Bulk mail rejections declining

Gary Mills mills@cc.umanitoba.ca
Tue Feb 16 20:23:16 UTC 2010


Here are some statistics from our sendmail log, taken with a modified
copy of the cnt-spam.pl script originally written by Tim Wicinski:

    # cnt-rej.pl
    Total messages  278204
    Unresolvables   690     0.248 %
    Unknown Hosts   5894    2.119 %
    Domain required 3       0.001 %
    DCC RBL Rejects 155880  56.031 %
    DCC Bulk Rejs   17953   6.453 %
    DCC Embargoes   24397   8.769 %
    Relay Attempts  539     0.194 %
    
    Unresolvable sender domain
    75      donotreply@eurobusinessguideonline.com
    [..]
    
    Unknown sender domain
    40      root@server.voiptelefonia.com.br
    [..]
    
    Sender domain name required
    2       amanda1
    1       60e3efghn2o6mblb0l6o2lohe2oqdloddlewlkpvnbz_dkzhe2oxe1gmulo2n20t
    
    DCC RBL Rejections (by name of peer)
    229     221.120.234.154
    221     66.151.5.163
    206     188.40.157.10
    105     62.162.178.73
    99      173.89.69.224
    99      201.241.5.253
    99      81.25.231.147
    99      84.32.63.146
    94      212.54.222.54
    85      117.197.68.248
    
    DCC Bulk Rejections (by name of peer)
    1331    80.82.113.208
    358     89.17.221.76
    209     88.191.15.25
    203     209.47.207.23
    150     205.188.249.130
    139     64.12.143.152
    138     87.104.159.150
    129     64.12.143.145
    128     205.188.249.131
    105     66.252.41.130
    
    DCC Embargoes (by name of peer)
    3190    205.200.189.31
    1505    205.200.189.32
    1042    142.233.200.30
    1014    205.200.189.28
    854     142.233.200.32
    841     205.200.189.29
    331     64.132.221.96
    236     24.71.223.10
    210     64.59.134.9
    96      137.82.93.70
    
    Illegal Relay Attempts (by name of peer)
    [..]

I've truncated some of the less interesting details.  We use the ZEN
RBL from Spamhaus within DCC to reject e-mail from listed SMTP peers.
I notice that these are ten times higher than rejections for bulk
mail.  Users can whitelist either type of message with the same
mechanism.

I'm wondering now if it would be beneficial for us to make the
criteria for bulk mail rejection less stringent.  All of the
complaints I've had of legitimate messages being rejected for
bulkiness have had to do with DCC's three types of body checksums.
Some of these were for messages from mailing lists and other true
duplicates.  Some were for messages that contained only a binary
attachment.  Some were mostly MIME or HTML goo.  Some were in another
language.

Is there a way to loosen the rejection criteria for body checksums?
Would it be better just to disable one of the checksums?  Which one
would that be?

PS: I can make the `cnt-rej.pl' script available if anyone else is
interested in it.

-- 
-Gary Mills-        -Unix Group-        -Computer and Network Services-



More information about the DCC mailing list

Contact vjs@rhyolite.com by mail or use the form.