pending license change

Vernon Schryver
Fri Mar 18 02:16:40 UTC 2005

> From: David Sparks 

> The license excludes any commercial anti-spam solution providers.  Going 
> forward, what do you expect these entities to do?

I've no standing to tell them what to do.  Their choices seem to be:

  1. stop using the DCC and anything similar.

  2. continue using the current or older versions.
    The existing server-to-server (flooding) and client-server protocols
    can't change except upward compatibly, so they could leave their
    servers doing what they've been doing.  At least one organization
    is running years old servers connected to the global network with
    more or less proprietary clients.
    A code jokey like me has trouble advocating staying with old stuff.
    And there's the patent.

  3. ignore and violate in the new license and use new versions.
    I'm obsessive about other people's licenses, so this makes no sense
    to me.  It also doesn't make a lot of sense to hope to make a bunch
    of money with a product that violiates the license.  That might
    attract lawyers paid on contingency to my cause.
    And there's the patent.

  4. maintain their own versions based on the old code, i.e. a "code fork."
    I hope that there will not be a public code fork, because the
    organizations have motives for forking generally have lots of
    proprietary code.  Some are uncomfortable with any sharing code.
    And there's the patent.

  5. buy the RPD from Commtouch
    Commtouch says the RPD is a lot more effective than the DCC.  I
    have not yet had an opportunity to verify that.

  6. buy the forthcoming new and improved commercial version of the DCC.
    I might profit a little from #5 or #6, so if I must tell them
    what to do, I'll recommend one or the other.

> The license is not retro-active so I assume that older versions will 
> remain free.  Do you expect that Commtouch will use Patent 6,330,590 
> against commercial anti-spam companies that are using older versions of DCC?

I do not speak for Commtouch.  Their chairman of the board, Ian Bonner,
has experience with RedHat and knows that waving patents around does
not win friends.  However, I don't think they bought the patent to
destroy it.

> We participate in a "private network" (it was posted on the DCC Server 
> list some time ago) with other companies where signatures are only fed 
> from spamtraps.  This is useful in certain tests where "bulkiness" is 
> not suitable as opposed to "spammyness".  Other companies are welcome to 
> participate in sharing this data, but the signatures need to come only 
> from approved spamtraps.  Is it your intention that networks like this 
> get shut down?

Instead of a private network, that sounds like a public network
with other operating rules.

In principle you could flood your checksums to the larger public network
while rejecting the public network's checksums.  One problem with that
is that if you have a lot of traps, your checksums might bloat the
public database, making it painful for some of the smaller servers.
It's also been 4 or 5 years since I tested the "traps" option in
/var/dcc/flod line.  Code that is not used or at least tested rots.

Vernon Schryver

More information about the DCC mailing list

Contact by mail or use the form.