Using both dccifd and dccm, or dccm for greylisting only

Philip Hachey PHachey@city.cornwall.on.ca
Fri Oct 14 19:10:45 UTC 2005


>=Vernon Schryver wrote:
>I had
>the impression that it acts on any X-DCC headers already present. 

So did I, but after a closer look at the code I discovered that it just 
does nothing upon discovering an X-DCC header that has a "bulk" value.  In 
the small number of X-DCC headers that I witnessed while testing out dccm, 
none contained such a value.  I don't want SA's DCC check to "do nothing" 
anyway, I want it to base it's scores on the value of the header.  (Note 
that I'm running SA 3.1.0).

>If you are already using dccm, why involve SpamAssassin at all with
>the DCC? 

I don't want dccm to do anything with messages, I just want SA to 
incorporate DCC values into it's scoring of spam (which is it's normal 
behaviour while using dccifd).  In response to your other comments, my SA 
setup does all of it's checking post-SMTP -- I do discard spam, but only 
high scoring ones (never a false positive yet in nearly a year of using it 
this way), and notify the recipient of less certain messages.  I have the 
luxury of doing this, as I'm not an ISP.

>No, but if you want to do that, why not teach SpamAssassin about X-DCC
>headers?

I've considered this for a bit.  It's not enough to just have the presence 
of an X-DCC header, as dccm puts them in all messages, but SA needs to 
calculate (or trigger) a score based on the value of the X-DCC header.  I 
think the only way to do that would be to write a replacement/supplement 
for check_dcc.  I might do this if I have time.

>> 2) If the above is not possible, then is there a way to invoke dccm 
with 
>> DCC checking disabled so that it can be used solely as a greylisting 
>> milter?
>
>As the dcc man page says,
>the following line in /var/dcc/whiteclnt turns off DCC checking:
>
>option dcc-off

This isn't quite what I want because when this option is used, according 
to the man page:
"The DCC server is queried and the X-DCC header is added but the message 
is delivered regardless of target counts and thresholds."
The goal, in this case, is get dccm to act strictly as a greylist milter 
and not waste resources by calculating checksums, doing queries unrelated 
to greylisting, or adding headers.

>Notice also the "MXDCC" whitelist value in that man page.

I'm a bit confused about this option.  If used, will it disable just DCC 
checking for the flagged IP addresses, or ALL processing including 
greylisting?

>See also the -Q option for dccifd in its man page

Hmm.. best solution so far.  The DCC servers may get queried twice (by 
both dccm and SA/dccifd), but at least a message will only get reported 
once (dccm).

Thank you for your feedback and advice.  I think I'll use -Q with dccifd 
for now and later work on getting SA to do something with existing X-DCC 
headers.
----------------------------------
Philip J. Hachey



More information about the DCC mailing list

Contact vjs@rhyolite.com by mail or use the form.