notdcc: CHANGES comparison

comparison CHANGES @ 0:c7f6b056b673

First import of vendor version

author	Peter Gervai <grin@grin.hu>
date	Tue, 10 Mar 2009 13:49:58 +0100
parents
children

comparison

equal deleted inserted replaced

--1:000000000000
+:c7f6b056b673
+Changes to the Distributed Checksum Clearinghouse source.
+2009/02/26 02:52:46 Rhyolite Software DCC 1.3.103-1.295 $Revision$
+1.3.103
+Quiet RedHat versus Debian error message from rcDCC reported by Ken Rea.
+Deal with corrupt /var/dcc/map reported by Steve Martin instead of
+	calling abort().
+Fix error in libexec/fetch-testmsg-whitelist reported by Horst Scheuermann
+	and William Taylor.
+Tweak ./configure and makefiles to try to avoid the mysterious,
+	unreproducable linking problem reported by John Levine.
+Fix bug with `./configure --with-max-log-size=0` reported by
+	Valentin Schmid.
+`./configure --with-max-log-size=KB` now also applies to dccproc log files.
+Generate man pages with /var/dcc and other directories replaced by
+	local ./configure choices.  This is intended to help the FreeBSD
+	package	and similar redistributions.
+1.3.102
+Fix build error reported by Steve Martin in dnsbl.c on MacOS X and other
+	systems without a resolver library found by ./configure.
+1.3.101
+Fix inconsistent declaration of grey_on in dccd/dump-clients/dump-clients.c
+	reported by Bobby Rose.
+1.3.100
+Support groups of DNS blacklists that can be independently enabled
+	in per-user whiteclnt files.
+Follow Petar Bogdanovic's suggestion to make ./configure assume that
+	`su -` and the default file ownership on NetBSD should be like FreeBSD
+Another tweak to reduce spurious DCC Reputations for 127.0.0.1.
+Dccifd in query mode assumes one recipient and so always generates an
+	X-DCC header.
+Tweak proof of concept per-user whitelist cgi scripts in cgi-bin.
+Improve long term client request rate computation to improve how public
+	DCC servers handle too active clients.
+Count anonymous clients ignored by `dccd -uFOREVER` among `cdcc stats`
+	"bad IDs" to more easily detect local clients that lack client-IDs
+	and passwords.
+`misc/hackmc -M` now reports mail rejected with the sendmail
+	FEATURE(`badmx') to the DCC with counts of "MANY"
+1.3.99
+Fix typo in Makefile.inc for NetBSD and OSF1 reported by Petar Bogdanovic.
+1.3.98
+Change the DCC server to not sign responses to anonymous clients with
+	the client's sequence numbers in protocol version 9.
+Add `dccd -T wlist` and `cdcc "trace wlist on"` to help find failures
+	by clients to whitelist IP addresses and other checksums
+	in /var/dcc/whitelist.
+Let whitelisting by the MTA, DCC server, or other whiteclnt lines override
+	"option spam-trap-accept" and "option spam-trap-reject" whiteclnt
+	lines as suggested by Horst Scheuermann.
+Finally document in the man pages parameters including %CIP that can be
+	used in dccifd and dccm rejection messages.
+1.3.97
+Fix "pthread_mutex_lock(cwf): Invalid argument; fatal error" reported
+	by Steve Martin.
+1.3.96
+Add `cdcc "clock check" to help detect broken clocks at DCC servers.
+Fix intermittent complaints about whiteclnt.dccw reported by Gary Mills.
+`cdcc clients` now indicates clients that have pegged a server's
+	anti-DoS delays.
+1.3.95
+Stop rare "fcntl(F_SETLKW F_WRLCK info  -1): Bad file descriptor" complaints
+	when dccm and dccifd start.
+1.3.94
+Fix core new dump in version 1.3.93 of dccm with aborted mail messages.
+1.3.93
+Make the default value for the `dccm -j` and `dccifd -j` job limit
+	as large as possible.  This makes -j settings unnecessary.
+Dccproc and cdcc time out after about 1 minute when the /var/dcc/map
+	file is not unlocked.
+Add "option spam-trap-accept" and "option spam-trap-reject" to
+	whiteclnt files.  I think these are the best way to build
+	DCC spam traps.
+1.3.92
+Improve the hash function used in the DCC server database.
+Replace -Bno-envelope for dccm, dccproc, and dccifd with
+	-Bno-client and -Bno-mail_host for Tony Del Porto.  It seems that
+	Spamhaus' PBL should generally not be applied to SMTP envelope
+	Mail_From domain names to avoid rejecting mail received through an
+	ISP smart-host but with sender domain name hosted on a dynamically
+	assigned IP address.  The now undocumented -Bno-envelope implies
+	-Bno-client and -Bno-mail_host.
+Fix the @configsuffix@ mechanism in homedir/Makefile.in as suggested
+	by Craig Green.
+Switch to -lpthread threads on FreeBSD starting with 6.2 because of
+	recent problems with libc_r threads.
+Dccproc should not require a "option DNSBL-on" line in /var/dcc/whiteclnt
+	to pay attention to DNSBL hits.  The -B settings on the dccproc
+	command line are sufficient to show that the user wants DNSBL checking.
+Fix bug in compression of DCC Reputation reports.
+1.3.91
+Fix mechanism that should prevent dccd from starting dbclean for a quick
+	cleaning about the time the cron job runs.
+Let DNSBL target addresses be CIDR blocks to improve the use of Spamhaus'
+	lists.
+Fix DNSBL bug that caused false positives reported by Ray Gardener.
+Tweak homedire/Makefile.in for the gento folks.
+Fix recent compiling bug with Borland on WIN32 reported by Tommy Barberis.
+1.3.90
+Fix updatedcc problem reported by Chris Magnuson.
+	Updatedcc failed after shutting down the localhost DCC server and
+	finding no working server and when the environment variable
+	DCC_UPDATEDCC_FAST is not set to "yes".  The easiest work-around
+	is to add the public DCC servers to the local /var/dcc/map file
+	with `cdcc "add dcc1.dcc-servers.net RTT+1000 ms"`  Besides working
+	around the updatedcc problem, that uses the public DCC servers
+	as backups for the local server.
+1.3.89
+Repair compile problem on Solaris
+1.3.88
+Repair rate limiting on dccd syslog complaints.
+Relax dccd load sharing enough to prevent spurious timeouts by
+	keepalive timers and some troubles with flood connections.
+1.3.87
+Add `./configure --enable-64-bits` to compile 64-bit DCC server code
+	for Solaris or Linux PowerPC.  If you are using dccm, you will
+	need to build a 64-bit sendmail milter library.
+Fix complaint from `cdcc "new map"` about the new file being empty.
+Fix bug in `./configure --with-installroot=DIR` and `make install`
+	reported by Pavel Urban.
+Fix at least some causes of "continue not asking Greylist" complaints
+	from dccm and dccifd.
+Make dbclean on Linux systems with lots of RAM even closer to -F.
+1.3.86
+Disable automatic 64-bit compilation for Solaris again
+1.3.85
+Fix Redhat Enterprise 5.1 build bugs in 1.3.84 reported by Mark Thomas.
+Fix old glitch in building for 64-bit Solaris systems.
+1.3.84
+Allow very large DCC database hash tables, including that used
+	for greylisting.
+Add `./configure --with-configsuffix=.str` to improve FreeBSD port.
+Add `rcDCC -m {dccd|dccm|...}` to improve FreeBSD port.
+Add magic comments to rcDCC to make it work with SUSE insserv.
+1.3.83
+Deal with build problem on FreeBSD 7.0 reported by Craig Green.
+Keep client IP addresses as old as 7 days in /var/dcc/dccd_clients
+	and /var/dcc/grey_clients
+1.3.82
+Fix automagic upgrade of old /var/dcc/map files reported by James Carlson
+	and Earl Killian.  The bug was new with 1.3.81.
+1.3.81
+improve SMTP status messages from dccm and dccifd
+improve dbclean handling of less frequent spam
+do something like `dbclean -F` on systems that lack mmap(MAP_NOSYNC).
+	This should help recent versions of Linux that thrash themselves
+	much as Solaris always has.
+perhaps fix the "Deadlock situation detected/avoided" messages long
+	but infrequently seen on Solaris.
+fix a bug reported by Edward Toton in the mechanism that works around a
+	missing cron-dccd cron job.
+fix problem in cron-dccd reported by Dean Maluski when a greylist server
+	is running but no DCC server.
+1.3.80
+fix bug with `dccm -t` log thresholds reported by Bart Dumon
+1.3.79
+remove -t arg. for dbclean
+change lines in log files for DNSBL hits to include IP address from
+	the DNSBL
+probe a DNSBL only once for several -B results with distinct SMTP
+	4yz or 5yz rejection messages
+reduce dccifd memory on some Linux systems by 4 MByte
+do not use set-UID privileges outside the ./configure --homedir=DIR
+	directory
+fix bug in 1.3.78 in sizing the window for large (>100 MByte) greylist
+	databases found by Tomasz Potega
+1.3.78
+Fix failure to reduce default dbclean expirations when working around
+	a missing cron-dccd cron job.
+1.3.77
+Improve dccd load limiting, including while catching up on flooding.
+1.3.76
+Add yet more system log tracing with `dccd -d` for the determination of
+	memory limits.
+Tweak duplicate flooded report detection.
+1.3.75
+Fix false duplicate detection of flooded checksums introduced in
+	version 1.3.74.
+Make the rep-total default threshold be 20, matching the documentation.
+1.3.74
+Repair rate limiting of dccd system log messages.
+Another fix for detecting duplicate bulk mail reports.
+1.3.73
+Correct count of reputation hits.
+1.3.72
+Fix holes in the detection of duplicate flooded reports.
+Fix quick database cleaning to not run dbclean 2 hours or less before
+	the usual cron cleaning.
+Fix bug in counting DCC operations by the free DCC servers.
+1.3.71
+Fix confusion in daily log messages between incoming and outgoing
+	flood error messages.
+1.3.70
+/var/dcc/libexec/dcc-stats-graph no longer combines RRD files to
+	generate a graph. Instead the new /var/dcc/rrd-combine should be used
+	to generate a combined file that is then graphed.
+Fix dccproc to report mail to the DCC server that DCC Reputations has
+	marked as spam.
+Remove SOCKS flooding input bug that I added in 1.3.67.
+Fix a failure by DCC Reputation servers to fail to detect flooded
+	duplicate reports.
+1.3.69
+Fix embarrassing build bug in 1.3.68 reported by Chris Pollock.
+1.3.68
+Enhance /var/dcc/libexec/list-clients
+Increase flooding listen() queue to try to deal with connection timeouts.
+dccifd should pay attention to thresholds in /var/dcc/whiteclnt
+Fix new fix for reputation report counting.
+1.3.67
+Occassionally run a quick dbclean on the server database when the database
+	gets too big.
+Report "connection refused" flooding problems in `cdcc "flood stats ..."`
+`cdcc stats` on DCC Reputation servers report the number of client
+	reputation hits.
+updatedcc -K does not try to download more than once per week.
+	-K is assumed if stdin is not a tty.  Some installations seem to
+	have cron jobs that run updatedcc several times per day.
+SOCKS flooding only doubles instead of quadruples the backoff or delay
+	before retrying connections.
+Add more tracing of flood state changes to try to find the stickiness
+	with Solaris.
+1.3.66
+Fix SOCKS flood crash introduced in 1.3.65 and reported by Tomasz Potega.
+1.3.65
+Another tweak to the negotiation of DCC Reputations.
+Restore recently lost logging of flooding error messages.
+Fix missing reset of keepalive timer.
+Include flooding position in `cdcc "flood stats ..."`
+Fix rm and rmdir complaints from cron-dccd on Solaris reported
+	by Mark Thomas.
+SUBMIT whiteclnt entries now also turn off DCC Reputation checking.
+	There are better ways to turn off mail from a local SMTP client
+	DCC Reputations.
+Fix looping whitelisted flooded report bug reported by John L.
+	This bug might be related to crashes complaining
+	"ifp->ibuf_len=-111; fatal error"
+1.3.64
+Make ./configure and so updatedcc complaints about bad memory sizes
+	warnings instead of fatal errors.
+1.3.63
+Correct error in `cdcc "flood list"` announced negotiation of DCC
+	Reputations.
+1.3.62
+Let "option threshold type,val" lines in whiteclnt file accept "all"
+	and "cmn" for "type" as with `dccproc -c` and `dccm -t` and `dccifd -t`.
+Use yet another scheme in updatedcc to detect download failures that
+	won't force unneeded downloads.
+Fix dccifd man page about the location of the socket as suggested by
+	Carl Byington.
+Fix several rare or potential bugs related to broken TCP connections with
+	DCC flooding including one that has caused a core dump.
+1.3.61
+Fix problems with Sun Studio 12 compilers reported by Rob McMahon.
+`updatedcc -K` or cron mode is silent when things go ok,
+	 or at least less chatty.
+1.3.60
+Fix confusion in flooding connection accounting.
+Work around new Fedore Core 6 gcc Fortify buffer over-non-flow bug
+	reported by Joseph Breu by reducing the size of server-to-server
+	messages by 1 byte.
+Reduce the number of socket() and bind() system calls in dccm and dccifd.
+Close unused sockets in dccm and dccifd after bursts of mail such
+	as dictionary attacks.
+Prevent complaints during flooding from between commercial and free
+	versions about bad protocol versions.
+1.3.59
+Fix crashing in dccifd reported by John M. Crawford.
+Fix problem in flooding server-ID assertions.
+1.3.58
+Fix bug in recent versions of `/var/dcc/libexec/dcc-stats-graph -d`
+	reported by Kevin W. Gagel.
+Deal with multiple A RR answers from DNSBLs such as Spamhaus' ZEN
+	for dccifd, dccproc, and dccm -B.
+Turn off a "close(socket): Connection reset by peer" message from
+	dccifd in proxy mode when postfix gets anxious and closes early.
+1.3.57
+Fix bug in libexec/fetchblack adding a local blacklist file
+	reported by Krzysztof Snopek.
+Make the system host name be the default value of `dccifd -D`
+	so that local user name for per-user logs and whiteclnt files
+	is "user" given SMTP recipient address "user@host.example.com"
+	on the system named user.host.example.
+Support wildcards so that `dccifd '-D*example.com'` will take
+	"user" as the local name for per-user logs and whiteclnt files
+	vien SMTP recipient address user@host.exaple.com.
+Fix bug in version 1.3.56 of dbclean in computing the hash table size
+	when upgrading from 1.3.42 reported by Domenico Diacono.
+1,3,56
+Dccd continues parsing /var/dcc/blacklist after a bad line instead
+	of stopping.
+Change dcc-stats-graph to not use --alt-y-mrtg with rrdtool version 1.2.
+Do not save dccd client list when running with -Gon.
+Dccd continues to inflate queue wait for 5 minutes after flooding
+	resumes so that the database will be good for clients.
+Add -K to updatedcc for "cron mode" to not install code, restart daemons,
+	or otherwise disturb things by installing the same version.
+Improve server queue delay measurement when the system is too slow
+	to keep up with incoming floods.
+Do not use MAXHOSTNAMELEN for domain name lengths because on Linux
+	it is only 64 bytes.  This implies a new version of the /var/dcc/map
+	file.  Old versions of the file are automatically upgraded, but that
+	implies problems if you install old versions of the DCC client
+	programs.
+Dccm, dccifd, and dccproc delete all old X-DCC headers instead of only
+	those with the same brand name as the current DCC server to fix
+	problem reported by Frank Tegtmeyer.
+Fix unrecognized data /var/dcc/dccd_clients message.
+Improve DCC server hash table size estimation to help servers with
+	1 GByte or less or more than 3 GByte of RAM.
+Fix "flooding not stopped before ADMN DB UNLOCK" problem reported by
+	Tomasz Potega.
+dcc-stats-graph no longer labels "Spam Ratio" graphs with '%' because
+	recent versions of rrdtool graph no longer understand "--units %%"
+1.3.55
+Dccd falls back on foreground DNS resolution of flooding peer names
+	when fork() fails, perhaps because of a lack of swap space.
+Fix structure alignment bug introduced in 1.3.51/2.3.51 and seen in
+	Solaris on SPARC CPUs using `gcc -O` reported by Stephan Schulz.
+1.3.54
+Fix bug in proof-of-concept CGI script "LogOut/In" button introduced in
+	1.3.48 on Apache without mod_unique_id.
+Fix new bug in proof-of-concept list-log CGI script reported by
+	Krzysztof Snopek.  It seems that in Solaris`ls -f` does not work on
+	a list of files.
+Make `dccd -F` the default on Solaris to speed up the DCC server there.
+1.3.53
+More speed for dbclean on FreeBSD.
+Fix recent damage to `dccproc -a` and dccproc -f`.
+Fix -B "name too long" problem reported by Daniel Gehriger and
+	Giulio Cervera.
+Fix bogus mail rejection by dccifd in proxy mode reported by
+	Daniel Gehriger.
+Reduce BIND timeout for each lookup to whatever remains of the
+	-Bset:url-secs=X limit.
+1.3.52
+Fix bug in updatedcc found and diagnosed by Asgeir.
+Speed up dbclean on FreeBSD.
+1.3.51
+Fix recently added bug with greylisting in dccifd reported by
+	Daniel Gehriger.
+Fix database corruption bug in `dccd -F` added in version 1.3.49.
+Fix bugs in queue delay reported by DCC servers to anonymous clients.
+	This change is important for the public DCC servers.
+What the nightly cron job, /var/dcc/libexec/cron-dccd, to try to
+	restart dccd if it is not running but is turned on.
+Include anonymous client queue delay in `cdcc stats` queue delay report.
+Close hole that allowed deleting or adding hosts in /var/dcc/maps.
+Reduce minimum default reduced dbclean expiriation durations to
+	1 hour and 1 day from 2 hours and 2 days to help systems with
+	1 GByte or less RAM.
+Change cgi-bin/webuser-notify to use sendmail and include a
+	"Precedence: bulk" header so that the vacation program won't
+	respond to the CGI cron script's mail messages.
+Change cgi-bin/webuser-notify to handle per-user log subdirectories
+	generated by "option log-subdirectory-*" in whiteclnt files.
+1.3.50
+Fix client random selection of public DCC servers.
+/var/dcc/blacklist also affects flooding peers.
+1.3.49
+Change dbclean to use a dccd optimization and be faster on FreeBSD
+	systems that have less that 4 GByte of RAM.
+Set the GID of dccifd, dccm, and dccproc log files and subdirectory
+	to be the same as the parent directory if running as root and
+	if necessary.
+Possibly fix pthread_mutex_lock(user_log) bug on MaxOS X reported by
+	Steve Martin.
+1.3.48
+Turn off automatic generation of 64-bit DCC servers.
+1.3.47
+Remove support for external filters as part of the fix for the
+	thundering herd problem in `dccm -B` reported by Gary Mills.
+Check NS IP addresses in DNS blacklists (DNSBLs) before MX IP addresses
+	for dccproc, dccifd, and dccm -B.
+Fix `dccm -tsubstitute...` problem reported by Ludger Bolmerg-Berliner
+Try to compile for 64-bit pointers on Solaris to use more than 2 GBytes
+	if available.
+Significantly improve speed on large FreeBSD DCC servers.
+Make dbclean automatic -e/-E adjustments much more stable to
+	significantly help DCC servers on Mondays and Tuesdays.
+Fix bad Body and missing Fuz1 and Fuz2 checksums for dccifd and dccm
+	when previous messages had bad MIME encapsulation reported by
+	Gary Mills and Harel Tassa.
+1.3.46
+Do not greylist mail from SMTP submission clients marked by
+	"submit IP" lines in /var/dcc/whiteclnt.
+Stop race with idle DNSBL helper processes.
+More adjustments to help deal with large databases.
+Deal with ./configure problem with BIND resolver on some versions
+	of Linux reported by Daniel Gehriger.
+Change header checksums to ignore all instead of only some occurrences
+	characters matching [<>'"]
+Dccm uses SMFIP_RCPT_REJ in sendmail 8.14 to detect dictionary attacks
+	and adjust the DCC Reputation of attackers.
+Fix a very rare infinite loop in the MIME decoding code in DCC clients.
+Add "option log-subdirectory-{day,hour,minute}" to whiteclnt files
+	to create per-user log files in subdirectories like the subdirectories
+	used for /var/dcc/log with dccm, dccifd, and dccproc -l.
+Detect too-small file size resource limits in dccd and dbclean.
+Compile with -D_FILE_OFFSET_BITS=64 on Linux as suggested by
+	Dmitry Konovalov.
+Compile with -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 as advised by
+	James Carlson.
+Add dccm and dccifd -Bset:maxjobs=X
+Suppress ENOENT errors from recvmsg() on Tru64-UNIX observed by
+	Alberto D'Ambrosio.
+Fix printf(null) crash in dccifd acting as a proxy for CommuniGate
+	reported by Charles Chappell.
+1.3.45
+Fix memory leak in dccm and dccifd when DNSBLs (-B) are used.
+Improve performance on current UNIX-like systems that have madvise()
+	with large DCC server databases.
+Mention the "incompatible whitelists" message in the FAQ.
+1.3.44
+Remove some quoting in homedir/Makefile to try to work around Linux
+	"improvements."
+1.3.43
+Make "option forced-discard-nok" in /var/dcc/whiteclnt the default for
+	dccm as well as dccifd in proxy mode.
+Add whiteclnt type of IP address entry "submit".
+	It is intended to be applied to the IP addresses of SMTP submission
+	clients such as web browsers that cannot tolerate 4yz temporary
+	rejections of mail, but that cannot be trusted to not send spam.
+Let body and reputation checksum thresholds be set in the global and
+	per-user whiteclnt files.  "Never" is a valid threshold and turns
+	off rejections for a checksum.
+Overhaul proof of concept per-user whiteclnt CGI scripts to handle
+	per-user checksum thresholds.
+Rationalize /var/dcc/libexec/dcc-stats-graph -tTITLE
+Fix bugs with -eNEVER and -Enever in dbclean.
+Add "submit" to "mx" and "mxdcc" values for IP addresses whiteclnt files
+	to mark SMTP clients that are submitting new messages and that
+	do not understand 4yz rejections for individual recipients.
+Fix dccifd crash on bogus long recipient names diagnosed by Tomasz Potega.
+/var/dcc/libexec/fetchblack is not as noisy when the sources of the
+	public DCC server blacklist are down for long periods.
+Limit the database window to less than 2 GBytes on all 32-bit systems
+	including Solaris.  Previous versions assumed that Solaris would
+	do the right thing if it allowed large files.
+Fix bugs in the "skipping asking DCC server" mechanism that made it
+	too forgiving.
+Remove the `dccd -t` thresholds in favor of simple constants.
+Dccm, dccifd, and dccproc now emit X-DCC headers for locally white-
+	and blacklisted messages even when no DCC server responds.
+Automatically compensate for incompatibility in newer versions of
+	rrdtool.
+Prefer poll() to select() on Linux.
+Increase the computed limit on `dccm -j` by not dedicating two FDs
+	to each thread for per-user log files but instead doing some locking.
+1.3.42
+Correct wrong count of `cdcc "clients -i 10.11.12.13"`
+Change rcDCC.in back to allow the use of /var/run for PID files.
+1.3.41
+Finally fix ancient missing quote in start-dccm.
+1.3.40
+Make bad password-IDs in /var/dcc/flod a serious error that is reported
+	even when tracing is off.
+Fix missing ';;' in libexec/logger as suggested by James Carlson.
+Restore `start-dccm -c` that was removed from version 1.3.39 with the
+	mistaken idea that -c was not in use.
+Fix bug counting clients of public DCC servers introduced in 1.3.39.
+Adding -d to DCCD_ARGS or GREY_DCCD_ARGS causes dccd to say how it
+	determines the size of available memory.
+Deal with sysctl(HW_PHYSMEM) on amd64 FreeBSD 6.* need for an 8-byte value
+	without breaking sysctl(HW_PHYSMEM) on FreeBSD 5.* that demands a
+	4-byte value.
+Allow databases larger than 3 GBytes on 64-bit systems.
+1.3.39
+Fix bug that caused `cdcc "clients -V"` to sometimes report version
+	numbers of '?'.
+Change dccd to prefer recycling an old, almost idle client rate-limiting
+	block instead of the oldest block.
+Modify /var/dcc/libexec/list-clients based on a suggestion from Chris Myers.
+1.3.38
+Add `cdcc "clients x.y.z.w/p"`
+1.3.37
+Fix problems in /var/dcc/libexec/list-clients and with `cdcc clients`
+	with IPv6 addresses reported by Vincent Schonau.
+1.3.36
+Fix bad ./configure check to see if `xargs` needs and can use -r
+	reported by Mark Thomas.
+1.3.35
+Fix dccm crash reported by John Doherty.
+1.3.34
+Fix bug in `make install` on Solaris introduced in 1.3.33.
+1.3.33
+Work around change to `sort` collating sequence in Fedore Cort 5 reported
+	by Jakob Hirsch.
+1.3.32
+Fix dccd crash as suggested by Wolfgang Breyha.
+Do not try to stat() missing whiteclnt files more often than once every
+	5 seconds.  This should significantly reduce the number of stat()
+	system calls on busy systems using dccifd and SpamAssassin.
+Fix some problems with determining the mail sender through MX forwarders
+	for second and subsequent mail messages in an SMTP session.
+Recognize some more qmail variations of Received headers for obtaining
+	IP addresses.
+Add `cdcc "clients -V"`.
+Optionally in dccm and by default in dccifd in proxy mode temporarily
+	reject SMTP recipients that might be forced to have spam discarded
+	instead of rejected because it must be delivered to other
+	recipients.
+1.3.31
+Mention /var/dcc/libexec/uninstalldcc in the installation instructions.
+Change dccm and dccifd per-user log message for mail that is now being
+	accepted after being temporarily rejected for some other recipient
+	to "accept after greylist embargo" from "accept", as requested by
+	Spike Ilacqua.
+Fix failure to reset "continue not asking" counter problem reported
+	by Breno Moiana.
+Reduce default value of `dbclean -e` from 2 days to 1.
+Modify error messages to try to find some clues about the Solaris
+	"deadlock avoided" problem.
+1.3.30
+Fix leak in dccd blacklist.
+Change client-server protocol so that `cdcc clients` gets more than
+	16 bits of NOP counts.
+updatedcc and fetchblack try two FTP and HTTP servers.
+do not use stdio to parse whiteclnt files to deal with Solaris'
+	255 limit on stdio file descriptors.
+add /var/dcc/libexec/uninstalldcc
+1.3.29
+Fix dblist.c compiling problem in 1.3.28 on some versions of
+	Linux reported by Thomas Schwanhaeuser and Nigel Horne.
+1.3.28
+Turn off use of futimes() on Linux to resolve bug diagnosed by
+	Wolfgang Breyha.
+Fix two locking problems dccm and dccifd that might cause the crashes
+	reported by Gary Mills.
+Reduce dccifd and dccm thread stack size.
+Fix bug that kept some DCC Reputations from being compressed in
+	the database.
+Change the default DCC Reputation rejection message to the equivalent of
+	-r '%s bad reputation; see http://commercial-dcc.rhyolite.com/cgi-bin/reps.cgi?tgt=%s'
+1.3.27
+Fix an odd case where flooding connections between DCC servers were
+	not being shut down.  I think it only happened when a firewall
+	or something else systematically filtered TCP FINs.
+Use setresgid() for setegid() on HP-UX to fix problem reported by
+	Giacomo Fazio.
+1.3.26
+Compression reputation reports from the same week instead of from
+	the same half day.  This significantly reduces the size of the
+	database on systems using DCC Reputations.
+Restore the flood rate limiting based on TCP windows, but now just
+	ignore the bogus EAGAIN complaints from some versions of Solaris.
+Fix server whitelists broken in 1.3.21.
+1.3.25
+Fix dccproc crash when given a bogus env_From value diagnosed by
+	Jeff Mincy.
+Fix greylist triple checksum in dccm and dccifd log files.
+Fix the default expiration of DCC Reputation checksums at 30 days and
+	2 days unaffected by the system's amount of RAM.
+Expire FUZ1 checksums in reports that also have FUZ2 checksums.  This
+	significantly reduces the size of the DCC server database.
+Remove new flood output rate limit using SO_SNDBUF because it causes some
+	versions of Solaris to generate persistent EAGAIN errors for send().
+Fix at least some of the dccifd memory leak reported by Chris Mikkelson.
+	It may be the same as the leak reported by Gunther Richter.
+Limit worst case DCC client delays exclusive of delays caused by waiting
+	for DNS blacklists or external filters are limited to about 16 seconds.
+1.3.24
+Dccproc starts dccifd after 500 uses at least as fast as 0.1/second.
+	With luck SpamAssassin will notice and switch to dccifd.
+Look for libsmutil.a in /usr/lib on Linx for old RedHat
+	as suggested by Jason Balicki.
+Fix X-DCC header misplaced by dccproc reported by James McNutt.
+1.3.23
+Fix bug in dccm, dccproc, and dccifd that tripled effective DCC target
+	counts on messages being retransmitted after greylisting.  I
+	introduced this bug in version 1.3.21, which was released 3 days ago.
+1.3.22
+Fix "POSSIBLE ATTACK" complaint from sendmail about trailing '\n'
+	on headers added by dccm reported by Paul Ganci.
+1.3.21
+Add a crude cache or database to the proof-of-concept scripts in
+	cgi-bin/common to speed them up on large log directories.
+	The goal is to handle log directories with 40,000 files within a
+	second or two.  The caches files are built incrementally.
+Invert the sort order of list-log in cgi scripts.
+	This change to cgi-bin/common should be upward compatible because
+	it is controlled by additional parameters to the Perl functions.
+Complain about contradictory or ignored entries in whitelists, including
+	"from" checksums that are normally ignored in server whitelists.
+Fix dccd craziness with gre (or any) interfaces with the same IP addresses
+	as other interfaces observed Craig Green.
+Fix infinite loop in dccproc triggered by a To: header of more than
+	20480 bytes and with a '\n' character in byte #20478 observed by
+	James McNutt.
+Ignore a few failures by select() apparently caused by SOCKS libraries.
+Increase default DNSBL timeouts to -Bset:msg-secs=40 and -BURL-secs=11
+1.3.20
+Fix dbclean expiration of reputation checksums
+1.3.19
+Changed the midnight dccm and dccifd system log message to disclose
+	spam passed from whiteclnt-listed MX servers.
+MX servers should now be listed in /var/dcc/whiteclnt with lines like:
+		mx	ip	10.2.3.4
+		mx	ip	10.5.6.0/28
+		mxdcc	ip	10.7.8.9
+	"MX" marks the IP address of one of your mail systems that should
+	be ignored in initial Received: headers and when reported by
+	sendmail to dccm.  "MXDCC" marks IP addresss of your mail systems
+	that run DCC clients and that will have already reported mail
+	to the DCC.  Continue using "OK" whitelist entries for mail systems
+	that you trust to never send or forward unsolicited bulk email.
+Allow custom DNS blacklist SMTP rejection messages.  See
+	-Bset:rej-msg=X in the dccifd and dccm man pages.
+1.3.18
+Fix `dccm -aIGNORE` crash reported by Juergen Georgi.
+Fix detection of duplicates reputation reports.
+Initial support for "mx ip" entries in whiteclnt files.
+Fix compression by dccd of delayed reputation reports.
+1.3.17
+People have broken wget by changing the old "--non-verbose" to
+	"--no-verbose". That would have ok, except they do not understand
+	what they were doing enough to support the old form.  Reportedly
+	"-nv" works on both versions.
+`cdcc stats` on DCC Reputation servers includes an additional line
+	about reputation results.
+Adjust logged reason when spam is ignored after greylist as suggested
+	by Spike Ilacqua.
+Replace `dccproc -R` with `dccproc -r N`  (Of course, `dccproc -R`
+	is still recognized.)
+1.3.16
+Fix bug introduced in 1.3.15 that caused greylist retransmissions
+	to be counted by the DCC server as separate messages contributing
+	to the "bulkness" of a message.
+If /var/dcc/log is neither readable nor searchable by 'other', then
+	create log files with the same 'group' permissions as the directory
+	instead of the old default of 600.  This allows the application of
+	cgi scripts to the main whiteclnt and log files.
+`dccd -T ALL` no longer works.  It never made much sense and continues
+	to cause confusion.
+Dccifd in proxy mode no longer requires blanks after colons in SMTP
+	commands.  Problem reported by Martin Pala.
+Fix dccifd proxy mode crash on mail messages without bodies reported
+	by Martin Pala.
+Complain about bad host name and other errors in whiteclnt files
+	every 30 minutes instead of every 5 minutes.
+Allow whiteclnt files to be read-only with a new locking scheme.
+Use Milter.macros.eom in sendmail 8.13 so that the ${dcc_isspam}, and
+	${dcc_notspam}, ${dcc_userdir} macros can be set by sendmail.cf
+	rules that examin headers.  This might also allow some hack_mc
+	settings to be used with delay_checks.
+As suggested with discussions with Martin Pala, the thresholds for
+	quick flooding among servers are now non-linear.
+1.3.15
+When "option MTA-first" in a dccm and dccifd whiteclnt file, determinations
+	of (not) spam by the MTA are consulted first and so can be overidden
+	by the whiteclnt files.  This allows individual	users to override a
+	sendmail access.db file.
+Correct the SMTP rejection message in per-user log files for dccm and
+	dccifd, especially when dccifd is acting as a proxy.
+Fix bug reported by James Carlson that kept./configure from turning
+	on SOCKS.
+1.3.14
+Keep dccd flooding threshold at or above 10.
+1.3.13
+Make default maximum server memory size 2000 MByte on all except IRIX
+	and Solaris.
+Fix bug in 1.3.12 that causes dccd flooding thresholds to be 0 if
+	dccd is started by hand or without a dccm rejection threshold.
+1.3.12
+Fix packaging error in 1.3.11.
+1.3.11
+Dccproc should complain if the -w whiteclnt file is bad.
+misc/dcc.m4 can add a sendmail.cf rule that assigns a single
+	whiteclnt file and log directory to mail forwarded to another system.
+	With that the cgi-bin scripts can be used to control dccm for
+	mail forwarded to another system with a single web user.
+1.3.10
+Delete "message" checksum in greylist database when spam causes
+	an embargo to be restored.  This fixes some counts after a
+	greylist whitelisting has been revoked.
+Make the default owner and group for files be root:wheel on FreeBSD
+	As always, use the DCC_OWN and DCC_GRP environment variables with
+	`make install` or updatedcc -e to override those defaults.
+1.3.9
+Dccifd and dccproc treat the bogus SMTP client IP address of 0.0.0.0
+	from SpamAssassin as if it were absent, which allows it to look in
+	in Received headers.
+Add "rcvd-nxt" option to the dccifd MTA protocol to parse later
+	Received: headers.
+1.3.8
+Repair greylisting broken in 1.3.7.
+1.3.7
+Log files now say "Restore #x" instead of "Embargo #x" when a greylist
+	embargo is restored because the message is spam.
+Don't use -a with `fetch` in updatedcc, fetchblack, and
+	fetch testmsg-whitelist because it does not know when to stop trying
+	to reach a dead FTP server.
+Add "any" to dccm, dccifd, and dccproc -B DNSBL result address as
+	suggested by Giulio Cervera.
+1.3.6
+Try to deal with UNIX kernel problems cause bogus failures of mmap().
+Fix bug related to --disable-dccifd reported by Krzysztof Snopek.
+Stop relying on `su - -c` to start daemons as requested by Dean Hollister.
+Fix server-ID mapping in /var/dcc/flod to use the first relevant mapping
+	as the documentation says instead of the last one.
+Fix recent bug in cron-dccd that stopped emptying client per-user log
+	directories.
+1.3.5
+Untangle `dccd -a` as well as local host name and IPv4 vs. IPv6 options
+	in /var/dcc/flod
+Fix automatic /var/tmp/map file upgrading for Windows.
+	Actually c:\\program files\dcc\map
+Improve dccd work-around for missing /var/dcc/libexec/cron-dccd cron job
+	on memory-short DCC servers.  This still not a substitute for the
+	cron job.  *USE THE CRON JOB*.
+Repair dccifd and dccm midnight log entry bug reported
+	by Christopher Bodenstein.
+Fix recent bug in cron-dccd that stopped emptying /var/dcc/log.
+1.3.4
+Fix another dccm, dccifd, and dccproc bug related to bogus long
+	URLs from a core dump on Spike Ilacqua's system.
+Fix installroot homedir/Makefile as suggested by Pavel Urban and Paul Ganci.
+Add `cdcc "src x.y.z.w" to help DCC clients navigate firewalls.
+	This change requires a change in the format of the /var/dcc/map file.
+	However, the DCC clients should all automatically and invisibly
+	upgrade old files.
+Fix `dccd -a` bug reported by John Levine.`
+1.3.3
+Work around bogus use of "::" in line 184 of /usr/share/mk/bsd.lib.mk"
+	in ancient FreeBSD as reported by Lento Yip.
+1.3.2
+Improve logging of failures by external filters.
+Fix new use of pstat_getstatic() on HP-UX to obtain physical memory size.
+1.3.1
+Allow dccproc, dccm, and dccifd to use an external filter.  See the
+	./configure --with-xfltr=FILE --with-xfltr-cflags=opt and
+	--with-xfltr-ldflags=opt, the discussion of -X in the man pages,
+	and the toy filter in thrlib/xfltr_sample.c.
+	See also /var/dcc/dcc_conf-new
+Automatically decrease the number of DNS blacklist helper processes for
+	dccm and dccifd when fewer are needed.
+Use pstat_getstatic() on HP-UX to determine the size of physical memory.
+Dccifd refuses to run on HP-UX 11.00 to keep SpamAssassin from stalling
+	while dccifd cannot hear.
+1.3.0
+New license.
+cron-dccd tells dbclean -6 if needed.
+Treat EHOSTUNREACH or "No route to host" like ECONNREFUSED in DCC
+	clients and do not complain about every instance.
+Deal better with DCC servers with floppy multi-homing such as behind
+	some NAT boxes.
+Deal more gracefully with Linux systems without IPv6 support but
+	with `cdcc "IPv6 on"`.
+Fix crash in dccm, dccifd, and dccproc while computing FUZ2 checksum on
+	URLs with very long host names in HTML mail messages.
+Fix dccifd missing SMTP reply code in dccifd rejections in proxy mode.
+`dccifd -ddd` logs SMTP transactions in proxy mode.
+Dccifd man page has example -o configuration for use as a Postfix
+	before-queue filter.
+Restart dccm and dccifd after core dumps.
+1.2.74
+Make clients prefer real IPv6 address to embedded or mapped IPv4
+	addresses.
+1.2.73
+Fix crash in dccsight as suggested by Vincent Schonau.
+Fix handling of log files for senders without reverse DNS in
+	cgi-bin/common as suggested by Vincent Schonau.
+Add IPv4 and IPv6 o-opts to /var/dcc/flod lines to deal with the change
+	in the default from "YES" to "NO" in the FreeBSD ipv6_ipv4mapping
+1.2.72
+Do not make DNS blacklist checks if the MTA already knows the message
+	is or is not spam.
+Add -lresolv to $LIBS for Mac OS X Darwin as suggested by Joel Brogniart.
+Change DNS blacklist checking to check MX servers as well.
+Add -B settings to control which DNS blacklists are used for the envelope
+	or body, and whether MX servers should be checked.
+SIGUSR1 causes dccm and dccifd to send their statistics to the system log.
+Use getaddrinfo() and getnameinfo() when getipnodebyname() and
+	getipnodebyaddr() are not available.  This might make IPv6 work
+	on Linux systems.
+Note that to make dccd listen to IPv6, -6 must be added to DCCD_ARGS
+	and GREY_DCCD_ARGS in /var/dcc/dcc_conf.  This requirement has long
+	been present to defend against systems that only pretend to
+	understand IPv6.  Perhaps it is time to remove it.
+Add `dccifd -o` to use a subset of ESMTP so that dccifd can be used
+	as a "before-queue" filter or SMTP proxy by Postifx.
+Probably fix a rare dccm and dccifd crash.
+1.2.71
+Fix stray greylist queries reported by Vincent Schonau.
+Fix conflict between checking DCC and greylist servers on Linux
+	reported by Vincent Schonau.
+1.2.70
+Turn on IP TOS bits for DCC server-to-server flooding.
+Add -B to dccproc, dccm, and dccifd to consult DNS blacklists.
+	This feature and greylisting are valuable supplements
+	to DCC target counting.  However, greylisting is generally
+	significantly better where greylisting can be used.  Most
+	dccproc and many dccifd installations cannot use greylisting.
+1.2.69
+Add `misc/hackmc -r` like -R but to reject instead of discard bad
+	relay attempts.
+Fix bogus X-DCC header added after a fatal problem with the DCC server
+	as suggested by Harald Daeubler.
+Release a single tarball equivalent to the old dcc-dccd-*.tar.Z that
+	contained the DCC server and all clients.
+1.2.68
+Fix counting of blacklisted DCC clients by dccd.
+1.2.67
+Remove bonehead optimization in dccd of /var/dcc/blacklist in 1.2.66.
+Deal with stdargs in gcc 3.4 on AMD 64-bit systems that do not allow
+	a va_list arg to be passed to two different subfunctions, but
+	without breaking things on the many systems that lack va_copy().
+1.2.66
+Overhaul dccd rate-limiting.  Instead of imposing a penalty time
+	on overactive clients, simply rate-limit them.
+Reduce limit on dccd error messages about clients from 2/second to
+	0.1/second.
+1.2.65
+Fix accounting of NOPs from blacklisted clients.
+Fix race that caused "??" server-IDs in X-DCC headers.
+Do not count requests from blacklisted clients against the rate limits
+	as suggested by Sven Willenberger.
+1.2.64
+Correct ">XXXX clients" from `cdcc stats`
+Removed redundant declarations of mapfile_nm and rl_anon as
+	suggested by Andreas Jochens.
+1.2.63
+Possibly fix dccm crash reported by Ludger Bolmerg.
+1.2.62
+Fix bug in `dccd -a10.2.3.4` diagnosed by John Levine.
+1.2.61
+Fix file descriptor leak in getifaddrs() replacement.
+1.2.60
+Fix bug reported by John Levine on systems such as BSD/OS 4.3
+	without getifaddrs() introduced in 1.2.59 with tracking changes
+	in network interfaces.
+1.2.59
+Fix broken `dccd -G0` reported and diagnosed by Chris Mikkelson.
+Track changes in network interfaces on most modern flavors of UNIX
+	as suggested by James Carlson.
+Fix two MIME decoding bugs as suggested by George Schlossnagle.
+Treat '>' as a blank instead of punctuation for FUZ2 checksums.
+Don't re-use va_list in stdargs functions to work around a characteristic
+	of gcc for AMD 64 bit systems.  gcc 64-bit stdargs
+	reportedly passes va_list by reference instead of by value.
+Fix date labels in graphs generated by dcc-stats-graph as suggested by
+	Kevin Gagel.
+1.2.58
+Work around new bug in FreeBSD 4.10 mechanism to disconnect UDP
+sockets reported by Daniel V Klein.  The symptom of the bug is
+that DCC servers appear down to clients running on FreeBSD 4.10
+1.2.57
+Invoke WSACleanup() after using WSAStartup() on Windows systems
+as suggested by Carl Stehle.
+1.2.56
+Fix /var/dcc/ids delay= extension.
+1.2.55
+Add `./configure --with-max-db-mem=X` to limit the size of the
+	database window.
+Extend /var/dcc/ids format to allow authenticated clients to be delayed
+	as `dccd -U` delays anonymous clients.
+Add `./configure --with-kludge=FILE`.
+1.2.54
+Fix problem with flooding among greylist servers using `dccd -Gweak-IP`
+	reported by Valentin Chopov.
+1.2.53
+Restore `dccsight -G grey-cksum` because the proof-of-concept CGI
+	scripts use it.
+On OS X, use owner and group of daemon:daemon for programs and use
+	dccmaninstall in `make install` as suggested by Jason Schwarz.
+1.2.52
+Fix problem in start-dccm and start-dccifd with Solaris /bin/sh
+	reported by Gary Mills
+Work around bug in OpenBSD HTONL() and NTOHL() reported by Jeff Drinkert.
+Change wlist to rebuild the .dccw hash table unless given -Q.
+1.2.51
+Fix cause of "packet length 44 too small" complaints by DCC servers.
+	With an empty mail body and no useful headers, DCC clients were
+	sending empty requests to DCC servers.
+Add `cdcc "debug TTL=x"` to help find firewalls that filter DCC requests.
+Use shared libmilter.so in dccm as suggested by James Carlson.
+Fix Body checksum when MIME boundary crosses buffer boundary from
+	Richard Lyons.
+Stop crash in dccm reported by Krzysztof Snopek.
+Deprecate misc/dccdnsbl.m4 and change misc/hackmc to work with
+	FEATURE(dnsbl) and FEATURE(endnsbl) in modern sendmail.
+Make it compile on Mac OS X and DragonFly FreeBSD.
+Reduce the size of greylisting databases.
+Separate DCC query mode for dccm and dccifd from greylist query mode.
+Add `dccd -G weak-IP` to whitelist not only a {sender,target,IP address}
+	after passing the greylist embargo, but anything from the IP address.
+	Use this facility with caution; it might be a bad idea.
+The last change requires that all greylist clients and servers
+	be upgraded simultaneously.
+1.2.50
+Fix `dccifd lhost,lport,rhost/bits` on systems that have IPv6.
+Change homedir/make-dcc_conf to track changes in
+	`./configure --with-rundir=x --libexecdir=y`
+	as suggested by Josef T. Burger.  This change will not be effective
+	until upgrading from 1.2.50 to later versions.
+Deal with tiny FD_SETSIZE reported by Christian Becker.
+Fix dccifd, dccm, and dccproc core-dump caused by missing whiteclnt file
+	reported by Henrik Edlund.
+1.2.49
+Fix infinite loop in computing DCC clients computing checksums of
+	large, deeply nested MIME messages reported by Clive Cleland.
+1.2.48
+Add "option dcc-off" and "option dcc-on" to per-user whitelist files
+	as suggested by Spike Ilacqua.
+Make /var/dcc/libexec/fetch-testmsg-whitelist deal with cron processes
+	that set $PATH without /usr/local/bin
+1.2.46
+Fix infinite packet flood from DCC clients including dccproc observed
+	by Benji Spencer, Clive Cleland, and Andrew Kent.  I introduced
+	this serious bug with the WIN32 changes in 1.2.33.
+Fix "option greylist-off" bug introduced in 1.2.39 and reported by
+	Spike Ilacqua.
+Defend dccd against too many clients.
+1.2.45
+Fix dccd database "window" size computation bug that chose 3 GBytes
+	on systems with less than 512 MByte.
+Fix `cdcc "stats all"` to use the right host name from Leandro Santi.
+Increase `dccd -R` default rate limits for all anonymous clients
+	and for individual authenticated clients..
+updatedcc understands -V x.y.z unless no old version x.y.z is available.
+1.2.44
+Fix bug in dbclean -e and -E default reductions that made them 50% less
+	instead of more conservative compared to 1.2.39.
+Speed up dbclean on systems with mmap(MAP_ANON).
+Clean some uninitialize variable complaints from purify reported by
+	Praveen Nimmagadda.
+Minor adjustments to deal with Solaris's VM system.
+1.2.43
+Fix typo in -e and -E default reductions.
+1.2.42
+More adjustments to deal with Solaris's VM system.
+Use all except 384 MByte of physical memory on systems with more than
+	768 MByte.  On systems with 768 MByte or less, use half.
+Tweak WIN32 makefiles.
+1.2.41
+Restore TZ in update/misc after setting it to GMT to keep the
+	Solaris FTP from going crazy.
+1.2.40
+Include win32.makin2 that was missing from 1.2.39.
+Do not respond to clients when the database is broken to ensure that
+	they switch to another server.
+Add missing "option greylist-on" support to cgi-bin/edit-whiteclnt
+Remove DCC_PROTO_HOMEDIR support for building RPM or other packages
+	and add `./configure --installroot=DIR`
+Adjust threshold for `dbclean -F` to keep Solaris systems from spending
+	hours in dbclean.
+Add `dbclean -f` to turn off default `dbclean -F` on Solaris for
+	installations where the file system has been tuned for the
+	large, randomly accessed file that is a DCC database.
+1.2.39
+Suppress syslog messages from cdcc noted by Krzysztof Snopek.
+Suppress complaints about madvise(MADV_WILLNEED).
+Tweak WIN32 porting aids.
+1.2.38
+Turn off the use of madvise(MADV_WILLNEED) on systems such as BSD/OS
+	that claim to have it but don't.
+-Gweak did not in 1.2.37 work as reported by Valentin Chopov.
+1.2.37
+Tweak WIN32 #ifdefs.
+Change -G for dccm and dccifd to require -Gon.   Add kludges in
+	start-dccm and start-dccifd to convert the old -G to -Gon.
+Add "-G noIP" and '-G IPmask/xx' to ignore all or part of the SMTP
+	client IP address in the greylist triple.
+`dblist -G` no longer works.  Use `dbclist -Gon`
+Fix bug where dbclean increased the number of reasons to stop flooding
+	by 1 and then decreased it by 2 reported by Bernard Gardner.
+Use madvise(WILLNEED) for database buffers on systems with plenty
+	of RAM as suggested by Robert Milkowski.
+Adjust scripts including /var/dcc/libexec/start-dccd to deal with
+	POSIX compliance of `expr` in FreeBSD 5.1.
+Change FUZ2 checksum to know about Polish.
+1.2.36
+Fix updatedcc for systems that have only make in $PATH but where
+	it is really gmake.
+1.2.35
+Turn off the use of poll() instead of select() on Linux systems.
+1.2.34
+Fix bugs in the  ./configure mechanisms to use poll() instead of
+	select() on FreeBSD reported by Valentin Chopov.
+1.2.33
+Adjust default dbclean expirations based on available RAM and
+	the size of the database.
+Make dcclib, cdcc, and dccproc build for WIN32 with Borland C++ 5.02
+	or FreeCommandLineTools.exe.  The former can use the dcc.ide file
+	and the latter can use win32.mak.
+Fix use of SO_LINGER on Solaris.
+More changes to ease compiling cdcc for WIN32.
+Possibly fix dccd amnesia about flooding peers.
+Use poll() instead of select() on FreeBSD.
+Fix updatedcc to use gmake if ./configure insisted.
+Entirely remove "--prefix" from ./configure to stop people from
+	mistakenly assuming that ./configure is what the Free Software
+	Foundation dictates it should be.
+Change /var/dcc/libexec/start-dccd to stop dbclean when dccd starts
+	and so prevent a deadlock between dbclean and dccd.
+Fix problem with updatedcc on systems with only gmake reported by
+	James Carlson.
+Fix problem with large greylist whitelist files reported by John Levine.
+Reduce number of write() system calls per operation in dccifd.
+1.2.32
+Fix corruption of `dccm -U` directory introduced in 1.2.31 and
+	reported by Spike Ilacqua.
+1.2.31
+Make all dccd databases "big."  If you have not previously used
+	`./configure --enable-big-db` then when version 1.2.31 of
+	dccd is started, it will run dbclean to rebuild the database.
+	This will make the hash table about 9% bigger and so 9% slower.
+Make the "ms" units optional for RTT adjustments in `cdcc add` or
+	`cdcc load` as suggested by Hernan A. Perez Masci.
+Add ${dcc_userdir} sendmail.cf macro as suggested by Valentin Chopov.
+	This lets you use the full power of sendmail.cf rewrite rules
+	to control per-user whitelist and log directories.  See the
+	dccm man page.
+Make `dbclean -F` the default on Solaris systems with plenty of RAM
+	and automatically turn it off when there is not enough RAM to hold
+	the entire database.
+1.2.30
+Let `dccd -C` take arguments for dbclean, so that the following line
+	in dcc_conf works:
+		DCCD_ARGS="'-C$DCC_LIBEXEC/dbclean -F'"
+Make pthread_detach() failures in dccifd non-fatal.
+Add mechanism to cgi-bin/list-msg to whitelist-for-greylisting
+	(sender,IP-address,recipient) checksums.  This mechanism
+	requires that the 1.2.30 versions of dccd and dccsight be
+	installed.
+Change dccifd to record the message headers in the log file even when
+	the MTA fails to provide the message body.
+1.2.29
+FUZ2 checksums character entity references in URLs in HTML.
+Insert checksums of greylist triples of whitelisted messages
+	into the greylist database.
+If greylisting is turned on, then include greylist checksums in dccm and
+	dccifd log files even for whitelisted and blacklist messages.
+Dccm and dccifd log some messages that are whitelisted for greylisting
+	or otherwise not currently embargoed but were in the past.
+Change whiteclnt "log all-grey" and "log no-grey" options to
+	"option greylist-log-off" and "option greylist-log-on".
+	(Of course the old strings continue to work.)
+Add whiteclnt option "option greylist-off" and "option greylist-on"
+	to control greylisting for greylistig for an individual user.
+	Note mail in SMTP transactions that involve other users for which
+	greylisting has not been turned off can still temporarily rejected.
+Add "option log-all" log everything for an individual user.
+The proof-of-concept CGI scripts handle the new whiteclnt options.
+Fix false "many" from dccproc when switching DCC servers reported by
+	Rutger ter Borg.
+Remove 1.2.28 change in the dccd "xx MByte window" message that
+	displayed the minimum of the physical file size and the mmap() window
+	size.  The message now contains the mmap() window size..
+Fix `dccd -FG,` core dump reported by Aleksander Dzierzanowski.
+Make "skip asking" in `cdcc info` output a comment as suggested by
+	Gunther Heintzen.
+Speed up flooding among greylist servers.
+1.2.28
+Reduce the number of msync() system calls, significantly speeding up
+	dbclean and dccd on FreeBSD.
+Fix "window" size computation for dccd and dbclean on systems with
+	more than 4 GByte of RAM.
+Adjust flooding threshold for greylist dccd.
+Changed the dccifd man page to say that dccifd looks at the first
+	Received: header for the sender's IP address if was not provided
+	by the dccifd client.
+Remove the recommendation for whitelisting the Habeas Mark from the
+	sample dcc_conf file.
+Detect bogus -G args reported by Aleksander Dzierzanowski.
+1.2.27
+Use fsync() and msync() on /var/dcc/flod.map in dccd to try to
+	get Linux to send the file to the disk.
+Use setsockopt(SO_LINGER) to speed shutdown on FreeBSD.
+1.2.26
+Fix `dccd -F`.  Adding -F to DBCLEAN_ARGS in /var/dcc/dcc_conf on
+	Solaris systems with enough RAM to hold most of the database
+	can make dbclean twice as fast and reduces its effects on other
+	processes.  Addcing -F to DCCD_ARGS might have similar effects.
+The use of MAP_NOSYNC on systems that support it including FreeBSD
+	reduces the effects of dccd on other processes.
+1.2.25
+Fiddle with /var/dcc/libexec/dcc-stats-graph.
+Add `dccd -F` like `dbclean -F`
+1.2.24
+Generate /var/dcc/dcc_conf-new whether it is needed or not.
+Add `dbclean -F` to work around Solaris performance bugs with large
+	files and mmap().
+Add `dccd -Gweak` to not require a retransmission of the same message
+	to end a greylist embargo.
+Add option "no-reject" to the dccifd-MTA protocol to be similar to
+	`dccm -aIGNORE` for greylisting while ignoring DCC results.
+1.2.22
+Fix stray hostnames reported in dccifd log file headers observed by
+	Chris Mikkelson.
+Fix empty dccm syslog complaints seen on Solaris.
+Fix core-dump with bogus hostname in whiteclnt file observed by
+	Joe Ilacqua.
+Updatedcc starts to shut down dccd early to avoid problems restarting
+	it on slow systems at the end.
+1.2.21
+Fix dbclean every 20 seconds possibly observed by Kelsey Cummings.
+Stop frequent running of dbclean from dccd to clean up greylisting records.
+1.2.20
+Fix cdcc core dump with non-existent /var/dcc/map files.
+Change updatedcc to not use "set -e" because some versions of
+	bash have tantrums if you unset a variable that is not set.
+1.2.19
+Fix "too many CIDR blocks" problem reported by John Doherty.
+1.2.18
+Fix infinite loop in dccm reported by Gary Mills.  This error might
+	also have caused dccm to crash.  It should affect dccd as well
+	as the DCC client programs.  I introduced it in version 1.2.15.
+1.2.17
+Fix IP whitelist entries in DCC server databases broken in 1.2.15 and
+	1.2.16.
+1.2.16
+Fix bug in libexec/updatedcc with blanks in CFLAGS reported by
+	Aaron Paetznick.  This only fix uses of updatedcc after
+	1.2.16 has been installed.
+1.2.15
+Ensure the mtime of /var/dcc/whiteclnt.dccw files changes to stop
+	endless reparsing on some Linux systems.
+Resolve inconsistency in dccproc whitelist vs. -t many noted by
+	Dawn Endico by making whitelisting always produce an exit code of 0.
+Put absolute path on cdcc in misc/stats-get as pointed out by
+	Kevin Gagel.
+Make dccm and dccifd log file size configurable as suggested by
+	Furlan Campos.
+Fix bug reported by Jim Carroll that kept mail from being rejected
+	when first sent to a spam.
+Allow large CIDR blocks to be white- or blacklisted in whiteclnt files.
+Fix dccifd -p bug reported by Christopher Bodenstein.
+Fix "continue not asking greylist" log message that should be
+	"continue not asking DCC" reported by Jorg Bielak.
+Fix ./configure script in dccproc tarball that was creating a bogus
+	RUNDIR value for dccifd.
+Add `./configure --with-max-log-size=KB` as requested by Furlan Campos.
+The proof of concept CGI scripts now
+	deal with per-user logs for user that receive enough spam that their
+	    log directories have 20,000 entries.
+	support the per-user greylist log options for whiteclnt files
+	    described in the dcc man page near the description of "include"
+	support locking of per-user whiteclnt files with a line of
+	    "#webuser locked"
+Fix output file data corruption bug reported by Chris Mikkelson.
+Change default dccm greylist SMTP status code as suggested by Gary Mills.
+1.2.14
+Adjust homedir/make-dcc_conf for Solaris as suggested by Gary Mills.
+1.2.13
+Tweak libexec/updatedcc for Solaris.
+1.2.12
+Report checksums in greylist embargoed mail to a DCC server while
+	waiting for the embargo to expire.
+Recognize more than 1 GByte of RAM on Solaris systems.
+Fix bug in stats-get not counting queries pointed out by Yury Razbegin.
+Change the default greylist -G "white" value from 30 to 63 days.
+dccm and dccifd now include the greylist triple checksum in per-user
+	log files.
+Fix bugs in dccifd C interface routine pointed out by Stephen Misel.
+Fix dccd whitelist bug observed by Gary Mills.
+Fix bug in 1.2.8 through 1.2.11 that stops flooding of brand new
+	reports of bulk mail that is not spam.
+Automatically generate /var/dcc/dcc_conf-new from existing dcc_conf
+	to aid installation of greylisting.
+1.2.11
+Resume looking for native sendmail milter libraries on more than
+	FreeBSD.
+1.2.10
+Fix some compiler warnings on Solaris.
+Fix "only 256 open files allowed" message from dccid on Solaris
+	reported by Turgut Kalfaoglu.
+Use poll() instead of select() in dccifd if possible.
+Fix error in libexec/start-dccd reported by Valentin Chopov.
+Look for native sendmail milter and install man pages on
+	recent versions of NetBSD as suggested by Josef T. Burger.
+1.2.9
+Turn off database hash debugging accidentally turned on in 1.2.8.
+1.2.8
+Fix serious bug in resolving DCC server host names by dccm and dccifd.
+Add "temporary" to default greylist rejection messages.
+Fix greylisting of null messages.
+Add misc/fetch-testmsg-whitelist
+Improve compression/suppression of flooded checksums to reduce the
+	database size and bandwidth requirements 10-50% for DCC servers that
+	see fewer than 20K DCC ops/day.  Tests have produced conflicting
+	results.  The full effects are not seen unless flooding peers
+	install this version.
+1.2.7
+Fix greylist flooding problem reported by Valentin Chopov.
+Add whitelists to greylist servers as requested by Bobby Rose.
+Change `dccm -r` to also set the greylist rejection message and to
+	optionally interpolate the queue-ID and SMTP client IP address
+	as requested by Gary Mills.
+Fix 1.2.x bug that treated all flooded checksums to a new database
+	as stale until a local checksum has been added and dbclean run.
+1.2.6
+Complete the fix for "badly signed NOP response" in the DCC server.
+	To be effective, the public DCC servers will need to use
+	version 1.2.6.
+1.2.5
+Fix "badly signed NOP response" bug diagnosed by Philipp Buehler and
+	Thorsten Janssen.
+Turn off connect() on DCC client UDP sockets for Linux 5.2.
+Use sysconf() on Solaris and Linux and sysctl() on BSD systems to
+	estimate the size of physical memory.  This may reduce the need
+	for `./configure --with-db-memory=X`
+Add `./configure --with-DCC-MD5` to use the MD5 code in the DCC source
+	instead of any local library.
+Fix dblcean "repairing" the database because "was [it] not closed cleanly."
+1.2.4
+Fix core dump in creating X-DCC header as suggested by James Carlson.
+Fix dccif.c for `./configure --disable-IPv6` and stats-get for
+	deleting /dev/null when interrupted as suggested by Yury Razbegin.
+1.2.3
+Fix leak in greylist server.
+Improve some obscure error messages from dccd.
+Address IPv6 problem on RedHat 5.2 reported by Darren Nickerson.
+Check /proc/meminfo on Linux for hints on real memory size to
+	work around the Linux mmap() bugs and resulting dccd performance
+	problems as suggested by Dave Lugo.
+1.2.2
+Avoid `chown` in start-dccm and start-dccd.
+Fix stop-dccd as noted by Michael Ghens.
+Add greylist installation instructions to INSTALL.html and INSTALL.txt.
+1.2.1
+Fix typo in default map.txt noted by Michael Ghens.
+Fix undetected hash table size overflow noted by Leandro Santi.
+Fix "BRAND" error in start-dccd.
+Fix inflation of target counts on greylisted messages.
+Dccd is off in the default dcc_conf.
+Reduce default greylist embargo to 4.5 minutes.
+1.2.0
+Many changes to support a form of Greylisting.
+	See http://projects.puremagic.com/greylisting/
+	and the dccd and dccm man pages.  Greylisting is probably not
+	ready for prime time in 1.2.0.
+Change flod.map file format to allow `cdcc "flood stats 123"` to say
+	"not connected since" as suggested by by James Carlson.
+Fix bogus "overwriting existing entry" error message noted by
+	Dallas Engelken.
+As suggested by Leandro Santi, prevent false alarms about bogus packets
+	received by DCC clients.
+Improve 24-hour averaging of client operations by dccd.
+Fixes to dccd/rl.c from Leandro Santi.
+1.1.45
+Fix error in sample homedir/map.txt file.
+Fix problem in starting flooding.
+Fix error in misc/dcc-stats-init.
+1.1.44
+Fix core dump observed by Stephen Misel.
+Suppress error message from rcDCC and start-dccm when dccm is not
+	installed as noted by Kevin Gagel.
+1.1.43
+Fix core dump reported by James Carlson.
+1.1.42
+Fix dbclean progress reporting bug noted by Vladimir Samoilov.
+Improve misc/na-spam to catch another kind of quote leader.
+Drop anonymous requests that would be delayed by more than the maximum
+	possible RTT.
+Add application layer keepalives to flooding.
+1.1.41
+Sort IP addresses in `cdcc rtt`.
+Improve response of the client code to broken servers.
+1.1.40
+Adjust client failure "fail_more()" backoff mechanism.
+Add commas to misc/dcc.m4 as suggesed by Spike Ilacqua.
+1.1.39
+Fix missing changes to dcc.m4.
+1.1.38
+Fix `make install` file ownership as noted by Gary Mills.
+1.1.37
+Deal with certain obfuscating URLs.  This change includes some
+	URLs in Fuz2 checksums and removes parts of some URLs from Fuz1
+	checksums.  This should reduce much of the need for the dubious
+	    many hex FUZ2: 00000000 00000000 00000000 00000000
+	whiteclnt entry.
+Decode RFC 822 and MIME entity headers to control quoted-printable
+	and base64 decoding instead of the previous adaptive algorithm.
+	This also involves decoding nested MIME multipart messages.
+	A side effect of this is to change the checksums computed for
+	some mail.
+Use poll() on Solaris to avoid failures from select() on large FDs.
+Smuggle the Mail_From value to dccm with a ${dcc_mail_host} macro
+	so the mail_host checksum is valid despite sendmail smart relays.
+	This requires rebuilding sendmail.cf with the new dcc.m4.
+Move part of the server-failing timer into /var/dcc/map so that
+	dccproc processes can share it.
+Fix dccifd bug in handling detecting the end of headers reported
+	by Tim Clymo.
+Fix `dccd -u` which was almost entirely broken.  Extend `dccd -u`
+	to inflate the delay for busy anonymous clients.
+Make server selection more stable despite network problems.
+Fix some cases of false alarms of database corruption by dbclean.
+	This fix is important where dbclean complains about `repairing` the
+	database.
+Clear dccd queue delay when the server is idle.  This should help
+	dccd on BSD/OS after dbclean runs.
+Avoid `chown` and `chgrp` with `configure --disable-sys-inst`.
+Add `dccproc -x exitcode` as suggested by Paul Wright.
+`cdcc clients` displays counts of NOPs to catch misconfigured firewalls
+	at clients.
+1.1.36
+Add optional DCCM_ENABLE and DCCD_ENABLE to /var/dcc/dcc_conf
+Look for libmilter.a where it is in some versions of Linux.
+Add "eval" to start-dccd, start-dccm, and start-dccifd when
+	not using a separate UID to allow quoted blanks in
+	`dccm -r "rejection messages"`.
+1.1.35
+Deal with name space pollution in Solaris as suggested by Isaac Saldana.
+1.1.34
+Fix libexec/dcc-stats-collect and libexec/stats-get as noted
+	by Valentin Chopov.
+Adjust FUZ2 length thresholds to catch more HTML obfuscated spam.
+Reduce some stalling of dccd on BSD/OS when dbclean starts.
+Resolve conflict between start-dccifd and dccifd by making the default
+	location for the dccifd PID file the same as for the dccm file
+Fix dccifd to remove stray X-DCC headers.
+Fix start-dccifd to pay attention to DCCIFD_ARGS in dcc-conf.
+1.1.33
+Fix rare core-dump in dccd that more frequently corrupts the database.
+Do not loop forever as the result of some database corruption.
+Turn off by default dccd blacklist event tracing.
+Increase the limit on the size of white-listed CIDR blocks from /24 to
+	/20 or 1024 IP addresses.  Every IP address whether specified
+	separately or with a CIDR block requires a separate entry in a
+	client DCC whitelist hash table.  The hash table is limited to
+	about 80K entries.
+Add '-T' to misc/hackmc to trust or white-list mail authenticated
+	by SMTP AUTH or START TLS.
+Server blacklisting suppresses "bad client or server-ID" error messages.
+add /var/dcc/libexec/stats-get produce server statistics as noted by
+	Daniel Klein.
+1.1.32
+Do not count MIME content-type image bytes when deciding whether
+	to generate FUZ2 checksums.
+Unlink dccm and dccifd PID files before trying to (re)create them.
+Dccm watches milter "contexts" more closely for corruption.
+Add an optional count to `cdcc clients`.
+Dbclean tries harder to restore dccd flooding.
+Initialize wtgts in dccproc as noted by Leandro Santi.
+1.1.31
+Fix core dump in ckfuz1.c noted by Gary Mills.
+1.1.30
+Allow blanks in MIME boundaries.
+Possibly fix compiler "initialization type mismatch" warnings noted by
+	Gary Mills.
+1.1.29
+Fix dccm core dump in ckfuz1.c noted by Sven Willenberger.
+1.1.28
+Fix dccm core dump in dcc_ck_body0() noted by Valentin Chopov.
+1.1.27
+Add to HTML character references known by the Fuz2 checksums.
+1.1.25
+Notice "Content-Type: text/html" headers to pay attention to HTML
+	even in mail without <html> tags.
+Tweak the Fuz2 checksum to ignore some Microsoft delivery notifications.
+Adjust Fuz1 checksum to be more consistent on URLs.
+Fix date bug reported by Krzysztof Snopek in `cdcc clients`.
+Include an indication that the client was blacklisted in `cdcc clients`.
+Change MIME decoding somewhat as suggested by Leandro Santi.
+Fix bug in dccd client blacklist.
+Add `dccm -g not-all`.
+1.1.24
+Add `cdcc "clients -s"` to sort by the number of requests.
+Add /var/dcc/blacklist of blocks of IP addresses refused by dccd.
+Remove -lpthread from $(DPADD) in dccm and dccifd Makefiles for Solaris
+	with gmake to try to deal with problem observed by Krzysztof Snopek.
+1.1.23
+Fix handling of &amp; in the middle of words in HTML.
+Change dccifd to respond with DCCIF_RESULT_REJECT or 'R' when
+	queried about spam.
+Fix typo in detection of non-compiler on SunOS.
+Add `./configure --disable-dccifd` as suggested by Krzysztof Snopek.
+1.1.22
+Fix inconsistencies in fuzzy checksums computed by dccm and dccproc.
+More ./configure script changes to try to deal with problems on
+	a Solaris system with GCC and some undetermined oddities.
+1.1.21
+Suppress repeated messages about unauthorized server IDs of peers.
+Install cdcc, dccproc, and so forth in $HOME/bin by default
+	if /usr/local/bin is not writable and $HOME/bin exists.
+Fix infinite loop in decoding invalid HTML character references.
+1.1.20
+Fuzzy checksums ignore all text before initial MIME boundary and
+	after terminal MIME boundary.
+Add support for Spanish thanks to Leandro Santi.
+Shuffle hostname resolving code to try to fix what may be a race
+	in the Linux pthread_create() as discovered by Karl Grindley.
+Reduce default value of `dbclean -e` from 7 to 2 days.  Mail that does
+	not reach the local bulk threshold within 2 days is probably not
+	spam and if it is, it will almost certainly reach a bulk threshold
+	at some other server in the network.
+1.1.19
+fix missing env_From handling in dccifd/dccif.pl observed
+	by Nathan Neulinger
+set mode of dccifd socket to 0666 as suggested by Nathan Neulinger
+1.1.18
+fix `dccproc -c` logging bug noted by Brad Volz.
+fix ./configure to pick UID and GUID out of `id` with --disable-sys-inst
+multiply the `dccd -u` delay by 4 when flooding is off or broken to
+	steer clients away from DCC servers without working links.
+radically reduce the number of wsync() calls to speed systems with
+	lame mmap() support including BSD/OS 4.2.
+fix setting of file descriptor limit in dccm and dccifd as noted
+	by Gary Mills
+change configure script to deal with change in gmake version string
+	discovered by Aaron Paetznick
+1.1.17
+add DCC interface daemon, dccifd, similar to dccm for SpamAssassin and
+	Perl filters and MTAs other than sendmail.  This is only an initial
+	release soliciting comments about its interface.  Its interface
+	may change in 1.1.18.  The new lines of homdir/dcc_conf must be
+	added to /var/dcc/dcc_conf to turn it on.
+`dccm -a IGNORE` says "would have rejected" in the log messages
+	for Sven Willenberger
+generate sample client-ID password for localhost server in /var/dcc/ids
+	and /var/dcc/map
+dccd only complains about unknown server-IDs when "IDS" tracing is
+	turned on.
+DCC clients check for new server DNS records every other hour
+	instead of every hour
+compute the same Base64 result for 32-character lines with or without '\r'
+close unlikely, theoretical per-user log file FD leak in dccm.
+dccproc passes header lines (including continuations) longer than
+	20 KBytes
+fix bugs in misc/newwebuser as noted by Furlan Campos.
+dccm deletes all X-DCC headers of the right brand name to foil
+	tricky spammers.
+dccproc defaults the -T tmpdir to the -l logdir
+1.1.16
+fix long HELO values in dccm from Leandro Santi.
+fix /var/dcc ownership installation bugs noted by John Reames.
+let count of clients seen within 24 hours be more than 1000.
+change misc/na-spam, the news.admin.net-abuse.sightings gateway script
+	to use dccproc log files instead of generating its own.
+don't allow ':' in DCC server "brandnames".
+recover misplaced change to misc/dcc.m4 to fix need to use
+	FEATURE(`delay_checks')
+fix apparently harmless quoting error in dcc.m4
+fix `cdcc "flood stats all"` when the server's peers are not ordered
+	by their IDs.
+decode Base64 with invalidly long lines.
+1.1.15
+change graph generating shell scripts, including making the
+	database size RRA use "MIN" instead of "MAX".  A shell script
+	that can convert existing RRDs is available.
+make `misc/hackmc -O` apply to all uses of the sendmail access DB
+	instead of only the envelope Mail_From value.
+1.1.14
+tweak graph generating shell scripts.
+add `cdcc "flood stats all"` and `cdcc "flood stats clear all"`
+1.1.13
+tweak graph generating shell scripts including fixes from Jack Bates.
+adjust autoconf mechanism to try to deal with systems with inet_ntop()
+	but without IPv6.
+1.1.12
+move dccd statistics to the flod.map so they're preserved despite
+	restarting dccd.
+add shell scripts to generate RRD graphs.
+make rate-limits run-time parameters for `dccd -R`.
+1.1.11
+fix dccm bugs with handling a non-responsive server.
+change misc/hackmc to modify sendmail.cf to reject unauthorized relay
+	attempts with a temporary failure when they are supposed to be sent
+	to the DCC but dccm is not running.  This prevents leaking relay
+	relay spam.  You must use the new hackmc script to install this
+	change in sendmail.cf.
+remove "# whitelisted" from `cdcc stats` output to give more room
+	for totals.
+prevent empty dccproc log files as noted by Krzysztof Snopek.
+even fatal errors should cause dccproc to exit with 0 to avoid
+	rejecting mail, as noted by Krzysztof Snopek.
+When server hostnames have common IP addresses, prefer the server
+	with the non-anonymous client-ID, noted by Krzysztof Snopek.
+1.1.10
+try to deal with truncated per-user dccm logs on Solaris.
+reduce threshold at which Fuz2 checksums are computed to capture
+	more spam.
+force the use of gcc on Solaris.
+try not to wait for the syslog console messages to resolve a dccm
+	crash on Solaris.
+1.1.9
+make `cdcc "flood list"` unpriviledged, but disclose only server-IDs
+	to strangers.
+1.1.8
+fix "invalid database address" problems on SPARC systems with
+	./configure ----enable-big-db
+%-encode quotes in URLs generated by the CGI scripts.
+fix `cdcc "id=X"` for X>65535.
+increase path length limit to 24.
+add `dblist -I server-ID`.
+1.1.7
+fix man page installation on AIX.
+work around connect() bugs on AIX41 and OpenUNIX.
+1.1.6
+fix encoding of quote characters in the CGI scripts
+look for sendmail 8.12.1 libsm.a that is required by that version of
+	the Milter code.
+make the configure script again find the FreeBSD MD5 library.
+1.1.5
+fix bugs in white-list links in the CGI scripts.
+increase 8-hop flooding path limit to 16.
+changes from Mark Moraes to compile dccproc under Cygwin on Windows 2000
+the DCC source compiles on OpenUNIX 8.0.1 thanks to Larry Rosenman.
+reduce the chances of duplicate or missing entries in the list
+	from `cdcc clients` as suggested by Dave Lugo.
+add `dblist -C` to limit the listing to reports with specified checksums
+	as suggested by Sam Leffler.
+`dccm -r "4xx ..." now produces a proper SMTP "temporary failure".
+deal with /usr/include/md5.h that seems to be RedHat 7.3 but that does
+	not compile by itself.
+1.1.4
+fix dccproc and dccm tarballs broken in 1.1.3.
+1.1.3
+add a "VERSION:" string to the start of dccm and dccproc log files.
+fix memory leak in dccm observed by Gary Mills.
+fix core-dump in dccd with unreadable /var/dcc/flod noted by Sam Leffler.
+add prototype CGI scripts for per-user white lists.
+rate limit and improve log messages about read-only whiteclnt files.
+allow null passwords for server-IDs in /var/dcc/ids that are used only
+	as markers so that no DCC server is accidentally started with the
+	password "unknown"
+install initial /var/dcc/map file using dcc.dcc-servers.net
+install empty server database as suggested by Andrew Macpherson.
+create /var/dcc/log during installation.
+adjust the `dccd -u` default to minimize rejecting DCC queries from
+	nearby anonymous clients.
+convert upper to lower case in dccm per-user white list directories as
+	suggested by Andrew Macpherson.
+allow null passwords as place-keepers in /var/dcc/ids.
+rebuild gmake .d depend files when include/dcc_config.h changes so
+	that bad things don't happen when a header file disappears and
+	the configuration changes to match.
+fix "log-del" option in /var/dcc/flod to log checksum delete requests.
+add "del" and "no-log-del" options to /var/dcc/flod lines.
+change the defaults for flooding delete requests to log them ("log-del"),
+	not send them ("no-del" among o-opts) and
+	reject them ("no-del" among i-opts).
+change misc/hackmc to be usable in typical Makefiles that generate
+	.mc files.  It now feeds a single set of .mc files to m4
+	to produce a single .cf file on stdout instead of a set of .mc files.
+	It also no longer includes ../m4/cf.m4
+use native sendmail milter libraries on FreeBSD 4.6
+IDs in /var/dcc/ids can be placeholders without passwords
+1.1.2
+fix `dccm -W`.
+the recipient mailbox resolved by sendmail can be used as an white list
+	value by dccm.  This simplifies white-listing when the system
+	has more than one name.
+1.1.1.
+add -follow to cron-dccd in case user log directories are beyond
+	symbolic links.
+fix "resource temporarily unavailable" message from dccproc
+	reported by Henrik Lewander.
+fix `dccm -W` problem in 1.1.0 reported by Mark Motley.
+1.1.0
+"substitute" whitelist header entries must start with the name of
+	the header.  This is incompatible with previous versions.
+remove `dccm -a REJECT_ONLY`
+add per-user whitelists and logs to dccm.  See `dccm -U`. Use the
+	DCCM_USERDIRS variable in the new homedir/dcc_conf file to turn on.
+	To generate per-user log files without leaking informatio about
+	Bcc addresses, the format of all log files has changed slightly.
+	Look for "bulk" in the X-DCC line instead of the final "targets" line.
+add `dccproc -E` to add dccm log file style envelope lines to log files.
+fix cleaning of hourly DCC log files as suggested by Gary Mills.
+X-DCC header lines contain the string "bulk" when the message is bulky.
+add the "mail_host" as a possible "subsitute header" for dccm.
+several of the mailing lists in the sample white list now require that
+	dccproc or dccm use `-S sender`	or dccm use `-S mail_host`.
+	This removes hostnames from the sample whitelist, because they
+	can take a long time to resolve or fail to resolve.
+change env_To: lines in dccm log files to include the sendmail "mailer"
+	and address.  Also add the resolved "mail_addr" and "mail_host"
+	to dccm log files.
+allow common dccproc white list files owned by the DCC user to be in
+	subdirectories of the DCC home directory instead of only the
+	DCC home directory.
+use Rgethostbyname() in clients only when `cdcc SOCKS on` is sent
+	and in the server only for flooding peers that are flagged with
+	"SOCKS" in /var/dcc/flod.
+use gethostid() and hash the local host name instead of gethostbyname()
+	to generate the DCC client host ID
+consider an entire report of checksums obsolete if the fuzziest checksum
+	is obsolete for dbclean or flooding.  This reduces the database
+	size and flooding bandwidth by another factor of 2.
+fix `./configure --mandir=/tmp/foo` to put the man pages into
+	/tmp/foo/man8/dccm.8 and similar places on other systems instead
+	of /tmp/foo8/dccm.8 as suggested by Michael Grant.
+add `configure --disable-sys-install` to simplify and make a non-system
+	installation (e.g. by a user with a shell account) safer (no suid).
+stop frequent complaints about bad flooding passwords in most cases.
+1.0.53
+fix bug in fuzzy checksums that was not handling long Base64 lines.
+increase the thresholds for computing the Body and Fuz2 checksums
+	and decrease the threshold for the Fuz1 checksum.
+limit work-around for broken Linux threads that need signals delivered
+	to the process group to Linux systems to avoid breaking dccm
+	on Solaris 2.6 systems.
+add `cdccc "flood stats ID".  Part of this involves a change
+	to format of the flod.map file.  It will be automatically rebuilt.
+fix `cdcc clients` and `cdcc stats` operations to do better with more
+	than 64 active clients.
+fix core-dump in dccd found by James Carlson.
+use Rgethostbyname() when SOCKS is configured.
+fix private (not owned by the dcc user) whitelist files for dccproc.
+notice and report missing incoming flood connections.
+detect and complain about duplicate definitions in /var/dcc/ids
+1.0.52
+fix bug in dbclean that was inflating instead of compressing some
+	reports.
+fix spurious emergency execution of dbclean by dccd.
+deal with missing h_nerr and h_errlist[] in Solaris 2.6 as
+	suggested by Gary Mills.
+fix use of old $DCCM_RUNDIR in rcDCC as suggested by Gary Mills.
+fix extra blank in dcc.m4 as suggested by Gary Mills.
+generate dcc.m4 with the local choice for /var/dcc/run with configure.
+use dcc_inet_ntop() on systems that do not understand IPv6 to fix
+	a problem on Solaris 2.6 discovered by Gary Mills.
+1.0.51
+fix man pages on FreeBSD.
+fix file descriptor leak in dccd when using SOCKS.
+`cdcc "flood check"` forces dccd to re-resolve hostnames for flooding
+	peers that are failing.
+1.0.50
+Improve automatic dbclean-ing by dccd.
+1.0.49
+Check the log directory for dccproc and dccm after changing to the
+	home directory.
+1.0.48
+Split old records in the database so they compress better.
+Reduce bandwidth required for flooding by summarizing checksum counts.
+Fix configure in the partial packages, dcc-dccm-*.tar.Z and
+	dcc-dccproc-*.tar.Z
+Fix `dccd -K no-IP`.
+Fix error messages for `dccproc -c type,thold` and add "never" as in
+	`dccproc -c all,never`
+Fix yet another bug in dcc_mkstemp().
+Add "NEVER" to -c for dccproc and -t for dccm.
+Enhance `dccm -l logdir` and `dccproc -l logdir` to scatter log files
+	among directories for systems dealing with more than 500,000
+	mail messages per day.
+Dccm log files are now named "tmp.XXXXXX" until it is known that they
+	are needed and they are renamed to msg.XXXXXX or they are deleted.
+1.0.47
+Make "-n brand" optional for dccd.
+decode Base64 before computing checksums.
+remove `cdcc pck` and `cdcc delck body` operations.
+add configure parameter --with-bad-locks to deal with Solaris mmap()
+	vs. fcntl() locking problems.
+Dccm and dccproc shold keep only the last of several locally specified
+	header checksums.
+Because people have been confused by env_To checksums being ignored
+	in server whitelists, they are now reported as errors.
+1.0.46
+Fix garbage in dccm log file names.
+When run as root, dbclean avoids changing the owner of the database files.
+Add logging to dccproc in the style of dccm.
+Accept hex checksums to allow whitelisting message bodies, and especially
+	"empty" bodies contianing more than 1 KBytes generated by
+	Outlook Express.
+Improve compression of old entries in the database.
+Add checking of "substitute" headers.  See -S in the dccm and dccproc
+	man pages.
+1.0.45
+Repair incoming flood duplicate detection broken in 1.0.44.
+1.0.44
+Dccd now tries to fix the database when it starts
+	dccd also marks the database potentially inconsistent while it
+	is running and until it stops cleanly.  Graceless shutdowns
+	are now detected and the database is automatically checked with
+	`dbclean -R` before dccd resumes operation.
+Add Fuz2 checksums to the default lists along with Fuz1 and Body
+By default, dccd does not keep non-body checksums in the database.
+	The previous behavior can be restored with -Kall.
+Double the maximum size of the database's hash table
+Teach dccd to run dbclean to expire checksums so things work even
+	if the cron job doesn't
+Misc/hackmc -D adds a local rule to reject mail from SMPT clients
+	without reverse DNS to the DCC
+Suppress messages from dccd for EINVAL the second connect().
+	This is lame, but both FreeBSD and Linux answer the second connect()
+	on a non-blocking socket after an ICMP Unreachable or timeout
+	with EINVAL.
+Speed up dbclean for large databases
+	It is only about 2.5 times faster on linux 2.2.14-5.0
+	Large systems handling more than 200,000 messages/day should
+	use --with-db-memory=500000000 or whatever is the appropriate number.
+	This change combined with the -K changes mentioned above produce
+	an overall speed-up of about 10 times for busy, not large systems.
+Add configure parameter --enable-big-db to support server databases
+	with up to 2 billion instead of 16 million entries in the hash table
+Fix problem with env_To white-listing reported by Mark Motley
+Add -H to dccproc to emit only the header
+Fix dccd to pass -L parameters to dbclean so that log messages from
+	automatic invocations of dbclean are not lost
+1.0.43
+add prototype Fuz2 fuzzy body checksum and remove the subject checksum
+	See INSTALL.{html,txt} about DCC_RPT_SUBJECT if you want to
+	restore Subject checksums in in you DCC clients.
+fix SOCKS connection and re-connection of flood stream.
+add -c thresholds to dccproc and make its exit code indicate whether
+	they are exceeded.  This should eliminate common needs to parse
+	the output of dccproc.
+fix dccd iflod_send_pos() core-dump seen during very high network losses
+	to flooding peer.
+deal with Linux bug in not allowing connect() after a previous
+	connect() to 127.1.
+fix dccm core-dump on some platforms when whitelist hostnames fail to
+	resolve.
+deal with Linux `bash` vs. `su`
+handle duplicate local interfaces on Linux
+make `cdcd "flood rewind"` require a remote server-ID
+1.0.42
+fix dccm crash while dealing with white list.
+1.0.41
+fix bug introduced in 1.0.37 that broke `cdcc add`
+include truncated getifaddrs() for systems that do not have it to improve
+	the default behavior of dccd with multihoming.
+fixes for syntax errors in misc/{rcDCC,stop-dccd} from Michael Ghens
+make `dccm -W` less confusing.
+change hackmc to report mail with bogus DNS senders to the DCC
+1.0.40
+fix for syntax error in /var/dcc/libexec/cron-dccd from Dave Lugo
+deal with slow dccd response to dbclean
+1.0.39
+keep dccd from going crazy with a crazy value for -q
+1.0.38
+fix dccd core dump with Dave Lugo's help.
+improve dccd host name resolving helper process.
+improve misc/na-spam.
+`cdcc 'stats clear'` now also clears the list of clients seen by dccd.
+add a path of server-IDs to flooded checksum reports.
+increase the number of checksums recognized by the server.
+fix pthread error on SunOS and possibly AIX.
+use absolute path for `cdcc` in /var/dcc/libexec/stop-dccd as suggested
+	by Sam Leffler.
+improve fuzzy ignoring of MIME multipart boundaries.
+1.0.37
+deal with lack of -s in SunOS `logger`.
+dccd now has a helper process to wait for slow DNS servers to resolve
+	the names of flooding peers.
+Deleting and restarting the DCC server's database now causes dccd to
+	ask peers to re-flood their checksums.  This new feature required
+	changing the flooding protocol.  DCC servers using the new protocol
+	talk to servers using the old protocol after the old servers start
+	their streams or with an explicit tag in the /var/dcc/flod file.
+`sendmail -bs` is used by some mail user agents such as pine.  In such
+	cases the sendmail milter interface gives filters such as dccm a null
+	pointer to what should be an IP address and a pointer to the
+	string "localhost".  Dccm now acts as if such mail arrived from
+	IP address 127.1.  This makes the common white list entry
+	"ok IP localhost" effective for such mail.  Note that dccm deletes
+	X-DCC header lines with its own brand from white listed messages,
+	because they would otherwise be wrong and a potential vulnerability
+	to bad guys.
+Fix `dccproc -o ofile` to include the X-DCC header in ofile.  If this fix
+	is a problem, see `dccproc -C`
+add /var/dcc/libexec/na-spam and ng-spam to gather spam from
+	news.admin.net-abuse.sightings
+fix start-dccd, start-dccm, and cron-dccd to support multiple dccd
+	daemons in separate home directories.
+1.0.36
+support for OSF1.
+handle msync() with only two parameters in old BSD/OS.
+try to fix rare core-dump in dccm whitelist parsing.
+fix error in misc/dccdnsbl.m4 noted by Michael Ghens.
+fix autoconf errors for SunOS noted by Sam Leffler
+add "log-del" option to /var/dcc/flod file
+fix recent damage to DCC{D,M}_ARGS in start_dcc{d,m}
+1.0.35
+add DCC_LOG_FACILITY to dcc_conf as suggested by Sam Leffler.
+	You must install the new homedir/dcc_conf with your parameters
+	to use it.
+fix recently introduced bug that kept dccd from automatically
+	running dbclean to expand the database.
+document the output of the dblist program in its man page.
+`configure --with-rundir` can be used to override the use of /var/run/dcc
+	for the PIDs of DCC daemons, sockets, and so forth.
+`configure --with-uid=dcc` creates Makefiles and scripts to install
+	and start DCC programs as the user "dcc"
+1.0.34
+support for IRIX
+fix bug in setting libexecdir for configure
+change `cdcc stats` to show cumulative report counts
+increase maximum number of flooding peers from 16 to 32
+	and make it a compile-time parameter
+change $UID in misc/start-dcc{d,m} to the avoid reserved variable in
+	RedHat 6.2 as suggested by Michael Ghens
+fix bug in cron-dccd found by Michael Ghens and Dave Lugo
+remove mechanism for configuring the DCC home directory by setting
+	an environment variable before invoking `make`
+change the default value of the -u anon-delay parameter for dccd to 0.
+add "flood list" operation to `cdcc`
+look for sendmail for dccm in a FreeBSD "ports" package
+1.0.33
+support for HPUX thanks to Richard Rauenzahn.
+check against "$USER" instead of "root" in start-dccm and start-dccd
+	as suggested by Luke Crawford.
+make the server rate limits configurable at compile-time.
+1.0.32
+fix bug in local white lists that ignored changes in the count field
+by default, start-dccm no longer tells dccm to reject based on
+	message-ID checksums
+fix recently introduced bug that kept flooding off after the
+	hash table needs to be expanded.
+1.0.31
+add SOCKS support.
+dccproc only logs errors unless given -d.  This should fix problems
+	in some mail systems using dccproc caused by network problems.
+fix permissions bugs related to using private map files
+the dcc_notspam sendmail macro used by dccm with -o must be non-empty
+	to be considered "set".
+1.0.30
+fix man page installation on OpenBSD.
+fix bug in starting incoming floods on systems with IPv6 interfaces
+	but without what DCC recognizes as IPv6 support such as OpenBSD.
+deal with systems such as OpenBSD with lame mmap() support.
+speed up recognition of changes in the /var/dcc/flod file.
+use DCCM_REJECT_AT in /var/dcc/dcc_conf to also set the default
+	flooding threshold used by dccd when it is started by
+	/var/dcc/libexec/start-dccd
+add configure switches to not build dccm and the server
+`dccd -u` turns off `cdcc stats` from anonymous systems to avoid telling
+	strangers how many mail messages a small DCC server has seen.
+1.0.29
+fix start-dccd to deal better with non-standard DCC home directories.
+dccproc is now like dccm and treats a missing Message-ID header.
+	as if it were present and with a null value.
+do the right thing for DCC servers running on platforms where
+	gethostname() fails completely on a short buffer instead of
+	giving a prefix of the hostname.
+detect and quit on null hostname from gethostname().
+1.0.28
+improve the handling of an already running daemon in by misc/start-dccd
+support mapping of ranges of server IDs when flooding reports
+yet more changes to deal with quoted-printable.  These changes
+	generally cause the fuz1 checksum to differ.
+remove need for FEATURE(delay_checks) when reporting sendmail access_db
+	hits to DCC server
+change body checksum to ignore '>' in "\n>From" because the '>' is
+	often added for old UNIX MUAs.
+improve response of dccproc to 20KByte or larger To: headers.
+make `cdcc "file map2; load map2.txt"` act the same as
+	`printf "file map2\nload map2.txt" | cdcc`
+dccm now treats a missing Message-ID header as if it existed but with
+	a null value.
+1.0.27
+change example scripts to deal with `expr` exiting with 1 and stopping
+	them on Solaris
+fix client IDs larger than 65535
+detect and complain server IDs offered to `cdcc` as client IDs
+1.0.26
+if dccm is already installed, try to build it even if the sendmail
+	milter library is not available to prevent silent failures to
+	install new versions of dccm.
+1.0.25
+fix confusion if a quoted-printable sequence overlaps a buffer boundary.
+do not give up on remote servers if a local server responds with
+	an ICMP unreachable error.
+1.0.24
+minimize interpreting '=' in a URL as quoted-printable to make dccproc
+	and dccm compute the same fuzzy checksums more often.
+1.0.23
+fix confusion in dccproc about whether an initial line of a message
+	that starts with blanks is a continuation of the last header line
+1.0.22
+fix infinite loop and packet spew from dccproc when the clock jumps
+backward or jumps forward more than 1000 seconds.
+fix syslog process name on Solaris and AIX
+`dccproc -R` picks IP address out of standard Received: lines
+fix bugs in decoding quoted printable with broken soft ends of lines
+1.0.21
+repair DCC server whitelist broken in 1.0.20
+1.0.20
+support for Solaris
+describe ways to connect spam traps to the DCC in INSTALL.html
+move parameters from start-dccd, start-dccm, and cron-dccd to a common file
+add misc/rcDCC start-up script for Solaris and Linux
+fix byte-order bug in flood header server ID which requires changing
+	the flood protocol.  To flood to version 1.0.19 or older versions
+	of dccd, specifiy version 4 in the flod file line.
+removed locking file /var/dcc/map.lock
+change handling of spam sent simultaneously to white-listed and unlisted
+	targets.  See the discussion of the new "REJECT_ONLY" action in the
+	dccm man page.
+1.0.19
+improve `cdcc stats` flood formatting
+fix `cdcc "host domain.com; stats all"`
+change dccproc to use the value of the Return-Path: header for the
+	envelope-From checksum if the header is present and -f is not used.
+fix `dbclean -S -N` when the whitelist is empty
+add rough support for NetBSD.
+mention dccd in the INSTALL file.
+fix for parsing "-L error,LOCAL1.ERR" from Vincent Schonau
+1.0.18
+add "clients -n" to cdcc
+add -C to dccproc
+1.0.17
+add dccsight
+1.0.16
+try again to deal with getifaddrs() without freeifaddrs().
+fix bug introduced in 1.0.15 that causes dccproc to require
+	a white-list
+fix corruption of /var/dcc/map when dccproc is run with stderr not
+	open and when the DCC server first fails to answer.
+1.0.15
+make the sendmail {dcc_isspam} and {dcc_notspam} macros consistently
+	override what dccm and the DCC server determine
+1.0.14
+deal with systems that have getifaddrs() but not freeifaddrs().
+fix bogus response from server when a duplicate request from an
+	anonymous client arrives before the original request has been
+	scheduled to be answered.
+fix obscure double-trip bug in threaded client library.
+accept "rpt-ok" as well as "rpt_ok" in the ids file.
+fix /var/dcc/flod option scanning bug by dccd.
+'dccd -u 999999' turns off access by anonymous or unauthenticated clients.
+add -W to dccm to cause only explicitly listed targets to be protected
+	by the DCC
+add a "reject" server-ID translation target in the flods file to
+	not send or receive the reports of some servers.
+1.0.13
+add RTT adjustment to cdcc load and add operations to allow a client
+	to prefer servers despite worse RTT's
+1.0.12
+in dccm count two intead of one open file for each active job against
+	the system imposed limit on open files for automatically setting
+	the value of -j for dccm and for automatically changing the soft
+	resource limit.
+use the GNU autoconfig install script instead of `install -d` to create
+	$(HOMEDIR)/libexec because GNU autoconfig does not detect install
+	programs that do not understand -d
+rate limit complaints by dccd about unrecognized server IDs
+1.0.11
+dccm tolerates null sender IP addres and hostname from `sendmail -bs`
+	from sendmail 8.11.3 but perhaps not from 8.12.
+change -p for dccd and dbclean to -a to allow specification of entire
+	server addresses.
+by default, dccd listens on separate UDP sockets so that clients receive
+	responses from the same IP address to which they send requests.
+1.0.10
+fix "bogus oflod complaint length 0" nonsense from server
+`cdcc stats` counts the clients seen in the last 24 hours, but
+`cdcc clients` displays all that fit in the cdcc buffer even if
+	older than 24 hours
+the `configure` script looks at `make -v` to guess whether to generate
+	gmake or make makefiles
+include list of common "dictionary attack" user names among the sample
+	homedir files
+1.0.9
+body checksums ignore effects of quoted-printable encoding
+deal with versions of gmake that do not understand ?=
+improve "clients" request of cdcc
+1.0.8
+fix rate limiting bugs in the server
+fix local env-To whitelist
+1.0.7
+fix locking bug when client whitelist file cannot be opened
+use `install -c` to not delete misc scripts
+fix server flood stalls when there are many stale or whitelisted
+	reports
+1.0.6
+fix bug in alternate dccm argv[0] in start-dccm
+fix bug in noticing changes to included white lists
+1.0.5
+install cron-dccd, start-dccd, and start-dccm in $(HOMEDIR)/libexec
+1.0.4
+fix server core-dump for repeated invalid admin. opcodes while
+	tracing is enabled.
+add "clients" request to `cdcc`
+add "stats all" request to `cdc
+add homedir/start-dccm.sh
+/var/run/dccm.pid and /var/run/dccm depend on argv[0]
+white-lists can use "include pathname"
+dccm -o overrides -s
+dccm -o and -s have default values
+move /var/run/dccm and /var/run/dccm.pid to the directory /var/run/dcc
+	and change the sendmail "feature" file misc/dcc.m4 to match
+1.0.3
+improve flood ID mapping
+remove need to explicitly build before `make install`

Mercurial > notdcc

comparison CHANGES @ 0:c7f6b056b673