DCCM looping

Vernon Schryver vjs@calcite.rhyolite.com
Wed Jan 31 18:35:14 UTC 2007


> From: Bruce Esquibel <bje@e4500.ripco.com>

> This past monday I started to migrate our mail system (which oddly enough is
> all Solaris/Sparc) from the public DCC to an in-house one.

> daemons, just the effectivness and false positives seem to have gone on the
> upswing since mid month compared to the two or so years we've been using it.

DCC effectiveness has dropped in recent months.  Perhaps that is
due to more triggering of that MIME bug.  Or perhaps not.

Clients of a DCC server that does not receive "floods" of reports of
bulk mail from the rest of the global DCC network are likely to much
less effective.  I don't recall that ripco.com is running a DCC server
connected to the global network.  In my mail logs there is some
corresondence with you about DCC servers, opus.com, Barracuda, and the
possible assignment of DCC server-IDs, but I think nothing came of it.

What DCC server are you using that is connected to the global network?
If your DCC server is not connected and you now have enough traffic
to justify a local DCC server, please contact me privately.


Note that the free license for the current DCC source does not cover
installations of DCC servers not connected to the global network.
To do that, you need to buy a commercial license.


"False positives" are different story and speak more to a misuse or
misunderstanding of distributed checksum clearinghouses.  In a sense,
albeit uninteresting, there is no such thing as a DCC false positive.
If the DCC network says that a mail message is bulk, then you can be
confident that at least one substantially identical copy of the message
has been reported before.  There two common classes of claimed DCC false
positives.  One consists of nearly empty messages consisting of few or
no words and some free mail provider advertising, shyster confidentiality
noise, or similar popular noise.  The other class consists of legitimate
bulk mail that has been detected as such, including messages from
legitimate mailing lists that has been reported to a DCC server with a
target count of "MANY." The only solution for both classes is to whitelist
such legitimate bulk mail in the system-wide /var/dcc/whiteclnt file
or appropriate per-user whiteclnt files.


Vernon Schryver    vjs@rhyolite.com



More information about the DCC mailing list

Contact vjs@rhyolite.com by mail or use the form.