rcvd_nxt and IP checksum

Vernon Schryver vjs@calcite.rhyolite.com
Mon Apr 10 13:52:32 UTC 2006


> From: Sidney Markowitz 

> I don't see how to specify client hostname and the HELO string to
> dccproc. Is it the case that the only way to get the right values to
> dccproc is to have MX and MXDCC options configured properly in the main
> DCC whitelist file?

Yes, but the HELO string and client hostname are not very important
to dccproc.  The client hostname is used only for logging.

>                     If the only user of DCC on a system is SpamAssassin,
> I think it would be more reliable to only have to have SpamAssassin's
> configuration for that to be correct, rather than requiring the
> configurations to match up. From what I see, I would have to include
> something in our documentation about making how to make sure that DCC's
> MX and MXDCC options are consistent with SpamAssassin's trusted_networks
> and internal_networks configuration settings.

SpamAssassin+DCC installations that use dccproc instead of dccifd are
likely to be either small or not closely managed.  If they are larger
and well managed, they use dccifd.  DCC installations that are not
closely managed do not have any local settings in the /var/dcc/whiteclnt
file, whether MX, MXDCC, or HELO white- or blacklist settings.  Thus,
telling SpamAssassin+dccproc users to do anything in /var/dcc/whiteclnt
is not worthwhile.  It would only bloat the SpamAssassin documentation.

All DCC installations should add entries to /var/dcc/whiteclnt to
whitelist sources legitimate bulk mail that matter to local users,
but very few SpamAssassin+DCC users do that.

Assuming SpamAssassin generally gets the client IP address right, it
is more likely to be right than a user's setting of MX and MXDCC lines
in /var/dcc/whiteclnt.

The MXDCC setting has a separate importance.  The DCC works by counting
copies of a mail message.  Reporting a single mail message several times
to the DCC network as it passes through MX servers can make it appear
to be more bulky than it is.  MXDCC not only says that an MX server's
Received header can be believed, but also says that the MX server has
already reported the messge's checksums and so the local system should
only ask about the checksums and not report them.

But again, very few SpamAssassin+DCC users to do any configuring of
their DCC clients.


thanks for your efforts,

Vernon Schryver    vjs@rhyolite.com



More information about the DCC mailing list

Contact vjs@rhyolite.com by mail or use the form.