annotate dccifd.html.in @ 1:9b8d79ac0dc3

blindly adding debian patch for old version
author Peter Gervai <grin@grin.hu>
date Tue, 10 Mar 2009 14:25:08 +0100
parents c7f6b056b673
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
0
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
1 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN">
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
2 <HTML>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
3 <HEAD>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
4 <META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
5 <TITLE>dccifd.0.8</TITLE>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
6 <META http-equiv="Content-Style-Type" content="text/css">
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
7 <STYLE type="text/css">
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
8 BODY {background-color:white; color:black}
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
9 ADDRESS {font-size:smaller}
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
10 IMG.logo {width:6em; vertical-align:middle}
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
11 </STYLE>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
12 </HEAD>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
13 <BODY>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
14 <PRE>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
15 <!-- Manpage converted by man2html 3.0.1 -->
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
16 <B><A HREF="dccifd.html">dccifd(8)</A></B> Distributed Checksum Clearinghouse <B><A HREF="dccifd.html">dccifd(8)</A></B>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
17
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
18
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
19 </PRE>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
20 <H2><A NAME="NAME">NAME</A></H2><PRE>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
21 <B>dccifd</B> -- Distributed Checksum Clearinghouse Interface Daemon
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
22
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
23
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
24 </PRE>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
25 <H2><A NAME="SYNOPSIS">SYNOPSIS</A></H2><PRE>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
26 <B>dccifd</B> [<B>-VdbxANQ</B>] [<B>-G</B> <I>on</I> | <I>off</I> | <I>noIP</I> | <I>IPmask/xx</I>] [<B>-h</B> <I>homedir</I>] [<B>-I</B> <I>user</I>]
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
27 [<B>-p</B> <I>/sock</I> | <I>host,port,rhost/bits</I>] [<B>-o</B> <I>/sock</I> | <I>host,port</I>]
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
28 [<B>-D</B> <I>local-domain</I>] [<B>-m</B> <I>map</I>] [<B>-w</B> <I>whiteclnt</I>] [<B>-U</B> <I>userdirs</I>]
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
29 [<B>-a</B> <I>IGNORE</I> | <I>REJECT</I> | <I>DISCARD</I>] [<B>-t</B> <I>type,</I>[<I>log-thold,</I>]<I>rej-thold</I>]
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
30 [<B>-g</B> [<I>not-</I>]<I>type</I>] [<B>-S</B> <I>header</I>] [<B>-l</B> <I>logdir</I>] [<B>-R</B> <I>rundir</I>]
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
31 [<B>-r</B> <I>rejection-msg</I>] [<B>-T</B> <I>tmpdir</I>] [<B>-j</B> <I>maxjobs</I>]
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
32 [<B>-B</B> <I>dnsbl-option</I>] [<B>-L</B> <I>ltype,facility.level</I>]
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
33
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
34
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
35 </PRE>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
36 <H2><A NAME="DESCRIPTION">DESCRIPTION</A></H2><PRE>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
37 <B>dccifd</B> is a daemon intended to connect spam filters such as SpamAssasin
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
38 and mail transfer agents (MTAs) other than sendmail to DCC servers. The
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
39 MTA or filter <B>dccifd</B> which in turn reports related checksums to the near-
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
40 est DCC server and adds an <I>X-DCC</I> SMTP header line to the message. The
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
41 MTA is told to reject the message if it is unsolicited bulk.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
42
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
43 <B>Dccifd</B> is similar to the DCC sendmail milter interface, <B><A HREF="dccm.html">dccm(8)</A></B> and the
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
44 DCC Procmail interface, <B><A HREF="dccproc.html">dccproc(8)</A></B>. <B>Dccifd</B> is more efficient than
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
45 <B><A HREF="dccproc.html">dccproc(8)</A></B> but not restricted to use with sendmail like <B><A HREF="dccm.html">dccm(8)</A></B>. All
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
46 three send reports of checksums related to mail received by DCC clients
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
47 and queries about the total number of reports of particular checksums.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
48
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
49 MTA programs use a simple ASCII protocol a subset of SMTP to send a mail
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
50 message including its SMTP envelope to the daemon. <B>Dccifd</B> responds with
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
51 an indication of whether the message is unsolicited bulk and an optional
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
52 copy of the message with an <I>X-DCC</I> header added. The ASCII protocol is
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
53 described below and in the <I>include/dccif.h</I> file in the DCC source. There
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
54 is a sample C interface routine in the <I>dcclib/dccif.c</I> file in the DCC
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
55 source and the <I>dcclib.a</I> library generated from the source. A <I>Perl</I> ver-
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
56 sion of the interface routine is in <I>dccifd/dccif.pl</I>. Test or demonstra-
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
57 tion programs in the style of <B><A HREF="dccproc.html">dccproc(8)</A></B> that use those interface rou-
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
58 tines are in <I>dccifd/dccif-test</I>.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
59
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
60 A subset of ESMTP can be used instead of the ASCII protocol to connect
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
61 <B>dccifd</B> to postfix as a "Before-Queue Content Filter." See the <B>-o</B> flag.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
62
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
63 Since the checksums of messages that are whitelisted locally by the <B>-w</B>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
64 <I>whiteclnt</I> file are not reported to the DCC server, <B>dccifd</B> knows nothing
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
65 about the total recipient counts for their checksums and so cannot add
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
66 <I>X-DCC</I> header lines to such messages.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
67
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
68 Enable the daemon and put its parameters in the <I>dcc</I><B>_</B><I>conf</I> file and start
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
69 the daemon with the <I>start-dccifd</I> script.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
70
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
71 The list of servers that <B>dccifd</B> contacts is in the memory mapped file <I>map</I>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
72 shared by local DCC clients. The file is maintained with <B><A HREF="cdcc.html">cdcc(8)</A></B>.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
73
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
74 <A NAME="OPTIONS"><B>OPTIONS</B></A>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
75 The following options are available:
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
76
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
77 <A NAME="OPTION-V"><B>-V</B></A> displays the version of <B>dccifd</B>.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
78
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
79 <A NAME="OPTION-d"><B>-d</B></A> enables debugging output from the DCC client software. Additional
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
80 <B>-d</B> options increase the number of messages. A single <B>-d</B>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
81 aborted SMTP transactions including those from some "dictionary
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
82 attacks."
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
83
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
84 <A NAME="OPTION-b"><B>-b</B></A> causes the daemon to not detach itself from the controlling tty and
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
85 put itself into the background.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
86
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
87 <A NAME="OPTION-x"><B>-x</B></A> causes the daemon to try "extra hard" to contact a DCC server.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
88 Since it is usually more important to deliver mail than to report
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
89 its checksums, <B>dccifd</B> normally does not delay too long while trying
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
90 to contact a DCC server. It will not try again for several seconds
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
91 after a failure. With <B>-x</B>, it will always try to contact the DCC
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
92 server and it will tell the MTA to answer the DATA command with a
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
93 4yz temporary failure.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
94
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
95 <A NAME="OPTION-A"><B>-A</B></A> adds to existing X-DCC headers in the message instead of replacing
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
96 existing headers of the brand of the current server.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
97
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
98 <A NAME="OPTION-N"><B>-N</B></A> neither adds, deletes, nor replaces existing X-DCC headers in the
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
99 message. Each message is logged, rejected, and otherwise handled
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
100 the same.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
101
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
102 <A NAME="OPTION-Q"><B>-Q</B></A> only queries the DCC server about the checksums of messages instead
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
103 of reporting and querying. This is useful when <B>dccifd</B> is used to
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
104 filter mail that has already been reported to a DCC server by
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
105 another DCC client. No single mail message should be reported to a
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
106 DCC server more than once per recipient, because each report will
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
107 increase the apparent "bulkness" of the message.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
108
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
109 It is better to use <I>MXDCC</I> lines in the global <I>whiteclnt</I> file for
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
110 your MX mail servers that use DCC than <B>-Q</B>.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
111
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
112 <A NAME="OPTION-G"><B>-G</B></A> <I>on</I> | <I>off</I> | <I>noIP</I> | <I>IPmask/xx</I>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
113 controls <I>greylisting</I>. At least one working greylist server must be
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
114 listed in the <I>map</I> file in the DCC home directory. If more than one
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
115 is named, they must "flood" or change checksums and they must use
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
116 the same <B>-G</B> parameters. See <B><A HREF="dccd.html">dccd(8)</A></B>. Usually all dccm or dccifd
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
117 DCC client processes use the same <B>-G</B> parameters.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
118
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
119 <I>IPmask/xx</I> and <I>noIP</I> remove part or all of the IP address from the
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
120 greylist triple. The CIDR block size, <I>xx</I>, must be between 1 and
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
121 128. 96 is added to block sizes smaller than 33 to make them appro-
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
122 priate for the IPv6 addresses used by the DCC. <I>IPmask/96</I> differs
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
123 from <I>noIP</I> for IPv4 addresses, because the former retains the IPv4 to
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
124 IPv6 mapping prefix.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
125
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
126 <A NAME="OPTION-h"><B>-h</B></A> <I>homedir</I>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
127 overrides the default DCC home directory, <I>@prefix@</I>.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
128
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
129 <A NAME="OPTION-I"><B>-I</B></A> <I>user</I>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
130 specifies the UID and GID of the process.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
131
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
132 <A NAME="OPTION-p"><B>-p</B></A> <I>/sock/name</I> | <I>host,port,rhost/bits</I>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
133 overrides the default address at which programs contact <B>dccifd</B>. The
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
134 default is a UNIX domain socket named dccifd in the DCC home direc-
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
135 tory.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
136
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
137 The second form specifies a local host name or IP address, a local
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
138 TCP port number, and the host names or IP addresses of computers
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
139 that can use <B>dccifd</B>. 127.0.0.1 or <I>localhost</I> are common choices for
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
140 <I>host</I>. The string <I>@</I> specifies IN_ADDRANY or all local IP addresses.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
141 127.0.0.0/8 is a common choice for <I>rhost/bits</I>.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
142
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
143 <A NAME="OPTION-o"><B>-o</B></A> <I>/sock</I> | <I>host,port</I>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
144 enables SMTP proxy mode instead of the ASCII protocol and specifies
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
145 the output connection when <B>dccifd</B> acts as an SMTP proxy. It is the
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
146 address of the SMTP server for which <B>dccifd</B> acts as SMTP client.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
147 When <I>/sock</I> is <I>/dev/null</I>, <B>dccifd</B> acts as if there were downstream
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
148 SMTP server that always answers "250 ok". The string <I>@</I> specifies
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
149 the same IP address as the incoming TCP connection.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
150
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
151 The input to <B>dccifd</B> in SMTP proxy mode is specified with <B>--p</B>. For
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
152 example, <B>-p</B> <I>127.0.0.1,10025,127.0.0.1/32</I> <B>-o</B> <I>127.0.0.1,10026</I> could be
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
153 used to connect <B>dccifd</B> with Postfix as described in the documenta-
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
154 tion in version 2.2.1 Postfix documentation.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
155
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
156 See below concerning the subset of ESMTP used in this mode.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
157
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
158 <A NAME="OPTION-m"><B>-m</B></A> <I>map</I>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
159 specifies a name or path of the memory mapped parameter file instead
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
160 of the default <I>map</I> file in the DCC home directory. It should be
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
161 created with the <B><A HREF="cdcc.html">cdcc(8)</A></B> command.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
162
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
163 <A NAME="OPTION-w"><B>-w</B></A> <I>whiteclnt</I>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
164 specifies an optional file containing filtering parameters as well
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
165 as SMTP client IP addresses, SMTP envelope values, and header values
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
166 of mail that is spam or is not spam and does not need a <I>X-DCC</I>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
167 header, and whose checksums should not be reported to the DCC
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
168 server.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
169
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
170 If the pathname <I>whiteclnt</I> is not absolute, it is relative to the DCC
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
171 home directory.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
172
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
173 The format of the <B>dccifd</B> whiteclnt file is the same as the <I>whitelist</I>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
174 files used by <B><A HREF="dbclean.html">dbclean(8)</A></B> and the <I>whiteclnt</I> file used by <B><A HREF="dccproc.html">dccproc(8)</A></B>.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
175 See <B><A HREF="dcc.html">dcc(8)</A></B> for a description of DCC white and blacklists. Because
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
176 the contents of the <I>whiteclnt</I> file are used frequently, a companion
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
177 file is automatically created and maintained. It has the same path-
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
178 name but with an added suffix of <I>.dccw</I> and contains a memory mapped
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
179 hash table of the main file.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
180
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
181 A whitelist entry ("OK") or two or more semi-whitelistings ("OK2")
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
182 for one of the message's checksums prevents all of the message's
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
183 checksums from being reported to the DCC server and the addition of
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
184 a <I>X-DCC</I> header line by <B>dccifd</B> A whitelist entry for a checksum also
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
185 prevents rejecting or discarding the message based on DCC recipient
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
186 counts as specified by <B>-a</B> and <B>-t</B>. Otherwise, one or more checksums
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
187 with blacklisting entries ("MANY") cause all of the message's check-
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
188 sums to be reported to the server with an addressee count of "MANY".
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
189
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
190 If the message has a single recipient, an <I>env</I><B>_</B><I>To</I> <I>whiteclnt</I> entry of
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
191 "OK" for the checksum of its recipient address acts like any other
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
192 <I>whiteclnt</I> entry of "OK." When the SMTP message has more than one
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
193 recipient, the effects can be complicated. When a message has sev-
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
194 eral recipients with some but not all listed in the <I>whiteclnt</I> file,
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
195 <B>dccifd</B> tries comply with the wishes of the users who want filtering
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
196 as well as those who don't by silently not delivering the message to
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
197 those who want filtering (i.e. are not whitelisted) and delivering
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
198 the message to don't want filtering.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
199
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
200 <A NAME="OPTION-U"><B>-U</B></A> <I>userdirs</I>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
201 enables per-user <I>whiteclnt</I> files and log directories. Each target
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
202 of a message can have a directory of log files named
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
203 <I>userdirs/addr/log</I> where <I>addr</I> is the local user or mailbox name com-
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
204 puted by the MTA. The name of each user's log directory must be
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
205 <I>log</I>. If it is not absolute, <I>userdirs</I> is relative to the DCC home
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
206 directory. The directory containing the log files must be named <I>log</I>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
207 and it must be writable by the <B>dccifd</B> process. Each log directory
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
208 must exist or logging for the corresponding is silently disabled.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
209 The files created in the log directory are owned by the UID of the
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
210 <B>dccifd</B> process, but they have <I>group</I> and <I>other</I> read and write permis-
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
211 sions copied from the corresponding <I>log</I> directory. To ensure the
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
212 privacy of mail, it may be good to make the directories readable
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
213 only by <I>owner</I> and <I>group</I>, and to use a cron script that changes the
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
214 owner of each file to match the grandparent <I>addr</I> directory.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
215
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
216 There can also be a per -user whitelist file named
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
217 <I>userdirs/addr/whiteclnt</I> for each address <I>addr.</I> Any checksum that is
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
218 not white- or blacklisted by an individual addressee's <I>whiteclnt</I>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
219 file is checked in the main <B>-w -whiteclnt</B> file. A missing per-
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
220 addressee <I>whiteclnt</I> file is the same as an empty file. Relative
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
221 paths for files included in per-addressee files are resolved in the
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
222 DCC home directory. The <I>whiteclnt</I> files and the <I>addr</I> directories
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
223 containing them must be writable by the <B>dccifd</B> process.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
224
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
225 <I>Option</I> lines in per-user whiteclnt files can be used to modify many
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
226 aspects of <B>dccifd</B> filtering, as described in the main dcc man page.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
227 For example, an <I>option</I> <I>dcc-off</I> line turns off DCC filtering for
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
228 individual mailboxes.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
229
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
230 <A NAME="OPTION-a"><B>-a</B></A> <I>IGNORE</I> | <I>REJECT</I> | <I>DISCARD</I>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
231 specifies the action taken when <B>dccifd</B> is in proxy mode with <B>-o</B> and
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
232 DCC server counts or <B>-t</B> thresholds say that a message is unsolicited
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
233 and bulk. <I>IGNORE</I> causes the message to be unaffected except for
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
234 adding the <I>X-DCC</I> header line to the message. This turns off DCC
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
235 filtering.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
236
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
237 Spam can also be <I>REJECT</I>ed or (when in proxy mode with <B>-o</B>) accepted
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
238 and silently <I>DISCARD</I>ed without being delivered to local mailboxes.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
239 The default is <I>REJECT</I>.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
240
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
241 Mail forwarded via IP addresses marked <I>MX</I> or <I>MXDCC</I> in the main
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
242 <I>whiteclnt</I> file is treated as if <B>-a</B> <I>DISCARD</I> were specified. This
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
243 prevents "bouncing" spam.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
244
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
245 The effects of the <B>-w</B> <I>whiteclnt</I> are not affected by <B>-a</B>.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
246
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
247 <A NAME="OPTION-t"><B>-t</B></A> <I>type,</I>[<I>log-thold,</I>]<I>rej-thold</I>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
248 sets logging and "spam" thresholds for checksum <I>type</I>. The checksum
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
249 types are <I>IP</I>, <I>env</I><B>_</B><I>From</I>, <I>From</I>, <I>Message-ID</I>, <I>substitute</I>, <I>Received</I>,
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
250 <I>Body</I>, <I>Fuz1</I>, <I>Fuz2</I>, <I>rep-total</I>, and <I>rep</I>. The first six, <I>IP</I> through
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
251 <I>substitute</I>, have no effect except when a local DCC server configured
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
252 with <B>-K</B> is used. The <I>substitute</I> thresholds apply to the first sub-
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
253 stitute heading encountered in the mail message. The string <I>ALL</I>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
254 sets thresholds for all types, but is unlikely to be useful except
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
255 for setting logging thresholds. The string <I>CMN</I> specifies the com-
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
256 monly used checksums <I>Body</I>, <I>Fuz1</I>, and <I>Fuz2</I>. <I>Rej-thold</I> and <I>log-thold</I>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
257 must be numbers, the string <I>NEVER</I>, or the string <I>MANY</I> indicating
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
258 millions of targets. Counts from the DCC server as large as the
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
259 threshold for any single type are taken as sufficient evidence that
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
260 the message should be logged or rejected.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
261
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
262 <I>Log-thold</I> is the threshold at which messages are logged. It can be
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
263 handy to log messages at a lower threshold to find solicited bulk
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
264 mail sources such as mailing lists. If no logging threshold is set,
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
265 only rejected mail and messages with complicated combinations of
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
266 white and blacklisting are logged. Messages that reach at least one
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
267 of their rejection thresholds are logged regardless of logging
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
268 thresholds.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
269
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
270 <I>Rej-thold</I> is the threshold at which messages are considered "bulk,"
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
271 and so should be rejected or discarded if not whitelisted.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
272
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
273 DCC Reputation thresholds in the commercial version of the DCC are
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
274 controlled by thresholds on checksum types <I>rep</I> and <I>rep-total</I>. Mes-
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
275 sages from an IP address that the DCC database says has sent more
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
276 than <B>-t</B> <I>rep-total,log-thold</I> messages are logged. A DCC Reputation
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
277 is computed for messages received from IP addresses that have sent
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
278 more than <B>-t</B> <I>rep-total,log-thold</I> messages. The DCC Reputation of an
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
279 IP address is the percentage of its messages that have been detected
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
280 as bulk or having at least 10 recipients. The defaults are equiva-
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
281 lent to <B>-t</B> <I>rep,never</I> and <B>-t</B> <I>rep-total,never,20</I>.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
282
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
283 Bad DCC Reputations do not reject mail unless enabled by an <I>option</I>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
284 <I>DCC-rep-on</I> line in a <I>whiteclnt</I> file.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
285
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
286 The checksums of locally whitelisted messages are not checked with
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
287 the DCC server and so only the number of targets of the current copy
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
288 of a whitelisted message are compared against the thresholds.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
289
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
290 The default is <I>ALL,NEVER</I>, so that nothing is discarded, rejected, or
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
291 logged. A common choice is <I>CMN,25,50</I> to reject or discard mail with
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
292 common bodies except as overridden by the whitelist of the DCC
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
293 server, the sendmail <I>${dcc</I><B>_</B><I>isspam}</I> and <I>${dcc</I><B>_</B><I>notspam}</I> macros, and
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
294 <B>-g</B>, and <B>-w</B>.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
295
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
296 <A NAME="OPTION-g"><B>-g</B></A> [<I>not-</I>]<I>type</I>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
297 indicates that whitelisted, <I>OK</I> or <I>OK2</I>, counts from the DCC server
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
298 for a type of checksum are to be believed. They should be ignored
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
299 if prefixed with <I>not-</I>. <I>Type</I> is one of the same set of strings as
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
300 for <B>-t</B>. Only <I>IP</I>, <I>env</I><B>_</B><I>From</I>, and <I>From</I> are likely choices. By default
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
301 all three are honored, and hence the need for <I>not-</I>.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
302
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
303 <A NAME="OPTION-S"><B>-S</B></A> <I>hdr</I>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
304 adds to the list of substitute or locally chosen headers that are
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
305 checked with the <B>-w</B> <I>whiteclnt</I> file and sent to the DCC server. The
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
306 checksum of the last header of type <I>hdr</I> found in the message is
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
307 checked. <I>Hdr</I> can be <I>HELO</I> to specify the SMTP envelope HELO value.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
308 <I>Hdr</I> can also be <I>mail</I><B>_</B><I>host</I> to specify the host name from the
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
309 Mail_from value in the SMTP envelope. As many as six different sub-
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
310 stitute headers can be specified, but only the checksum of the first
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
311 of the six will be sent to the DCC server.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
312
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
313 <A NAME="OPTION-l"><B>-l</B></A> <I>logdir</I>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
314 specifies a directory in which files containing copies of messages
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
315 processed by <B>dccifd</B> are kept. They can be copied to per-user direc-
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
316 tories specified with <B>-U</B>. Information about other recipients of a
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
317 message is deleted from the per-user copies.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
318
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
319 See the FILES section below concerning the contents of the files.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
320 See also the <I>option</I> <I>log-subdirectory-{day,hour,minute}</I> lines in
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
321 <I>whiteclnt</I> files described in <B><A HREF="dcc.html">dcc(8)</A></B>.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
322
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
323 The directory is relative to the DCC home directory if it is not
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
324 absolute
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
325
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
326 <A NAME="OPTION-R"><B>-R</B></A> <I>rundir</I>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
327 specifies the "run" directory where the file containing the daemon's
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
328 process ID is stored. The default value is <I>@dcc_rundir@</I>.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
329
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
330 <A NAME="OPTION-T"><B>-T</B></A> <I>tmpdir</I>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
331 changes the default directory for temporary files from the default.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
332 The default is the directory specified with <B>-l</B> or the system default
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
333 if <B>-l</B> is not used. The system default is often <I>/tmp</I>.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
334
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
335 <A NAME="OPTION-D"><B>-D</B></A> <I>local-domain</I>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
336 specifies a host or domain name by which the system is known. There
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
337 can be several <B>-D</B> settings.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
338
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
339 To find the per-user log directory and whitelist for each mail
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
340 recipient, <B>dccifd</B> must know each recipient's user name. The ASCII
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
341 protocol used between and the MTA includes an optional user name
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
342 with each SMTP recipient address. When the user name is absent when
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
343 the ASCII protocol is used or when the subset of ESMTP enabled with
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
344 <B>-o</B> is used, and when the SMTP recipient address includes an <I>at</I> <I>sign</I>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
345 (@) each mail address is checked against the list of <I>local-domain</I>s.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
346 The part of the recipient address remaining after longest matching
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
347 <I>local-domain</I> (if any) is taken as the user name. The match is
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
348 anchored at the right or the end of the recipient address. It must
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
349 start at a period (.) or <I>at</I> <I>sign</I> (@) in the domain name part of the
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
350 address.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
351
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
352 If <I>local-domain</I> starts with an asterisk (*) indicating a wildcard,
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
353 preceding sub-domain names are discarded to compute the user name.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
354 Otherwise, the computed user name will include any unmatched sub-
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
355 domain names.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
356
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
357 The default value of <I>local-domain</I> when there are no <B>-D</B> settings is
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
358 the host name of the system.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
359
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
360 <A NAME="OPTION-r"><B>-r</B></A> <I>rejection-msg</I>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
361 specifies the rejection message in <B>-o</B> proxy mode for unsolicited
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
362 bulk mail or for mail temporarily blocked by <I>greylisting</I> when <B>-G</B> is
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
363 specified. The first <B>-r</B> <I>rejection-msg</I> replaces the default bulk
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
364 mail rejection message, "5.7.1 550 mail %ID from %CIP rejected by
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
365 DCC". The second replaces "4.2.1 452 mail %ID from %CIP temporary
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
366 greylist embargoed". The third <B>-r</B> <I>rejection-msg</I> replaces the
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
367 default SMTP rejection message "5.7.1 550 %ID bad reputation; see
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
368 http://commercial-dcc.rhyolite.com/cgi-bin/reps.cgi?tgt=%CIP" for
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
369 mail with bad DCC Reputations. If <I>rejection-msg</I> is the zero-length
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
370 string, the <B>-r</B> setting is counted but the corresponding message is
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
371 not changed.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
372
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
373 <I>Rejection-msg</I> can contain specific information about the mail mes-
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
374 sage. The following strings starting with % are replaced with the
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
375 corresponding values:
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
376 %ID message ID such as the unique part of log file name or
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
377 sendmail queue ID
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
378 %CIP SMTP client IP address
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
379 %BTYPE type of DNS blacklist hit, such as "SMTP client",
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
380 "mail_host", or "URL NS"
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
381 %BTGT IP address or name declared bad by DNS blacklist
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
382 %BPROBE domain name found in DNS blacklist such as
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
383 4.3.2.10.example.com
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
384 %BRESULT value of the %BPROBE domain name found in DNS black-
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
385 list
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
386
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
387 A common alternate for the bulk mail rejection message is "4.7.1 451
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
388 Access denied by DCC" to tell the sending mail system to continue
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
389 trying. Use a 4yz response with caution, because it is likely to
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
390 delay for days a delivery failure message for false positives. If
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
391 the rejection message does not start with an RFC 1893 status code
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
392 and RFC 2821 reply code, 5.7.1 and 550 or 4.2.1 and 452 are used.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
393
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
394 See also <B>-B</B> <I>set:rej-msg=rejection-msg</I> to set the status message for
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
395 mail rejected by DNS blacklists.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
396
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
397 <A NAME="OPTION-j"><B>-j</B></A> <I>maxjobs</I>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
398 limits the number of simultaneous requests that will be processed.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
399 The default value is the maximum number that seems to be possible
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
400 given system limits on open files, select() bit masks, and so forth.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
401 Start <B>dccifd</B> with <B>-d</B> and see the starting message in the system log
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
402 to see the limit.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
403
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
404 <A NAME="OPTION-B"><B>-B</B></A> <I>dnsbl-option</I>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
405 enables DNS blacklist checks of the SMTP client IP address, SMTP
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
406 envelope Mail_From sender domain name, and of host names in URLs in
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
407 the message body. Body URL blacklisting has too many false posi-
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
408 tives to use on abuse mailboxes. It is less effective than
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
409 greylisting with <B><A HREF="dccm.html">dccm(8)</A></B> or <B><A HREF="dccifd.html">dccifd(8)</A></B> but can be useful in situa-
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
410 tions where greylisting cannot be used.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
411
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
412 <I>Dnsbl-option</I> is either one of the <B>-B</B> <I>set:option</I> forms or
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
413 <B>-B</B> <I>domain</I>[<I>,IPaddr</I>[<I>/xx</I>[<I>,bltype</I>]]]
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
414 <I>Domain</I> is a DNS blacklist domain such as example.com that will be
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
415 searched. <I>IPaddr</I>[<I>/xxx</I>] is the string "any" an IP address in the DNS
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
416 blacklist that indicates that the mail message should be rejected,
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
417 or a CIDR block covering results from the DNS blacklist.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
418 "127.0.0.2" is assumed if <I>IPaddr</I> is absent. IPv6 addresses can be
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
419 specified with the usual colon (:) notation. Names can be used
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
420 instead of numeric addresses. The type of DNS blacklist is speci-
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
421 fied by <I>bltype</I> as <I>name</I>, <I>IPv4</I>, or <I>IPv6</I>. Given an envelope sender
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
422 domain name or a domain name in a URL of spam.domain.org and a
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
423 blacklist of type <I>name</I>, spam.domain.org.example.com will be tried.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
424 Blacklist types of <I>IPv4</I> and <I>IPv6</I> require that the domain name in a
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
425 URL sender address be resolved into an IPv4 or IPv6 address. The
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
426 address is then written as a reversed string of decimal octets to
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
427 check the DNS blacklist, as in 2.0.0.127.example.com,
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
428
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
429 More than one blacklist can be specified and blacklists can be
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
430 grouped. All searching within a group is stopped at the first posi-
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
431 tive result.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
432
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
433 Positive results are ignored after being logged unless an
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
434 <I>option</I> <I>DNSBL-on</I> line appears in the global or per-user <I>whiteclnt</I>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
435 file.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
436
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
437 <B>-B</B> <I>set:no-client</I>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
438 says that SMTP client IP addresses and reverse DNS domain names
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
439 should not be checked in the following blacklists.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
440 <B>-B</B> <I>set:client</I> restores the default for the following black-
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
441 lists.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
442
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
443 <B>-B</B> <I>set:no-mail</I><B>_</B><I>host</I>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
444 says that SMTP envelope Mail_From sender domain names should
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
445 not be checked in the following blacklists. <B>-B</B> <I>set:mail</I><B>_</B><I>host</I>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
446 restores the default.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
447
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
448 <B>-B</B> <I>set:no-URL</I>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
449 says that URLs in the message body should not be checked in the
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
450 in the following blacklists. <B>-B</B> <I>set:URL</I> restores the default.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
451
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
452 <B>-B</B> <I>set:no-MX</I>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
453 says MX servers of sender Mail_From domain names and host names
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
454 in URLs should not be checked in the following blacklists.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
455 <B>-B</B> <I>set:MX</I> restores the default.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
456
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
457 <B>-B</B> <I>set:no-NS</I>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
458 says DNS servers of sender Mail_From domain names and host
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
459 names in URLs should not be checked in the following black-
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
460 lists. <B>-B</B> <I>set:NS</I> restores the default.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
461
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
462 <B>-B</B> <I>set:defaults</I>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
463 is equivalent to all of <B>-B</B> <I>set:no-temp-fail</I> <B>-B</B> <I>set:client</I>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
464 <B>-B</B> <I>set:mail</I><B>_</B><I>host</I> <B>-B</B> <I>set:URL</I> <B>-B</B> <I>set:MX</I> and <B>-B</B> <I>set:NS</I>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
465
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
466 <B>-B</B> <I>set:group=X</I>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
467 adds later DNS blacklists specified with
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
468 <B>-B</B> <I>domain</I>[<I>,IPaddr</I>[<I>/xx</I>[<I>,bltype</I>]]]
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
469 to group 1, 2, or 3.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
470
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
471 <B>-B</B> <I>set:debug=X</I>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
472 sets the DNS blacklist logging level
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
473
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
474 <B>-B</B> <I>set:msg-secs=S</I>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
475 limits <B>dccifd</B> to <I>S</I> seconds total for checking all DNS black-
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
476 lists. The default is 25.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
477
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
478 <B>-B</B> <I>set:URL-secs=S</I>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
479 limits <B>dccifd</B> to at most <I>S</I> seconds resolving and checking any
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
480 single URL. The default is 11. Some spam contains dozens of
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
481 URLs and that some "spamvertised" URLs contain host names that
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
482 need minutes to resolve. Busy mail systems cannot afford to
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
483 spend minutes checking each incoming mail message.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
484
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
485 <B>-B</B> <I>set:rej-msg=rejection-msg</I>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
486 sets the SMTP rejection message for the following blacklists.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
487 <I>Rejection-msg</I> must be in the same format as for <B>-r</B>. If
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
488 <I>rejection-msg</I> is null, the default is restored. The default
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
489 DNS blacklist rejection message is the first message set with
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
490 <B>-r</B>.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
491
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
492 <B>-B</B> <I>set:temp-fail</I>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
493 causes <B>dccifd</B> to the MTA to answer the SMTP DATA command with
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
494 452 4.2.1 mail %ID from %CIP temporary delayed for DNSBL
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
495 if any DNS answer required for a DNSBL in the current group
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
496 times out, including resolving names in URLs.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
497
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
498 <B>-B</B> <I>set:no-temp-fail</I>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
499 restores the default of assuming a negative answer for DNS
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
500 responses that take too long.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
501
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
502 <B>-B</B> <I>set:maxjobs=X</I>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
503 sets maximum number of helper processes to <I>X</I>. In order to use
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
504 typical single-threaded DNS resolver libraries, <B>dccifd</B> uses
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
505 fleets of helper processes. It is rarely a good idea to change
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
506 the default, which is the same as the maximum number of simul-
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
507 taneous jobs set with <B>-j</B>.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
508
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
509 <B>-B</B> <I>set:progpath=@libexecdir@/dns-helper</I>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
510 changes the path to the helper program.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
511
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
512 <A NAME="OPTION-L"><B>-L</B></A> <I>ltype,facility.level</I>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
513 specifies how messages should be logged. <I>Ltype</I> must be <I>error</I>, <I>info</I>,
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
514 or <I>off</I> to indicate which of the two types of messages are being con-
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
515 trolled or to turn off all <B>syslog(3)</B> messages from <B>dccifd</B>. <I>Level</I>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
516 must be a <B>syslog(3)</B> level among <I>EMERG</I>, <I>ALERT</I>, <I>CRIT</I>, <I>ERR</I>, <I>WARNING</I>,
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
517 <I>NOTICE</I>, <I>INFO</I>, and <I>DEBUG</I>. <I>Facility</I> must be among <I>AUTH</I>, <I>AUTHPRIV</I>,
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
518 <I>CRON</I>, <I>DAEMON</I>, <I>FTP</I>, <I>KERN</I>, <I>LPR</I>, <I>MAIL</I>, <I>NEWS</I>, <I>USER</I>, <I>UUCP</I>, and <I>LOCAL0</I>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
519 through <I>LOCAL7</I>. The default is equivalent to
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
520 <B>-L</B> <I>info,MAIL.NOTICE</I> <B>-L</B> <I>error,MAIL.ERR</I>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
521
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
522 <B>dccifd</B> normally sends counts of mail rejected and so forth to the system
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
523 log at midnight. The SIGUSR1 signal sends an immediate report to the
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
524 system log. The reports will be repeated every 24 hours at the same
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
525 minute as the signal instead of at midnight.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
526
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
527 <A NAME="Protocol"><B>Protocol</B></A>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
528 <B>Dccifd</B> uses a simple ASCII protocol to receive mail messages to be
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
529 checked and to return results. For each message, the MTA must open a
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
530 connection to the interface daemon, send options, envelope recipients,
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
531 and the message, receive the results, and close the connection.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
532
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
533 Instead of the ASCII protocol, a subset of ESMTP is enabled by <B>-o</B>. Only
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
534 the familiar HELO, EHLO, Mail, Rcpt, DATA, RSET, and QUIT commands and
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
535 the Postfix extensions XFORWARD and XCLIENT are honored. Since SMTP has
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
536 no provisions for user names, the protocol enabled by <B>-o</B> depends on a
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
537 list of local domain names specified with <B>-D</B> to find per-user log direc-
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
538 tories and whitelist files. If neither XFORWARD nor XCLIENT are used,
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
539 <B>dccifd</B> uses the IP address of the MTA and the value of the HELO command.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
540
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
541 In the ASCII protocol, each of the following lines are sent in order to
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
542 <B>dccifd</B>. Each ends with a newline ('\n') character.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
543 options zero or more blank-separated strings among:
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
544 <I>spam</I> the message is already known to be spam
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
545 <I>body</I> return all of the headers with the added
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
546 <I>X-DCC</I> header line and the body
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
547 <I>header</I> return the <I>X-DCC</I> header
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
548 <I>query</I> ask the DCC server about the message without
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
549 reporting it, as if <B>dccifd</B> were running with
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
550 <B>-Q</B>.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
551 <I>grey-query</I> only query the greylist server for this mes-
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
552 sage. <B>-G</B> <I>on</I> must be in use.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
553 <I>no-reject</I> suppress the overall, one character line 'R'
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
554 result. This can be useful when using <B>dccifd</B>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
555 only for greylisting.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
556 <I>log</I> ensure that this message is logged as if
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
557 <B>dccifd</B> were running with <B>-t -all,0,</B>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
558 client IP address of the SMTP client in a "dotted" or "coloned"
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
559 ASCII string and reverse-DNS host name. If the host name
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
560 is present, it must follow a carriage return character
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
561 ('\r') after the IP address. The client IP address must be
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
562 present and non-null if the host name is present. The
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
563 string "0.0.0.0\n" is understood the same as the null
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
564 string, meaning that both the IP address and host name are
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
565 absent. If the client IP address is absent, then the IP
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
566 address and host name are taken from the first non-local
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
567 Received header if it has the standard "name (name [IP
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
568 address])..." format. Non-standard Received headers com-
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
569 monly added by qmail as well as Received headers specifying
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
570 IP addresses marked <I>MX</I> or <I>MXDCC</I> in the global <B>-w</B> <I>whiteclnt</I>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
571 file are skipped.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
572 HELO SMTP HELO value or nothing, followed by a newline ('\n')
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
573 character. If the HELO value is null and the IP address of
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
574 the SMTP client are not supplied, they will be taken from
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
575 the same Received: header that supplies the IP address.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
576 sender or SMTP <I>Mail</I> <I>From</I> command value for the env_from checksum.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
577 If the sender is null, the contents of the first Return-
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
578 Path: or UNIX style From_ header is used.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
579 recipients or SMTP <I>Rcpt</I> <I>To</I> recipient mailboxes followed by correspond-
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
580 ing local user names, one (mailbox,user) pair to a line.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
581 Each optional local user name is separated from the corre-
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
582 sponding mailbox recipient address by a carriage return
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
583 ('\r'). A local user name can be null if it is not known,
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
584 but each recipient mailbox must be non-null. If there are
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
585 no lines of (mailbox,user) pairs and if the <I>spam</I> option is
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
586 not included, then the <I>query</I> is assumed. Mailboxes without
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
587 user names will lack per-user log files and will not invoke
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
588 a per-user whitelist.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
589
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
590 The last recipient-user name pair is followed by an empty line and the
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
591 headers and body of the message. The end of the body of the mail message
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
592 is signaled by the MTA half-closing the connection. See <B>shutdown(2)</B>.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
593
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
594 <B>Dccifd</B> responds with three things. First is a one character line of the
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
595 overall result advising the MTA:
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
596 A accept the message for all recipients and answer the SMTP DATA
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
597 command with a 2yz result.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
598 G answer with a 4yz result to embargo the message for greylisting.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
599 R reject the message and answer the DATA command with a 5yz result.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
600 S accept the message for some recipients and so answer the DATA com-
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
601 mand with a 2yz result.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
602 T temporary failure by the DCC system and so answer with a 4yz
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
603 result.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
604
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
605 Second is a line of characters indicating the disposition of the message
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
606 for each corresponding recipient:
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
607 A deliver the message
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
608 G discard the message during a greylist embargo
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
609 R discard the message as spam
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
610 The SMTP protocol allows only a single result for the DATA command for
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
611 all recipients that were not rejected before body of the message was
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
612 offered with the DATA command. To accept the message for some recipients
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
613 and reject it for others, the MTA must tell the SMTP client it is accept-
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
614 ing the message for all recipients and then discard it for those that
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
615 would reject it.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
616
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
617 Finally, if the <I>body</I> or <I>header</I> strings are in the first line of <I>options</I>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
618 sent by the MTA to the daemon, then the <I>X-DCC</I> header line or the entire
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
619 body with the <I>X-DCC</I> header line follows.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
620
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
621
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
622 </PRE>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
623 <H2><A NAME="FILES">FILES</A></H2><PRE>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
624 <A NAME="FILE-@prefix@">@prefix@</A> is the DCC home directory in which other files are found.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
625 <A NAME="FILE-@libexecdir@/start">@libexecdir@/start</A>-dccifd
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
626 and
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
627 <A NAME="FILE-@libexecdir@/rcDCC">@libexecdir@/rcDCC</A>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
628 are scripts used to start the daemon.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
629 <A NAME="FILE-dcc/dcc_conf">dcc/dcc_conf</A>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
630 contains parameters used by the scripts to start DCC daemons
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
631 and cron jobs.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
632 <A NAME="FILE-logdir">logdir</A> is an optional directory specified with <B>-l</B> and containing
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
633 marked mail. Each file in the directory contains one mes-
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
634 sage, at least one of whose checksums reached its <B>-t</B> thresh-
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
635 olds or that is interesting for some other reason. Each file
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
636 starts with lines containing the date when the message was
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
637 received, the IP address of the SMTP client, and SMTP enve-
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
638 lope values. Those lines are followed by the body of the
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
639 SMTP message including its header as it was received. Only
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
640 approximately the first 32 KBytes of the body are recorded
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
641 unless modified by <I>./configure</I> <I>--with-max-log-size=xx</I> The
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
642 checksums for the message follow the body. They are followed
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
643 by lines indicate that one of the checksums is white- or
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
644 blacklisted by the <B>-w</B> <I>whiteclnt</I> file. Each log file ends
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
645 with the <I>X-DCC</I> header line added to the message and the dis-
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
646 position of the message.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
647 <A NAME="FILE-map">map</A> is the memory mapped file of information concerning DCC
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
648 servers in the DCC home directory.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
649 <A NAME="FILE-whiteclnt">whiteclnt</A> contains the client whitelist in the format described in
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
650 <B><A HREF="dcc.html">dcc(8)</A></B>.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
651 <A NAME="FILE-whiteclnt.dccw">whiteclnt.dccw</A>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
652 is a memory mapped hash table of the <I>whiteclnt</I> file.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
653 <A NAME="FILE-dccifd.pid">dccifd.pid</A> in the <B>-R</B> <I>rundir</I> directory contains daemon's process ID.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
654
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
655
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
656 </PRE>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
657 <H2><A NAME="EXAMPLES">EXAMPLES</A></H2><PRE>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
658 Dccifd can be used as Postfix Before-Queue Content filter. In some tests
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
659 these values for <B>-p</B> and <B>-o</B> in <I>dcc</I><B>_</B><I>conf</I>.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
660
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
661 DCCIFD_ENABLE=on
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
662 DCCIFD_ARGS="-p 127.0.0.1,10025,127.0.0.1/32 -o 127.0.0.1,10026
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
663
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
664 worked with these lines in /etc/postfix/master.cf
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
665
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
666 smtp inet n - n - - smtpd
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
667 -o smtpd_proxy_filter=127.0.0.1:10025
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
668 127.0.0.1:10026 inet n - n - - smtpd
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
669 -o smtpd_authorized_xforward_hosts=127.0.0.0/8
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
670 -o smtpd_client_restrictions=
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
671 -o smtpd_helo_restrictions=
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
672 -o smtpd_sender_restrictions=
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
673 -o smtpd_recipient_restrictions=permit_mynetworks,reject
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
674 -o smtpd_data_restrictions=
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
675 -o mynetworks=127.0.0.0/8
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
676 -o receive_override_options=no_unknown_recipient_checks
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
677
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
678
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
679 </PRE>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
680 <H2><A NAME="SEE-ALSO">SEE ALSO</A></H2><PRE>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
681 <B><A HREF="cdcc.html">cdcc(8)</A></B>, <B><A HREF="dbclean.html">dbclean(8)</A></B>, <B><A HREF="dcc.html">dcc(8)</A></B>, <B><A HREF="dccd.html">dccd(8)</A></B>, <B><A HREF="dblist.html">dblist(8)</A></B>, <B><A HREF="dccm.html">dccm(8)</A></B>, <B><A HREF="dccproc.html">dccproc(8)</A></B>,
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
682 <B><A HREF="dccsight.html">dccsight(8)</A></B>,
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
683
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
684
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
685 </PRE>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
686 <H2><A NAME="HISTORY">HISTORY</A></H2><PRE>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
687 Implementation of <B>dccifd</B> Distributed Checksum Clearinghouses are based on
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
688 an idea of Paul Vixie with code designed and written at Rhyolite Software
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
689 starting in 2000. was started at Rhyolite Software in 2002. This docu-
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
690 ment describes version 1.3.103.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
691
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
692
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
693 </PRE>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
694 <H2><A NAME="BUGS">BUGS</A></H2><PRE>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
695 <B>dccifd</B> uses <B>-t</B> where <B><A HREF="dccproc.html">dccproc(8)</A></B> uses <B>-c</B>.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
696
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
697 By default <B>dccifd</B> look for its UNIX domain socket in the DCC home direc-
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
698 tory, but <B><A HREF="dccm.html">dccm(8)</A></B> looks in its <B>-R</B> <I>rundir</I>.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
699
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
700 Systems without <B>setrlimit(2)</B> and <B>getrlimit(2)</B> RLIMIT_NOFILE can have
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
701 problems with the default limit on the number of simultaneous jobs, the
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
702 value of <B>-j</B>. Every job requires four open files. These problems are
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
703 usually seen with errors messages that say something like
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
704 dccifd[24448]: DCC: accept(): Result too large
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
705 A fix is to use a smaller value for <B>-j</B> or to allow <B>dccifd</B> to open more
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
706 files.
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
707
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
708 February 26, 2009
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
709 </PRE>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
710 <HR>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
711 <ADDRESS>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
712 Man(1) output converted with
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
713 <a href="http://www.oac.uci.edu/indiv/ehood/man2html.html">man2html</a>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
714 modified for the DCC $Date 2001/04/29 03:22:18 $
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
715 <BR>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
716 <A HREF="http://www.dcc-servers.net/dcc/">
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
717 <IMG SRC="http://logos.dcc-servers.net/border.png"
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
718 class=logo ALT="DCC logo">
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
719 </A>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
720 <A HREF="http://validator.w3.org/check?uri=referer">
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
721 <IMG class=logo ALT="Valid HTML 4.01 Strict"
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
722 SRC="http://www.w3.org/Icons/valid-html401">
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
723 </A>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
724 </ADDRESS>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
725 </BODY>
c7f6b056b673 First import of vendor version
Peter Gervai <grin@grin.hu>
parents:
diff changeset
726 </HTML>