons I have running reports many of the following messages: 2005-03-05 09:14:11.298296500 no answer from localhost (127.0.0.1,6277) after 0 ms 2005-03-05 09:27:44.215535500 no answer from localhost (127.0.0.1,6276) after 0 ms /var/dcc/libexec/dccifd \ -G on \ -d \ -x \ -b \ -t CMN,50,50 \ -w whitelist \ -l "H?log" \ -L info,LOCAL1.INFO -L error,LOCAL1.ERR \ -p /var/dcc/dccifd-grey and cdcc info reports results like: # 03/05/05 09:17:07 CET /var/dcc/map # Re-resolve names after 10:58:40 # 1 total, 1 working servers # skipping asking DCC server 242 seconds more IPv6 off localhost,- 32773 # * 127.0.0.1,- NIET ID 1080 # 100% of 32 requests ok 33.34 ms RTT 0 ms queue wait ################ # 03/05/05 09:17:07 CET GreyList /var/dcc/map # Re-resolve names after 10:58:58 # 1 total, 1 working servers localhost,- Greylist 32773 # * 127.0.0.1,- NIET ID 1080 # 100% of 32 requests ok 0.16 ms RTT 0 ms queue wait Removing -G on from this invocation _appears_ to make the problem occur less often, but the logs now say: 2005-03-05 09:38:05.324245500 no answer from localhost (127.0.0.1,6276) after 0 ms 2005-03-05 09:38:05.324465500 continue not asking Greylist 8 seconds after failure which I did not think should be happening when dccifd does not have '-G on', of even '-G off', which I've also tried.
More information about the DCC