How to improve DCC handling of attachments?

Vernon Schryver vjs@calcite.rhyolite.com
Fri Jul 7 21:20:28 UTC 2006


> From: Gary Mills 

> I'm just looking at a complaint from a user about DCC unexpectedly
> rejecting an e-mail message.  It had a single sender, a single
> recipient and unique content as an attachment.  Clearly, it was not
> bulk mail.  However, DCC had already seen 2801 messages with the same
> fuz2 checksum, and rejected it as bulk mail.  This behavior is quite
> confusing to users, and difficult for me to explain to them.

What if you ask such users to look at the text and ask themselves
whether it is substantially identical to a zillion other messages?

> It was a multi-part MIME message, apparently generated by Microsoft
> Exchange.  The first part was text/plain, with a fixed format except
> for the name of the attached file.  The second part was
> application/x-zip-compressed.  I presume that DCC ignored that part
> in computing the checksum.
>
> How can messages like this be treated as unique by DCC without opening
> the doors to spam?

I can't think of more than:

 1. tell users not to do that.
     Chances are that zipped body did not need to the double or triple
     encryption of compression and whatever else it had.  If it did,
     it should probably have not have been sent via email but via HTTP
     or FTP.

     Don't many sites block such mail because it is so often a Microsoft
     worm/virus?

 2. tell users to whitelist their correspondents that do that.

 3. whitelist that particular FUZ2 checksum for your entire installation

     That checksum might already be in John Levine's list of checksums of
     empty and test messages at http://www.iecc.com/dcc-testmsg-whitelist.txt
     You might be able to convince him to add it.

     Current versions of the DCC source include 
     /var/dcc/libexec/fetch-testmsg-whitelist 
     to refresh local copies of that whitelist occassionally.  See also
     http://www.rhyolite.com/anti-spam/dcc/dcc-tree/misc/fetch-testmsg-whitelist

     I've stopped using that whitelist for various reasons including
     realizing that no one at rhyolite.com cares to receive empty or
     test messages that consisting of Microsoft XML junk, free mail provider
     advertising, etc.


Vernon Schryver    vjs@rhyolite.com



More information about the DCC mailing list

Contact vjs@rhyolite.com by mail or use the form.