notdcc: INSTALL.html.in comparison

comparison INSTALL.html.in @ 0:c7f6b056b673

First import of vendor version

author	Peter Gervai <grin@grin.hu>
date	Tue, 10 Mar 2009 13:49:58 +0100
parents
children

comparison

equal deleted inserted replaced

--1:000000000000
+:c7f6b056b673
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN">
+<HTML>
+<HEAD>
+<TITLE>DCC Installation</TITLE>
+<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
+<META HTTP-EQUIV="Content-Style-Type" content="text/css">
+<STYLE type="text/css">
+<!--
+BODY {background-color:white; color:black}
+TABLE.centered {margin-left: auto; margin-right: auto; }
+TD {font-size:80%}
+TD.env {font-family:monospace}
+TD.conf {font-family:monospace}
+DL.compat {margin-left:5%; margin-right:10%}
+.small {font-size:smaller}
+SUP {font-size:smallest}
+IMG.logo {width:6em; vertical-align:middle}
+-->
+</STYLE>
+</HEAD>
+<BODY>
+<H1>Distributed Checksum Clearinghouse (DCC) Installation</H1>
+<P>
+<OL>
+<LI><H3>Fetch the Source and Read the License</H3>
+The DCC source is available at
+<A HREF="http://www.dcc-servers.net/dcc/">dcc-servers.net</A>
+and
+<A HREF="http://www.rhyolite.com/dcc/">Rhyolite Software</A>.
+<P>
+Please <EM>do not</EM> try to use the more than 3 year old modified
+versions of DCC software distributed by some Linux packagers.
+Those versions do not detect bulk mail as well as more recent versions.
+Installations using those old versions also have problems using the
+public DCC servers that often make it necessary to add their IP addresses
+to the blacklist that protects the public DCC servers.
+Even worse, all known Linux redistributions of DCC software have been
+changed in ways that break things, including the
+<A HREF="misc/updatedcc.in">libexec/updatedcc</A> shell script that could
+otherwise be used to fetch, configure, compile, install, and restart
+a current version.
+<P>
+The license on the free source is in the source as well as
+<A HREF="http://www.dcc-servers.net/dcc/dcc-tree/LICENSE">dcc-servers.net</A>
+and
+<A HREF="http://www.rhyolite.com/dcc/dcc-tree/LICENSE">Rhyolite
+Software</A>.
+The free license is intended to cover individuals and organizations
+including Internet service providers using DCC to filter their own mail.
+Organizations selling anti-spam appliances or managed mail services are
+not eligible for the free license.
+<P><LI><H3>Read the Documentation</H3>
+<P>
+The <A HREF="dcc.html#Installation-Considerations">DCC</A>
+and other man pages describe the features, operating modes,
+required data files, and other characteristics of the DCC.
+Also see the DCC <A HREF=FAQ.html>FAQ</A>
+or list of frequently answered questions.
+<P><LI><H3><A NAME="step-sendmail">Build Sendmail</A></H3>
+If the DCC-sendmail interface, <A HREF="dccm.html">dccm</A>, is not used,
+then <B>skip</B> to the <A HREF="#step-compile">next step</A>.
+<P>
+Sendmail must have the
+Mail Filter API or Milter enabled.
+Some systems such a FreeBSD 4.6 and newer are shipped with
+Milter enabled and the library installed by default.
+If your system comes with the Milter interface turn on,
+then <B>skip</B> to the <A HREF="#step-compile">next step</A>.
+Otherwise, the Milter interface must be explicitly enabled
+by adding lines like those in
+<A HREF="misc/site.config.m4">misc/site.config.m4</A>
+to your sendmail/devtools/Site/site.config.m4 file or equivalent.
+Then build sendmail as described in the INSTALL file distributed with sendmail.
+You must build <CODE>libmilter</CODE> separately by something like
+<PRE>
+cd libmilter
+sh ./Build
+</PRE>
+<P>
+After sendmail has been rebuilt if necessary it will need to be restarted.
+That should be done after <A HREF="#step-compile">the next step</A>
+after <A HREF="misc/dcc.m4">misc/dcc.m4</A> has been created by the
+<EM>./configure</EM> script.
+<P><LI><H3><A NAME="step-compile">Configure, Build, and
+Install the DCC Programs</A></H3>
+<P>
+See the installation considerations in the
+<A HREF="dcc.html#Installation-Considerations">DCC man page</A>.
+<P>
+Most DCC files are in a "home directory" such as @prefix@.
+DCC programs such as cdcc and dccproc are run by end
+users and should be installed in a directory such as /usr/local/bin.
+They must also be set-UID to the UID that can change the DCC
+data files.
+DCC programs that do not need to be run by end users
+are installed by default in the libexec subdirectory of the DCC home directory.
+See the <A HREF="#envtbl">table</A> of
+<EM>./configure</EM> script and makefile parameters.
+If necessary, set CFLAGS, LDFLAGS, LIBS or other environment variables
+listed in the <A HREF="#envtbl">table</A>.
+Omit any parameters you don't really need to change and usually use only:
+<PRE>
+./configure
+make install
+</PRE>
+<P>
+End users installing only <A HREF="dccproc.html">dccproc</A>
+can install it in their private
+<Q>~/bin</Q> directories and use private directories for their DCC
+home directories.
+In this case, the DCC programs that would otherwise need to be set-UID
+need not be.
+<P>
+To build <A HREF="dccproc.html">dccproc</A>
+<A NAME="individual-user">for an individual user</A>,
+use something like
+<PRE>
+./configure <A HREF="#envtbl--disable-sys-inst">--disable-sys-inst</A> <A HREF="#envtbl--disable-dccm">--disable-dccm</A> <A HREF="#envtbl--homedir">--homedir=$HOME/dccdir</A>  <A HREF="#envtbl--bindir">--bindir=$HOME/bin</A>
+make install
+</PRE>
+<P>
+The sendmail interface, <A HREF="dccm.html">dccm</A>,
+must be built with the sendmail source and object tree.
+By default, the makefiles look for a
+native sendmail libraries (e.g. on FreeBSD 4.6), an installed "package"
+(e.g. on FreeBSD), or a directory named sendmail parallel to the DCC
+source and object tree.
+Those who regularly build new versions of sendmail may find it convenient
+to make a symbolic link there to their current sendmail.
+Otherwise configure the dccm makefile with
+<PRE>
+./configure <A HREF="#envtbl--with-sendmail">--with-sendmail</A>=/some/where/sendmail
+make install
+</PRE>
+If dccm does not build because it cannot find libmilter,
+check that libmilter was compiled with sendmail
+in the <A HREF="#step-sendmail">previous step</A>.
+<P>
+To connect the sendmail Milter interface to <A HREF="dccm.html">dccm</A>,
+copy or "sym-link" <A HREF="misc/dcc.m4">misc/dcc.m4</A> to
+your sendmail/cf/feature directory and
+add <CODE>FEATURE(dcc)</CODE> lines to your sendmail.mc configuration file.
+Then rebuild and reinstall your sendmail.cf file, and restart sendmail.
+<P><LI><H3>Create Client Configuration Files</H3>
+All DCC configuration files are in the DCC  home directory, usually @prefix@.
+See the
+<A HREF="dcc.html#Client-Installation">dcc</A>,
+<A HREF="dccm.html#FILES">dccm</A>,
+<A HREF="dccifd.html#FILES">dccifd</A>,
+and <A HREF="dccproc.html#FILES">dccproc</A>
+man pages
+for the files each needs.
+Example files are in the <A HREF="homedir/">homedir</A> directory in the source.
+<UL>
+<LI>Unless run anonymously, DCC clients need client-ID numbers and passwords
+assigned by the operators of the chosen DCC servers in the @prefix@/map file.
+<LI><P>Even if run anonymously, the @prefix@/map file must contain the IP addresses
+of DCC servers.
+If your mail system handles fewer than 100,000 mail messages per day,
+the installation process generates a serviceable @prefix@/map file
+from the included <A HREF="homedir/map.txt">homedir/map.txt</A>.
+That file points to the public DCC servers.
+<LI><P>If using remote DCC servers such as the public DCC servers,
+ensure that your firewalls allow outgoing packets to UDP port 6277
+on distant systems and incoming responses from UDP port 6277.
+There is a
+<A HREF="http://www.dcc-servers.net/dcc/firewall.html">description</A>
+one firewall's configuration.
+<LI><P>Your MX servers and mail submission clients should be listed in the main
+<A NAME=whitelist HREF="homedir/whiteclnt">whiteclnt</A> file with lines like:
+<PRE>
+mx          ip  10.2.3.4
+mx          ip  10.5.6.0/28
+mxdcc       ip  10.5.6.0/28
+ok          ip  10.7.8.9
+submit      ip  192.168.1.0/24
+</PRE>
+If those other systems also run DCC clients, use <EM>MXDCC</EM> instead
+of <EM>MX</EM> so that messages will not be reported twice to the DCC network
+and so have higher target counts,
+and appear to be unsolicited bulk mail.
+<P>
+Use <EM>OK</EM> for mail systems that you trust to never send or
+forward unsolicited bulk mail.
+<P>
+Untrusted SMTP clients such as end users with browsers used as
+MUAs (mail user agents) should be listed in the
+<A HREF="homedir/whiteclnt">whiteclnt</A> file with <EM>submit</EM>.
+<LI><P>Sources of legitimate bulk mail must be recorded in whitelists.
+Example <A HREF="homedir/whiteclnt">whiteclnt</A>,
+<A HREF="homedir/whitelist">whitelist</A>, and
+<A HREF="homedir/whitecommon">common</A> whitelists are among
+the <A HREF="homedir/">sample configuration files</A> in the homedir directory.
+The format of DCC whitelists is described in the
+<A HREF="dcc.html#White-and-Blacklists">DCC</A> man page.
+<LI><P>Put suitable values in the DCC configuration file,
+<A HREF="homedir/dcc_conf.in">@prefix@/dcc_conf</A> for dccm or dccifd.
+The default client values are usually good for a start and often only
+DCCM_REJECT_AT needs to be changed when it is time to reject spam.
+<LI><P>Optionally configure DNS blacklist (DNSBL) checks in
+<A HREF="dccm.html#OPTION-B">dccm</A>
+or
+<A HREF="dccifd.html#OPTION-B">dccifd</A>
+by setting DNSBL_ARGS in in the configuration file,
+<A HREF="homedir/dcc_conf.in">dcc_conf</A>, in the home directory.
+<LI><P>Optionally create per-user directories for logs and whitelists.
+See also the
+<A HREF="cgi-bin/">CGI scripts</A> that allow users to
+maintain their private whitelists
+and monitor their individual logs of rejected mail.
+<LI><P>Install a daily or more frequent cron job like
+<A HREF="misc/crontab.in">misc/crontab</A>
+and
+<A HREF="misc/cron-dccd.in">@libexecdir@/cron-dccd</A>
+to prune <A HREF="dccm.html#FILE-logdir">dccm</A> or
+<A HREF="dccifd.html#FILE-logdir">dccifd</A>
+log files and the prune dccd database with
+<A HREF="dbclean.html">dbclean</A>.
+</UL>
+<P><LI><H3>Create Server Files and Start the Server</H3>
+<B><A HREF="#step-greylist">Skip</A></B> this and the next step
+if only remote DCC servers will be used.
+You should use your own, local DCC servers if your mail system handles
+more than 100,000 mail messages per day.
+<P>
+It is best to use remote servers until the DCC client,
+dccm, dccifd, or dccproc, is stable.
+Then
+<UL>
+<LI>Put suitable values for dccd
+in the configuration file,
+<A HREF="homedir/dcc_conf.in">dcc_conf</A>.
+Every DCC server requires a unique
+<A HREF="dcc.html#Client-and-Server-IDs">server-ID</A>.
+Obtain a server-ID by contacting Vernon Schryver
+<A HREF="mailto:vjs@rhyolite.com">vjs@rhyolite.com</A> by email
+or via a
+<A HREF="http://www.rhyolite.com/cgi-bin/ct.cgi?sb=DCC+server-ID">web
+form</A>.
+<LI><P>Choose a secret password for your server-ID in your
+<A HREF="homedir/ids">@prefix@/ids file</A>.
+This password can be used to control your server remotely.
+<LI><P>Start the server with the system by installing
+<A HREF="misc/rcDCC.in">@libexecdir@/rcDCC</A> or an equivalent.
+If it is used unchanged, rcDCC is best installed with a symbolic link
+to automate installing updates.
+The server can be started manually with
+<PRE>
+rcDCC start
+</PRE>
+<LI><P>The script
+<A NAME=cleaning HREF="misc/cron-dccd.in">@libexecdir@/cron-dccd</A>
+<EM>must</EM> be used to run
+<A HREF="dbclean.html">dbclean</A> about once a day.
+An entry like <A HREF="misc/crontab.in">misc/crontab</A> can be put into
+the crontab file for the user that runs dccd.
+If you have more than one DCC server,
+stagger the times at which the cron job is run so
+that not all of your servers are simultaneously busy cleaning databases.
+<LI><P>Install the shutdown script
+<A HREF="misc/rcDCC.in">@libexecdir@/rcDCC</A>
+to shut down the DCC server as the operating system stops.
+If the DCC server fails to close the database cleanly,
+the database must be cleaned by the server with it starts.
+That takes time.
+</UL>
+<P><LI><H3><A NAME="step-flooding">Configure Flooding</A></H3>
+<A HREF="#step-greylist">Skip to the next step</A>
+if only remote DCC servers will be used.
+<P>
+Flooding requires that every server participating in a network of DCC
+servers have a unique server-ID.
+Server-IDs can be obtained by contacting Vernon Schryver
+<A HREF="mailto:vjs@rhyolite.com">vjs@rhyolite.com</A> by email
+or via a
+<A HREF="http://www.rhyolite.com/cgi-bin/ct.cgi?sb=DCC+server-ID">web
+form</A>.
+<P>
+After you have an official server-ID,
+<UL>
+<LI>Obtain the <A HREF="dccd.html#FILE-flod">passwd-ID</A> and its password
+and add them to your <A HREF="homedir/ids">@prefix@/ids file</A>.
+<LI>If necessary adjust your firewalls to allow both incoming TCP connections
+to port 6277 on your DCC server and outgoing TCP connections to port 6277
+on your flooding peer.
+<LI>Add a line for each flooding peer to
+the <A HREF="dccd.html#FILE-flod">@prefix@/flod</A> file.
+<LI>Wait a few minutes for dccd to notice the change to the file
+and start flooding.
+The <A HREF="cdcc.html#OPERATION-stats">cdcc&nbsp;stats</A>,
+<A HREF="cdcc.html#OPERATION-flood-list">cdcc&nbsp;"id&nbsp;X;&nbsp;flood list"</A>
+and
+<A HREF="dblist.html#OPTION-H">@libexecdir@/dblist&nbsp;-Hv</A>
+commands can be used to monitor the floods of reports of checksums
+of bulk mail.
+</UL>
+<P>
+Flooded reports of bulk email contain timestamps that are used for several
+things including expiring old reports.
+To accurately detect stale incoming reports,
+a DCC server needs a clock that is not too inaccurate.
+For that reason it is good to run an NTP daemon on systems running DCC servers.
+<P><LI><H3><A NAME="step-greylist">Configure Greylisting</A></H3>
+<B>Skip</B> to the <A HREF="#step-start-dccm">next step</A>
+if greylisting will not be used.
+Greylist is very effective.
+See this
+<A HREF="http://www.dcc-servers.net/dcc/greylist.html">description</A>.
+<P>
+Larger sites can use more than one greylist server,
+with the greylist servers flooding data just like DCC servers.
+<P>
+To configure greylisting:
+<OL>
+<LI><H4>Assign greylist client- and server-IDs</H4>
+<P>Client-IDs and matching passwords must be used by clients of
+greylist servers such as dccm and dccifd.
+The client-IDs must be in the @prefix@/map file on the client system.
+Greylist client- and server-IDs must be in the
+<A HREF="homedir/ids">@prefix@/ids</A> file on the
+greylist server.
+When a system hosts both DCC and greylist servers, it is convenient
+for clients to use the same client-ID and password for both.
+It is also convenient for a greylist server and a DCC server on a system
+to share a common server-ID and password.
+<P>
+The vast majority of installations, which do not have local DCC servers,
+can use the greylist server-ID generated by the makefiles in the
+<A HREF="homedir/ids">@prefix@/ids</A> file.
+<P><LI><H4>Add the greylist server to @prefix@/map</H4>
+<P>If the
+cdcc&nbsp;"<A HREF="cdcc.html#OPERATION-info">info</A>"
+command does not show the correct greylist server,
+add it with something like
+<PRE>
+cdcc "<A HREF="cdcc.html#OPERATION-add">add localhost greylist 32768 secret"</A>
+</PRE>
+The DCC makefile files add a greylist server at localhost or 127.0.0.1
+to <A HREF="cdcc.html#FILES">@prefix@/map</A> file created for a new
+DCC installation.
+<P><LI><H4>Set @prefix@/dcc_conf</H4>
+In most installations, enable a local greylist server by
+installing the script <A HREF="misc/rcDCC.in">@libexecdir@/rcDCC</A>
+with a symbolic link,
+setting  <EM>GREY_ENABLE=on</EM> in @prefix@/dcc_conf
+and then running
+<PRE>
+<A HREF="misc/rcDCC.in">@libexecdir@/rcDCC</A> start
+</PRE>
+<P>If absolutely necessary, override the greylist
+<A HREF="dccd.html#OPTION-G">embargo, wait, and white</A> values
+in GREY_DCCD_ARGS in @prefix@/dcc_conf.
+Usually simply set GREY_CLIENT_ARGS=on
+<P><LI><H4>Set @prefix@/grey_flod</H4>
+<P>
+Sites with more than one greylist server should arrange to flood
+data among them by adding lines to
+<A HREF="dccd.html#FILE-grey_flod">@prefix@/grey_flod</A> files
+in the same format as
+<A HREF="dccd.html#FILE-flod">@prefix@/flod</A> files.
+Flooding among greylist servers uses port 6276 by default, and so that
+port may need to be opened in firewalls.
+<P><LI><H4>Set cron job</H4>
+<P>
+Install a daily cron job like
+<A HREF="misc/crontab.in">misc/crontab</A>
+and
+<A HREF="misc/cron-dccd.in">@libexecdir@/cron-dccd</A>
+to clean the database.
+<P>
+<P><LI><H4>Whitelist Mail Submission Clients</H4>
+<P>
+Greylisting of local mail systems must be turned off because common
+mail user agents (MUAs) cannot handle temporary rejections.
+One way to turn off greylisting of local client is with <EM>submit</EM> lines
+in the main <A HREF="homedir/whiteclnt">whiteclnt</A> file
+as described <A HREF="#whitelist">above</A>.
+<P>
+An alternative to whitelisting mail submission clients is available with
+<A HREF="dccm.html">dccm</A> and sendmail by using the
+<A HREF="misc/hackmc">misc/hackmc&nbsp;-T</A>
+script to modify sendmail.cf to trust SMTP clients authenticated with
+SMTP-TLS or SMTP-AUTH.
+</OL>
+<P><LI><H3><A NAME="step-start-dccm">Start dccm</A></H3>
+If the DCC-sendmail interface, dccm, is not used,
+<B>skip</B> to the <A HREF="#step-start-dccifd">next step</A>.
+<P>
+The DCC sendmail milter interface <A HREF="dccm.html">dccm</A>
+should be started before sendmail.
+That often requires changing an /etc/rc script or configuration file.
+The script <A HREF="misc/rcDCC.in">@libexecdir@/rcDCC</A>
+should be installed, best with a symbolic link.
+The milter daemon can be started manually with
+<PRE>
+rcDCC start
+</PRE>
+<P><LI><H3><A NAME="step-start-dccifd">Start dccifd</A></H3>
+If the general MTA interface, dccifd, is not used,
+<B>skip</B> to the <A HREF="#configure-dccproc">next step</A>.
+If you are using SpamAssassin, then you almost certainly
+should be using dccifd.
+<P>
+The general MTA interface <A HREF="dccifd.html">dccifd</A>
+should usually be started before the mail transfer agent or MTA.
+It should be enabled by setting <EM>DCCIFD_ENABLE=on</EM>
+in <A HREF="homedir/dcc_conf.in">dcc_conf</A>.
+It is also usually necessary to change an /etc/rc script or configuration file
+to start and stop the daemon with the system.
+The script <A HREF="misc/rcDCC.in">@libexecdir@/rcDCC</A>
+should be installed, best with a symbolic link.
+The daemon can be started manually with
+<PRE>
+rcDCC start
+</PRE>
+<P>
+Dccifd can be used as a
+<A HREF="http://www.postfix.org/SMTPD_PROXY_README.html">Postfix Before-Queue
+Content filter</A>
+as described the
+<A HREF="dccifd.html#EXAMPLES">dccifd documentation</A>.
+<P><LI><H3><A NAME="configure-dccproc">Configure Uses of dccproc</A></H3>
+If dccproc is used with procmail,
+add rules to procmailrc files as described in the
+<A HREF="dccproc.html#EXAMPLES">dccproc man page</A>.
+<P><LI><H3>Adjust Rejection Thresholds</H3>
+<P>It is best to only mark mail with X-DCC SMTP headers
+before changing procmail or dccm to reject mail.
+Configure dccm with DCCM_LOG_AT in <A HREF="homedir/dcc_conf.in">dcc_conf</A>
+to log bulk mail with somewhat lower counts.
+<P><LI><H3>Additional Considerations</H3>
+<P>Some additional mechanisms are available in the DCC client programs.
+They are often unnecessary when
+<A HREF="#step-greylist">greylisting</A> is used.
+<UL>
+<LI><A HREF="dccm.html#OPTION-B">DNS blacklists (DNSBL)</A>
+can reject messages containing "spamvertised" URLs.
+<LI><A HREF="dccm.html#OPTION-t">DCC reputations</A>
+are available in the commercial version of the DCC source.
+</UL>
+<P>
+When possible, it is almost always better to use dccifd than dccproc.
+This is certainly true with SpamAssassin.
+<P><LI><H3>Update As Needed</H3>
+<P>New versions released at the
+<A HREF="http://www.dcc-servers.net/dcc/">usual place</A>
+can be installed by running the
+<A HREF="misc/updatedcc.in">@libexecdir@/updatedcc</A> script.
+That script is (re)built by the
+<EM>./configure</EM> script
+and runs <EM>./configure</EM> with parameters and
+environment variables from the previous installation.
+<P><LI><H3>Remove or Uninstall</H3>
+<P>Most of the DCC can be removed by running
+<A HREF="misc/uninstalldcc.in">@libexecdir@/uninstalldcc</A> script.
+Some logs and configuration files with locally chosen parameters in the home
+directory are not deleted.
+Manual changes such as links to
+<A HREF="misc/rcDCC.in">@libexecdir@/rcDCC</A>
+or the installation of the cron job,
+<A HREF="misc/cron-dccd.in">@libexecdir@/cron-dccd</A>,
+are not reversed.
+</OL>
+<H2>Installation Parameters</H2>
+<P>There are several installation configuration parameters that can
+set to suit individual preferences and systems.
+<P>
+<TABLE class=centered border="1" cellpadding="2%"  frame=void rules=rows
+summary="table of makefile and configure script controls">
+<CAPTION><A NAME="envtbl">
+<B>Makefile and <EM>./configure</EM> Script Controls
+<BR>Do NOT set these parameters unless absolutely necessary.</B></A>
+</CAPTION>
+<TR><TH><EM>./configure</EM> option
+<TH>env name or <br>make variable
+<TH>used by
+<TH>default value
+<TH>use
+<TR><TD class=env><A NAME="envtbl--homedir">--homedir=HOMEDIR</A>
+<TD>&nbsp;
+<TD><EM>./configure</EM>
+<TD>@prefix@/
+<TD>DCC home directory with most DCC files
+<TR><TD class=env><A NAME="envtbl--libexecdir">--libexecdir=DIR</A>
+<TD>&nbsp;
+<TD><EM>./configure</EM>
+<TD><A HREF="#envtbl--homedir">--homedir</A>/libexec
+<TD>directory containing most DCC programs
+<TR><TD class=env><A NAME="envtbl--bindir">--bindir</A>=DIR
+<TD>&nbsp;
+<TD><EM>./configure</EM>
+<TD>/usr/local/bin
+<TD>installation directory for DCC user commands including cdcc and
+dccproc<SUP>3</SUP>
+<TR><TD class=env>--mandir=DIR
+<TD>&nbsp
+<TD><EM>./configure</EM>
+<TD>/usr/local/man
+<TD>installation directory for man pages<SUP>3</SUP>
+<TR><TD class=env>&nbsp;
+<TD class=conf>NOMAN<SUP>1</SUP>
+<TD>make
+<TD>(unset)
+<TD>do not install man pages when set<SUP>3</SUP>
+<TR><TD class=env><A NAME="envtbl--installroot">--with-installroot=DIR</A>
+<TD>&nbsp;
+<TD><EM>./configure</EM>
+<TD>(unset)
+<TD>prefix all installation directory paths to build a binary tarball
+<TR><TD class=env><A NAME="envtbl--configsuffix">--with-configsuffix=str</A>
+<TD>&nbsp;
+<TD><EM>./configure</EM>
+<TD>(unset)
+<TD>append <EM>str</EM> to generated configuration file names
+<TR><TD class=env><A NAME="envtbl--with-uid">--with-uid=UID</A>
+<TD>&nbsp;
+<TD><EM>./configure</EM>
+<TD>root
+<TD>user name and set-UID for DCC programs and data
+<TR><TD class=env>&nbsp;
+<TD class=conf><A NAME="envtbl-DCC_OWN">DCC_OWN</A><SUP>1</SUP>
+<TD>make
+<TD>bin, daemon on OS X, or current
+<TD>owner or UID of most installed files<SUP>3</SUP>
+<TR><TD class=env>&nbsp;
+<TD class=conf><A NAME="envtbl-DCC_GRP">DCC_GRP</A><SUP>1</SUP>
+<TD>make
+<TD>bin, daemon on OS X, or current
+<TD>group of most installed files<SUP>3</SUP>
+<TR><TD class=env>&nbsp;
+<TD class=conf>DCC_MODE<SUP>1</SUP>
+<TD>make
+<TD>555
+<TD>mode of most installed programs
+<TR><TD class=env>&nbsp;
+<TD class=conf>MANOWN<SUP>1</SUP>
+<TD>make
+<TD><A HREF="#envtbl-DCC_OWN">DCC_OWN</A>
+or current
+<TD>owner or UID of installed man pages<SUP>3</SUP>
+<TR><TD class=env>&nbsp;
+<TD class=conf>MANGRP<SUP>1</SUP>
+<TD>make
+<TD><A HREF="#envtbl-DCC_GRP">DCC_GRP</A>
+or current
+<TD>group of installed man pages<SUP>3</SUP>
+<TR><TD class=env><A NAME="envtbl--disable-sys-inst">--disable-sys-inst</A>
+<TD>&nbsp;
+<TD><EM>./configure</EM>
+<TD>enabled
+<TD>disable system installation or chmod, chgrp, and set-UID<SUP>3</SUP>
+<TR><TD class=env><A NAME="envtbl--disable-server">--disable-server</A>
+<TD>&nbsp;
+<TD><EM>./configure</EM>
+<TD>build but do not start
+<TD>do not build server including dbclean and dccd
+<TR><TD class=env><A NAME="envtbl--disable-dccifd">--disable-dccifd</A>
+<TD>&nbsp;
+<TD><EM>./configure</EM>
+<TD>build but do not start
+<TD>do not build program interface
+<TR><TD class=env><A NAME="envtbl--disable-dccm">--disable-dccm</A>
+<TD>&nbsp;
+<TD><EM>./configure</EM>
+<TD>build but do not start
+<TD>do not build sendmail interface
+<TR><TD class=env><A NAME="envtbl--with-sendmail">--with-sendmail=DIR</A>
+<TD>&nbsp;
+<TD><EM>./configure</EM>
+<TD>../sendmail or /usr/ports/mail/...
+<TD>directory containing sendmail milter header files
+<TR><TD class=env><A NAME="envtbl--cgibin">--with-cgibin</A>=DIR
+<TD>&nbsp;
+<TD><EM>./configure</EM>
+<TD><A HREF="#envtbl--homedir">--homedir</A>/cgi-bin
+<TD>directory for DCC whitelist <A HREF="cgi-bin/">CGI scripts</A>
+<TR><TD class=env>--with-rundir=DIR
+<TD>&nbsp;
+<TD><EM>./configure</EM>
+<TD>@dcc_rundir@
+<TD>"run" directory for PIDs and sockets
+<TR><TD class=env>&nbsp;
+<TD class=conf>CFLAGS<SUP>1</SUP>
+<TD>make & <EM>./configure</EM>
+<TD>&nbsp;
+<TD>global compiler options such as -g or -O2
+<TR><TD class=env>&nbsp;
+<TD class=conf>DCC_CFLAGS<SUP>2</SUP>
+<TD><EM>./configure</EM>
+<TD>depends on target
+<TD>global compiler options
+<TR><TD class=env>&nbsp;
+<TD class=conf>PTHREAD_CFLAGS<SUP>2</SUP>
+<TD><EM>./configure</EM>
+<TD>depends on target
+<TD>compiler options for compiling dccm and dccifd with pthreads
+<TR><TD class=env>&nbsp;
+<TD class=conf>LDFLAGS<SUP>1</SUP>
+<TD>make & <EM>./configure</EM>
+<TD>&nbsp;
+<TD>global linker options
+<TR><TD class=env>&nbsp;
+<TD class=conf><A NAME="envtbl-DCC_LDFLAGS">DCC_LDFLAGS</A><SUP>2</SUP>
+<TD><EM>./configure</EM>
+<TD>depends on target
+<TD>global linker options
+<TR><TD class=env>&nbsp;
+<TD class=conf>PTHREAD_LDFLAGS<SUP>2</SUP>
+<TD><EM>./configure</EM>
+<TD>depends on target
+<TD>linker options for dccm and dccifd
+<TR><TD class=env>&nbsp;
+<TD class=conf><A NAME="envtbl-LIBS">LIBS</A><SUP>2</SUP>
+<TD><EM>./configure</EM>
+<TD>&nbsp;
+<TD>additional libraries linked with all programs
+<TR><TD class=env>&nbsp;
+<TD class=conf>PTHREAD_LIBS<SUP>2</SUP>
+<TD><EM>./configure</EM>
+<TD>depends on target
+<TD>libraries for dccm and dccifd
+<TR><TD class=env>&nbsp;
+<TD class=conf>CC
+<TD>make & <EM>./configure</EM>
+<TD>cc
+<TD>C compiler such as "gcc" or "/opt/SUNWspro/SC6.1/bin/cc"
+<TR><TD class=env>&nbsp;
+<TD class=conf>INSTALL<SUP>1</SUP>
+<TD>make
+<TD><A HREF="autoconf/install-sh">./autoconf/install-sh</A>
+<TD>installation script
+<TR><TD class=env>&nbsp;
+<TD class=conf>DCCD_MAX_FLOODS<SUP>1</SUP>
+<TD>make
+<TD>32
+<TD>maximum DCC server flooding peers
+<TR><TD class=env><A NAME="envtbl--with-db-memory">--with-db-memory=MB</A>
+<TD>&nbsp;
+<TD><EM>./configure</EM>
+<TD>64
+<TD>minimum server database buffer size between 32 MBytes and 49152 MBytes
+<!-- DB_MIN_MBYTE -->
+<TR><TD class=env><A NAME="envtbl--with-max-db-mem">--with-max-db-mem=MB</A>
+<TD>&nbsp;
+<TD><EM>./configure</EM>
+<TD>1920 <!--DB_MAX_2G_MBYTE--> on 32-bit systems
+<BR>49152 <!--MAX_MAX_DB_MBYTE--> on 64-bit systems
+<TD>maximum server database buffer size
+<!-- DB_MAX_MBYTE -->
+<TR><TD class=env><A NAME="envtbl--with-max-log-size">--with-max-log-size=KB</A>
+<TD>&nbsp;
+<TD><EM>./configure</EM>
+<TD>32
+<TD>maximum dccifd and dccm log file size in KBytes; 0=no limit
+<TR><TD class=env><A NAME="envtbl--disable-IPv6">--without-IPv6</A>
+<TD>&nbsp;
+<TD><EM>./configure</EM>
+<TD>IPV6 on if supported
+<TD>turn off IPv6 support
+<TR><TD class=env><A NAME="envtbl--with-socks">--with-socks[=lib]</A>
+<TD>&nbsp;
+<TD><EM>./configure</EM>
+<TD>none
+<TD>location of <A HREF="#SOCKS">SOCKS</A> client library
+<TR><TD class=env><A NAME="envtbl--64bits">--enable-64-bits</A>
+<TD>&nbsp;
+<TD><EM>./configure</EM>
+<TD>correct value on most systems
+<BR>32 bits Solaris and Linux PowerPC
+<TD>use MD5 code in DCC source instead of any local library
+<TR><TD class=env><A NAME="envtbl--with-DCC-MD5">--with-DCC-MD5</A>
+<TD>&nbsp;
+<TD><EM>./configure</EM>
+<TD>local library if available;
+<TD>use MD5 code in DCC source instead of any local library
+<TR><TD class=env><A NAME="envtbl--with-kludge">--with-kludge=FILE</A>
+<TD>&nbsp;
+<TD><EM>./configure</EM>
+<TD>none
+<TD>include header FILE, best with an absolute path
+<TR><TD class=env><A NAME="envtbl--fetch-cmd">--with-fetch-cmd=pgm</A>
+<TD>&nbsp;
+<TD><EM>./configure</EM>
+<TD>wget, fetch, curl, or ftp
+<TD>program used by
+<A HREF="misc/updatedcc.in">@libexecdir@/updatedcc</A>,
+and other utilities to fetch files
+<TR><TD>&nbsp;
+</TABLE>
+<DL class=small>
+<DT>Note<SUP>1</SUP>
+<DD>These values are not built into the Makefiles by the
+<EM>./configure</EM> script but their current values in the environment
+are used by the script and the Makefiles.
+<DT>Note<SUP>2</SUP>
+<DD>These values are copied by the <EM>./configure</EM> script from the
+environment into the generated Makefiles.
+<DT>Note<SUP>3</SUP>
+<DD>When <A HREF="#envtbl--disable-sys-inst">--disable-sys-inst</A>
+is specified, the current UID and GID become the defaults,
+and the man pages are not installed.
+If the <EM>./configure</EM> script is not run as root,
+<A HREF="dccproc.html">dccproc</A>, <A HREF="cdcc.html">cdcc</A>,
+and <A HREF="dccsight.html">dccsight</A> are not installed set-UID.
+It is usually also necessary to set
+<A HREF="#envtbl--bindir">--bindir</A> to a private directory such
+as $HOME/bin.
+</DL>
+<H2><A NAME="Compatibility">Compatibility</A></H2>
+<P>DCC is thought to work on several systems including:
+<DL class=compat>
+<DT>BSDI BSD/OS
+<DD>DCC works starting with version 3.0 of BSD/OS.
+<DT>FreeBSD
+<DD>The works starting with at least version 4.0 of FreeBSD.
+<DT>NetBSD
+<DD>The DCC should work starting with at least 1.4.2 without threads
+and so with dccd, dccproc, and all of DCC except the part that uses
+threads, dccm.
+Dccm is available if you point PTHREAD_LIBS, PTHREAD_CFLAGS, and
+PTHREAD_LDFLAGS to the optional threads package.
+<DT>OpenBSD
+<DD>DCC works starting with at least 2.9 despite lame
+the lame mmap() implementation.
+<DT>Linux
+<DD>DCC works starting with at least RedHat 5.2.
+<P>
+On 64-bit PowerPC systems with more than 4 GBytes,
+use <EM>./configure --with-64-bits</EM> to build a DCC server that can
+benefit from a full sized database.
+A 64-bit sendmail milter library will be needed if
+<A HREF="dccm.html">Dccm</A> is used
+<DT>AIX
+<DD>DCC on 4.1.PPC has been tried but not well tested.
+Rumor has it that the 4.1.PPC pthreads code does not work
+with the sendmail milter library and dccm, but the rest of
+DCC does work.
+<DT>Solaris
+<DD>DCC compiles on several versions of Solaris with gcc or
+native C compiler by setting the environment variable CC appropriately.
+<EM>You must install gmake</EM>.
+<EM>Do not</EM> use "CFLAGS=-fast" with the native compiler.
+<P>
+While building the sendmail milter library, consider using
+<EM>_FFR_USE_POLL</EM> to avoid problems with large file descriptors
+and select().
+<P>
+On 64-bit systems with more than 4 GBytes,
+use <EM>./configure --with-64-bits</EM> to build a DCC server that can
+benefit from a full sized database.
+A 64-bit sendmail milter library will be needed if
+<A HREF="dccm.html">Dccm</A> is used
+<DT>HP-UX
+<DD>DCC compiles on versions of HP-UX starting with 11.00.
+It requires gmake.  Dccproc and dccm work.
+Dccifd does not work with UNIX domain sockets because select() and
+poll() do not notice the results of shutdown().
+Dccifd does work with TCP/IP connections to MTAs or spam filters.
+<BR>
+Dccproc should work on version 10.20, since it does not use pthreads.
+<DT>IRIX
+<DD>DCC compiles on IRIX 6.5.
+It requires gmake.
+<DT>OSF1
+<DD>DCC compiles on OSF1 V5.0 with gmake.
+<DT>OpenUNIX
+<DD>DCC compiles on OpenUNIX 8.0.1.
+<DT>Mac OS/X
+<DD>DCC compiles on at least some versions of Apple's OS/X.
+<DT>Windows
+<DD>The DCC client dccproc compiles and works on at least some versions of
+Windows 98 and Windows XP with Borland's free SDK
+and with Microsoft's SDK.
+See the <A HREF="win32.mak">main Makefile</A> for Windows.
+</DL>
+<P>
+<SMALL>Those system names include trademarks.  Please don't abuse them.</SMALL>
+<H2><A NAME="Troubleshooting">Troubleshooting</A></H2>
+<P>
+Much of the DCC <A HREF=FAQ.html>list of frequently asked questions</A>
+concerns troubleshooting DCC installations.
+Many of the messages in the archive of the
+<A HREF="http://www.rhyolite.com/pipermail/dcc/">DCC mailing list</A>
+are also troubleshooting questions and answers.
+<H2><A NAME="spam-traps"></A><A NAME="spamtraps">Spam Traps</A></H2>
+<P><A HREF="dccm.html">Dccm</A> and sendmail can be configured to
+report the checksums of unsolicited bulk mail so that other DCC clients
+can reject later copies of the same unsolicited bulk mail
+sent from other sources.
+Such mechanisms are commonly called <EM>spam traps</EM>.
+<P>Entries in a sendmail access_db can also be rejected or discarded
+while they are reported to the DCC server by dccm.
+The script
+<A HREF="misc/hackmc">misc/hackmc</A> modifies the output of
+sendmail .mc files to tell dccm about some undesirable mail.
+The script accepts one or more .mc files and generates the corresponding
+slightly modified .cf files.
+If the access_db entry starts with the string "DCC:",
+the message is reported by dccm to the DCC server as extremely bulky.
+Otherwise the message is rejected as usual.
+The remainder of the the access_db entry after "DCC:" consists of
+the optional string "DISCARD" followed by an optional SMTP status message.
+If the string "DISCARD" is present, the message is discarded instead of
+rejected.  This is important to keep senders of unsolicited bulk mail from
+discovering and removing "spam trap" addresses from their target lists.
+<P>For example, a line like the following in an access_db can
+discard all mail from example.com while reporting it to the DCC server
+as extremely bulky.
+Note the quotes (").
+<PRE>
+example.com     DCC: "DISCARD spam"
+</PRE>
+<P>It is also possible to route mail from a spam trap address to
+dccproc as described in the
+<A HREF="dccproc.html#EXAMPLES">dccproc man page</A>
+<H2><A NAME="SOCKS">SOCKS</A></H2>
+<P>The DCC client and server programs can be built to use the SOCKS
+protocol.
+The
+<A HREF="#envtbl--with-socks">--with-socks</A>
+<EM>./configure</EM> parameter
+configures the DCC client library and the DCC server
+to use common SOCKS network library functions.
+If the SOCKS library is in a standard place,
+something like <A HREF="#envtbl--with-socks">--with-socks=socks</A>
+should be sufficient.
+Setting the environment variable
+<A HREF="#envtbl-DCC_LDFLAGS">DCC_LDFLAGS</A> to something
+like <Em>-L/usr/local/lib</Em> is sometimes helpful.
+Otherwise, using <A HREF="#envtbl--with-socks">--with-socks</A>
+without specifying the library name and setting <A HREF="#envtbl-LIBS">LIBS</A>
+to the full pathname of the library
+might work.
+<P>
+DCC client programs
+including dccproc and dccm that use the DCC client library
+must be told to use the SOCKS5 protocol with the
+<A HREF="cdcc.html#OPERATION-SOCKS">SOCKS&nbsp;on</A>
+operation of
+<A HREF="cdcc.html">cdcc</A>.
+SOCKS5 is required instead of SOCKS4
+because DCC clients communicate with DCC servers using UDP.
+<P>
+DCC servers can use SOCKS4 or SOCKS5 when exchanging
+floods of reports of checksums.
+Links between individual pairs of peers are configured with the
+<Em>passive</Em> and <Em>SOCKS</Em> flags in the flod file described
+in the <A HREF="dccd.html#FILE-flod">dccd</A> man page.
+In both cases, the SOCKS library code must be configured, often
+in the files /etc/socks.conf and /etc/socksd.conf.
+<P>
+When the DCC software is built with SOCKS,
+IPv6 name resolution is turned off.
+<P>
+The DCC server and client programs have been tested with the
+<A HREF="http://www.inet.no/dante/">DANTE</A> library and server.
+The DANTE SOCKS implementation is also one of the FreeBSD "ports"
+or packages.
+<P>
+Note that if a connection fails repeatedly, Dante will disable the rule
+that failed and will eventually try the underlying connect()
+call.
+This fails in almost every SOCKS environment because there is
+no available route for an ordinary connect().
+Dante by default won't re-enable the failing rule.
+To fix this, change BADROUTE_EXPIRE from the default of <EM>0*60</EM>
+to <EM>5</EM> in include/config.h in the Dante source and recompile.
+<P class=small>
+This document describes DCC version 1.3.103.
+<P>
+<A HREF="http://www.dcc-servers.net/dcc/">
+<IMG SRC="http://logos.dcc-servers.net/border.png"
+class=logo ALT="DCC logo">
+</A>
+<A HREF="http://validator.w3.org/check?uri=referer">
+<IMG class=logo ALT="Valid HTML 4.01 Strict"
+SRC="http://www.w3.org/Icons/valid-html401">
+</A>
+</BODY>
+</HTML>
+<!--  LocalWords:  dccproc libmilter pthreads procmail dccm dccd dcc libmilter
+-->
+<!--  LocalWords:  homedir dbclean whitelist setenv nbsp Solaris crontab Linux
+-->
+<!--  LocalWords:  gmake FreeBSD NetBSD CFLAGS PTHREAD LDFLAGS LIBS HPUX IDs DT
+-->
+<!--  LocalWords:  cdcc DL DD ids var RTT TD TR dccifd greylist MTA
+-->
+<!--  LocalWords:  whitelisting
+-->

Mercurial > notdcc

comparison INSTALL.html.in @ 0:c7f6b056b673