Unexplained greylist non-delivery

Vernon Schryver vjs@calcite.rhyolite.com
Thu Oct 5 05:22:55 UTC 2006


> From: "Paul R. Ganci" <ganci@nurdog.com>

>                      Body: 8a9583f0 225f2048 3a9580a3 5fe44404       0

>          lfaurot@mric.net: beeeffe9 8e39eccf 22af1b4f d99e4936
>                            e3eb0916 aa023c6a 44e966a0 ede1562c Embargo #1

>                      Body: 8d674e22 40ea6410 897585da 498c21ad       0

>          lfaurot@mric.net: cfe9fd0d 96af0e1d ef25bf6b cba8bd52
>                            e3eb0916 aa023c6a 44e966a0 ede1562c Embargo #1


> The checksums for the same recipient lfaurot@mric.net are different. I 
> don't understand how this can occur and I assume this is the root cause 
> for the non-delivery. Is this a possible DCC issue or can the sending 
> server really be doing something to the recipient address such that the 
> message can find its way to my email server but yet not have a proper 
> checksum from delivery attempt to next delivery attempt?


The greylist checksums differ because the simple body checksums differ.

The differing body checksums show that the two messages differ.  
If you compare the rest of the two log files with `diff`, you will find
the difference.

If the difference was legitimate, and if you want to open this potential
but so far very rarely exploited vulnerability of greylist, read about
"-G weak-body" in the dccd man page, add weak-body to GREY_DCCD_ARGS
/var/dcc/dcc_conf, and restart all of your greylist servers with
`/var/dcc/libexec/rcDCC start`


Vernon Schryver    vjs@rhyolite.com



More information about the DCC mailing list

Contact vjs@rhyolite.com by mail or use the form.