Reason for rejected message ?

Daniel Gehriger
Tue Feb 27 23:06:02 UTC 2007

Vernon Schryver wrote:
>> From: Daniel Gehriger 
>> I just upgraded to the latest DCC and found this entry in the log. I 
>> can't figure out why the message has been rejected, even though 
>> doesn't list any of the IPs contained in the e-mail.
> I was wrong about Spamhaus' PBL.  Because includes
>, and includes IP addresses that are
> known to not send spam but are MX or DNS servers (e.g. Comcast's NS
> RRs), it is probably not a good idea to use,
> at least not without -Bset:no-MX and -Bset:no-NS.

Ok, I'll have a look at this.

> The complaints about DNS timeouts are not good.  Is something wrong
> with your DNS system?  Dccifd should have at least received NXDOMAIN
> for from your local caching DNS server.
> (I trust you have sufficient reasons for marking a Yahoo IP address
> in /var/dcc/whiteclnt as one of your MX servers.)

[ Yep, Yahoo should be in there. ] There shouldn't be any issues with 
the DNS system. Most of the time, dccifd doesn't complain about timeouts 
but then I get waves of those messages until a new DCC DNS helper is 

> However, none of that is not relevant to this case, because dccifd says
> that it got no answers from your DNS resolver.  Besides, "DCC-->spam"
> claims that the message was rejected because its checksum counts were
> above the local definition of "bulk".  If a DNSBL result were involved,
> there would have been a "DNSBL-->spam" string.  The strangeness is that
> all of the checksums for the message except IP address of the SMTP
> client,, were unique to this message.  The only way that
> makes sense is if DCCIFD_REJECT_AT=0 in /var/dcc/dcc_conf to cause
> dccifd to have a -t bulkd threshold of 0.  With what -t value is dccifd
> running?

Here is the output of ps:

/var/dcc/libexec/dccifd -Ivscan -tREP,10 -tCMN,50,50 -Bset:debug=5,any,any -llog -wwhiteclnt 
-Uuserdirs -GIPmask/24 -p,10023 -o,10026 -SHELO -Smail_host -SSender -SList-ID



More information about the DCC mailing list

Contact by mail or use the form.