notdcc: dccd.8.in comparison

comparison dccd.8.in @ 0:c7f6b056b673

First import of vendor version

author	Peter Gervai <grin@grin.hu>
date	Tue, 10 Mar 2009 13:49:58 +0100
parents
children

comparison

equal deleted inserted replaced

--1:000000000000
+:c7f6b056b673
+.\" Copyright (c) 2008 by Rhyolite Software, LLC
+.\"
+.\" This agreement is not applicable to any entity which sells anti-spam
+.\" solutions to others or provides an anti-spam solution as part of a
+.\" security solution sold to other entities, or to a private network
+.\" which employs the DCC or uses data provided by operation of the DCC
+.\" but does not provide corresponding data to other users.
+.\"
+.\" Permission to use, copy, modify, and distribute this software without
+.\" changes for any purpose with or without fee is hereby granted, provided
+.\" that the above copyright notice and this permission notice appear in all
+.\" copies and any distributed versions or copies are either unchanged
+.\" or not called anything similar to "DCC" or "Distributed Checksum
+.\" Clearinghouse".
+.\"
+.\" Parties not eligible to receive a license under this agreement can
+.\" obtain a commercial license to use DCC by contacting Rhyolite Software
+.\" at sales@rhyolite.com.
+.\"
+.\" A commercial license would be for Distributed Checksum and Reputation
+.\" Clearinghouse software.  That software includes additional features.  This
+.\" free license for Distributed ChecksumClearinghouse Software does not in any
+.\" way grant permision to use Distributed Checksum and Reputation Clearinghouse
+.\" software
+.\"
+.\" THE SOFTWARE IS PROVIDED "AS IS" AND RHYOLITE SOFTWARE, LLC DISCLAIMS ALL
+.\" WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
+.\" OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL RHYOLITE SOFTWARE, LLC
+.\" BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES
+.\" OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS,
+.\" WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION,
+.\" ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
+.\" SOFTWARE.
+.\"
+.\" Rhyolite Software DCC 1.3.103-1.143 $Revision$
+.\"
+.Dd February 26, 2009
+.ds volume-ds-DCC Distributed Checksum Clearinghouse
+.Dt dccd 8 DCC
+.Os " "
+.Sh NAME
+.Nm dccd
+.Nd Distributed Checksum Clearinghouse Daemon
+.Sh SYNOPSIS
+.Bk -words
+.Nm dccd
+.Op Fl 64dVbfFQ
+.Fl i Ar server-ID
+.Op Fl n Ar brand
+.Op Fl h Ar homedir
+.Fl I Xo
+.Sm off
+.Op Ar host-ID
+.Op Ar ,user
+.Sm on
+.Xc
+.br
+.Oo
+.Fl a Xo
+.Sm off
+.Op Ar server-addr
+.Op Ar ,server-port
+.Xc
+.Sm on
+.Oc
+.Op Fl q Ar qsize
+.br
+.Oo
+.Fl G Xo
+.Sm off
+.Op Ar on,
+.Op Ar weak-body,
+.Op Ar weak-IP,
+.Op Ar embargo
+.Op Ar ,window
+.Op Ar ,white
+.Xc
+.Sm on
+.Oc
+.br
+.Oo
+.Fl W Xo
+.Sm off
+.Op Ar rate
+.Op Ar ,chg
+.Op Ar ,dbsize
+.Sm on
+.Xc
+.Oc
+.Oo
+.Fl K Xo
+.Sm off
+.Op Ar no-
+.Ar type
+.Sm on
+.Xc
+.Oc
+.Op Fl T Ar tracemode
+.Op Fl u Ar anon-delay Ns Op Ar *inflate
+.Op Fl C Ar dbclean
+.Op Fl L Ar ltype,facility.level
+.br
+.Oo
+.Fl R Xo
+.Sm off
+.Op Ar RL_SUB ,
+.Op Ar RL_ANON ,
+.Op Ar RL_ALL_ANON ,
+.Op Ar RL_BUGS
+.Xc
+.Sm on
+.Oc
+.Ek
+.Sh DESCRIPTION
+.Nm Dccd
+receives reports of checksums related to mail received by DCC clients
+and queries about the total number of reports of particular checksums.
+A DCC server never receives
+mail, address, headers, or other information from clients, but only
+cryptographically secure checksums of such information.
+A DCC server cannot determine the text or other information that corresponds
+to the checksums it receives.
+It only acts as a clearinghouse of total counts of checksums
+computed by clients.
+.Pp
+Each DCC server or close cluster of DCC servers is identified by a numeric
+.Ar server-ID .
+Each DCC client is identified by a
+.Ar client-ID ,
+either explicitly listed in the
+.Pa ids
+file or
+the special anonymous client-ID.
+Many computers are expected to share a single
+.Ar client-ID .
+A
+.Ar server-ID
+is less than 32768 while a
+.Ar client-ID
+is between 32768 and 16777215.
+DCC server-IDs need be known only to DCC servers and the people running
+them.
+The passwords associated with DCC server-IDs should be protected,
+because DCC servers listen to commands authenticated with server-IDs
+and their associated passwords.
+Each client that does not use the anonymous ID must know the client-ID
+and password used by each of its servers.
+A single client computer can use different passwords with different
+server computers.
+See the
+.Pa ids
+file.
+.Pp
+A whitelist of known good (or bad) sources of email prevents
+legitimate mailing lists from being seen as unsolicited bulk email
+by DCC clients.
+The whitelist used by a DCC server is built into
+the database when old entries are removed by
+.Xr dbclean 8 .
+Each DCC client has its own, local whitelist, and in general,
+whitelists work better in DCC clients than servers.
+.Pp
+The effectiveness of a Distributed Checksum Clearinghouse
+increases as the number of subscribers increases.
+Flooding reports of checksums among DCC servers increases
+the effective number of subscribers to each server.
+Each
+.Nm
+daemon tries to maintain TCP/IP connections to the other servers
+listed in the
+.Pa flod
+file, and send them reports containing checksums with total
+counts exceeding thresholds.
+Changes in the
+.Pa flod
+file are noticed automatically within minutes.
+.Pp
+Controls on report flooding are specified in the
+.Pa flod
+file.
+Each line specifies a hostname and port number to which reports
+should be flooded,
+a server-ID to identify and authenticate the output stream,
+a server-ID to identify and authenticate an input stream from the
+same server,
+and flags with each ID.
+The ability to delete reports of checksums is handy, but could
+be abused.
+If
+.Ar del
+is not present among the
+.Ar in-opts
+options for the incoming ID,
+incoming delete requests are logged and then ignored.
+Floods from DCC "brands" that count only mail to
+spam traps and whose servers use the
+.Fl Q
+option to count extremely bulk mail
+should be marked with
+.Ar traps .
+They can be seen as counting millions of targets, so the
+.Ar traps
+flag on their
+.Pa flod
+file entry changes their incoming flooded reports counts to
+.Em many.
+.Pp
+.Nm Dccd
+automatically checks its
+.Pa flod
+and
+.Pa ids
+files periodically.
+.Xr Cdcc 8
+has the commands
+.Ic new ids
+and
+.Ic flood check
+to tell
+.Nm
+to check those two files immediately.
+Both files are also checked for changes after the SIGHUP signal.
+.Ss OPTIONS
+The following options are available:
+.Bl -tag -width 3n
+.It Fl 6
+enable IPv6.
+The default is equivalent to
+.Fl 4 .
+See also the IPv4 and IPv6 options in the
+.Pa flod
+file description below and the
+.Em IPv6 on
+.Xr cdcc 8
+command.
+.It Fl 4
+disable IPv6.
+See also
+.Fl 6 .
+.It Fl d
+enables debugging output.
+Additional
+.Fl d
+options increase the number of messages.
+.It Fl V
+displays the version of the DCC server daemon.
+.It Fl b
+causes the server to not detach itself from the controlling tty
+or put itself into the background.
+.It Fl F
+uses write() instead of mmap() in some cases to modify the DCC database.
+It is the default on Solaris.
+.It Fl f
+turns off
+.Fl F .
+.It Fl Q
+causes the server to treat reports of checksums as queries
+except from DCC clients marked trusted in the
+.Pa ids
+file with
+.Ar rpt-ok .
+See
+.Fl u
+to turn off access by anonymous or unauthenticated clients
+.It Fl i Ar server-ID
+specifies the ID of this DCC server.
+Each server identifies itself as responsible for checksums
+that it forwards to other servers.
+.It Fl n Ar brand
+is an arbitrary string of letters and numbers that
+identifies the organization running the DCC server.
+The brand is required, and appears in the SMTP
+.Em X-DCC
+headers generated by the DCC.
+.It Fl h Ar homedir
+overrides the default DCC home directory,
+.Pa @prefix@ .
+.It Fl I Xo
+.Sm off
+.Op Ar host-ID
+.Op Ar ,user
+.Sm on
+.Xc
+changes the server's globally unique identity for flooding
+from the default value
+consisting of the first 16 characters of the host name.
+or changes the UID and GID of the process
+.Ar Host-ID
+is a string of up to 16 characters that replaces the first
+16 characters of the system's hostname in assertions
+of the server-ID that are flooded to peers.
+.Ar User
+must be valid user name.
+.It Fl a Xo
+.Sm off
+.Op Ar server-addr
+.Op Ar ,server-port
+.Sm on
+.Xc
+adds an hostname or IP address to the list of local IP addresses
+that the server answers.
+Multiple
+.Fl a
+options can be used to specify a subset of the available network
+interfaces or to use more than one port number.
+The default without any
+.Fl a
+options is to listen on all local IP addresses.
+It can be useful to list some of the IP addresses of
+multi-homed hosts to deal with firewalls.
+By default
+.Ar server-port
+is 6277 for DCC servers and 6276 for Greylist servers.
+It is the UDP port at which DCC
+requests are received and the TCP port for incoming floods of reports.
+.Pp
+If
+.Ar server-addr
+is absent
+and if the
+.Xr getifaddrs 8
+function is supported,
+separate UDP sockets are bound to each configured network interface so
+that each DCC clients receives replies from the
+IP addresses to which corresponding request are sent.
+If
+.Nm
+is started before all network interfaces are turned on or
+there are interfaces that are turned on and off or change their addresses
+such as PPP interfaces,
+then the special string
+.Ar @
+should be used to tell
+.Nm
+to bind to an IN_ADDRANY UDP socket.
+.Pp
+Outgoing TCP connections to flood checksum reports to other DCC servers
+used the IP address of a single
+.Fl a
+option,
+but only if there is single option that is not localhost.
+See also the
+.Pa flod
+file.
+.It Fl q Ar qsize
+specifies the maximum size of the queue of requests from anonymous or
+unauthenticated clients.
+The default value is the maximum DCC RTT in seconds times 200 or 1000.
+.It Fl G Xo
+.Sm off
+.Op Ar on,
+.Op Ar weak-body,
+.Op Ar weak-IP,
+.Op Ar embargo
+.Op Ar ,window
+.Op Ar ,white
+.Xc
+.Sm on
+changes
+.Nm
+to a Greylist server for
+.Xr dccm 8
+or
+.Xr dccifd 8 .
+Greylisting consists of temporarily rejecting or embargoing mail from
+unfamiliar combinations of SMTP client IP address, SMTP envelope sender,
+and SMTP envelope recipient.
+If the SMTP client persists for
+.Ar embargo seconds
+and so is probably not an open proxy, worm-infected personal computer,
+or other transient source of spam, the triple of
+.Em (IP\ address,sender,recipient)
+is added to a database similar to the usual DCC database.
+If the SMTP client does not try again after
+.Ar embargo
+seconds and before
+.Ar window
+seconds after the first attempt,
+the triple is forgotten.
+If the SMTP client persists past the embargo,
+the triple is added to the database and becomes familiar
+and the message is accepted.
+Familiar triples are remembered for
+.Ar white
+seconds after the last accepted mail message.
+The triple is forgotten if it is ever associated with unsolicited bulk email.
+.Pp
+All three durations can be a number of minutes, hours, days, or
+weeks followed by
+.Ar MINUTES ,
+.Ar M ,
+.Ar HOURS ,
+.Ar H ,
+.Ar DAYS ,
+.Ar D ,
+.Ar WEEKS
+or
+.Ar W .
+The default is
+.Fl G Ar 270seconds,7days,63days .
+The first duration or the
+.Ar embargo
+should be longer than open proxies can linger retransmitting.
+The second
+.Ar window
+time should be as long as legitimate mail servers persist in retransmitting
+to recognize embargoed messages whose retransmissions were not
+received because of network or other problems.
+The
+.Ar white
+time should be long enough to recognize and not embargo messages from
+regular senders.
+.Pp
+Usually the DCC greylist system requires that an almost
+identical copy of the message be retransmitted during the
+.Ar embargo .
+If
+.Ar weak-body
+is present,
+any message with the same triple of sender IP address, sender mail
+address, and target mail address ends the embargo,
+even if the body of the message differs.
+.Pp
+If
+.Ar weak-IP
+is present,
+all mail from an SMTP client at an IP address is accept
+after any message from the same IP address has been accepted.
+.Pp
+Unlike DCC checksums, the contents of
+greylist databases are private and do not benefit from broad sharing.
+However, large installations can use more two or more greylist servers
+flooding triples among themselves.
+Flooding among greylist servers is controlled by the
+.Pa grey_flod
+file.
+.Pp
+All greylist cooperating or flooding greylist servers
+.Em must
+use the same
+.Fl G
+values.
+.Pp
+Clients of greylist servers cannot be anonymous and must have
+client-IDs and passwords assigned in the
+.Pa ids
+file.
+This implies that
+.Xr cdcc
+commands directed to greylist servers must specify the server-ID.
+.Pp
+White- and blacklists are honored by the DCC clients.
+whitelisted messages are embargoed or checked with a greylist server.
+The greylist triples of blacklisted messages, messages whose DCC counts make
+them spam, and other messages known to be spam are sent to a greylist
+server to be removed from the greylist database and cause an embargo
+on the next messages with those triples.
+.Pp
+Messages whose checksums match greylist server whitelists
+are not embargoed and the checksums of their triples are not
+added to the greylist database.
+.Pp
+The target counts of embargoed messages are reported to the DCC network
+to improve the detection of bulk mail.
+.It Fl W Xo
+.Sm off
+.Op Ar rate
+.Op Ar ,chg
+.Op Ar ,dbsize
+.Sm on
+.Xc
+controls quick database cleaning.
+If the database is larger than
+.Ar dbsize ,
+it seems that the database has not recently and is not about to be cleaned,
+.Nm
+is receiving fewer than
+.Ar rate
+requests per second,
+and if telling DCC clients that the database is about to be cleaned
+reduces that rate by
+.Ar chg Ns %,
+then
+.Nm
+starts
+.Xr dbclean 8
+for a quick database cleaning.
+The cleaning is abandoned if it takes too long.
+The default values are equivalent to
+.Bk -words
+.Fl W Ar 1.0,40.0,RSS
+where
+.Ar RSS
+is the maximum dccd resident set
+displayed the system log by
+.Fl d
+when
+.Nm starts .
+.Ek
+.It Fl K Xo
+.Sm off
+.Op Ar no-
+.Ar type
+.Sm on
+.Xc
+marks checksums of
+.Ar type
+(not) be kept
+or counted in the database unless they appear in the whitelist.
+Explicit settings add to or remove from the initial contents of the list,
+which is equivalent to
+.Fl K Ar Body
+.Fl K Ar Fuz1
+.Fl K Ar Fuz2 .
+.It Fl T Ar tracemode
+causes the server to trace or record some operations.
+.Ar tracemode
+must be one of the following:
+.Bl -tag -width FLOOD2 -offset 2n -compact
+.It Ar ADMN
+administrative requests from the control program,
+.Xr cdcc 8
+.It Ar ANON
+errors by anonymous clients
+.It Ar CLNT
+errors by authenticated clients
+.It Ar RLIM
+rate-limited messages
+.It Ar QUERY
+all queries and reports
+.It Ar RIDC
+some messages concerning the report-ID cache that is used
+to detect duplicate reports from clients
+.It Ar FLOOD
+messages about inter-server flooding connections
+.It Ar FLOOD2
+messages about flooded reports
+.It Ar IDS
+unknown server-IDs in flooded reports
+.It Ar BL
+requests from clients in the
+.Pa blacklist
+file.
+.It Ar DB
+odd database events including long chains of duplicate checksums
+.It Ar WLIST
+reports of whitelisted checksums from authenticated, not anonymous DCC clients
+.El
+The default is
+.Ar ANON CLNT .
+.It Fl u Ar anon-delay Ns Op Ar *inflate
+changes the number of milliseconds anonymous or unauthenticated clients
+must wait for answers to their queries and reports.
+The purpose of this delay is to discourage large anonymous clients.
+The
+.Ar anon-delay
+is multiplied by 1 plus the number of recent anonymous requests from
+an IP address divided by the
+.Ar inflate
+value.
+.Pp
+The string
+.Ar FOREVER
+turns off all anonymous or unauthenticated access not only
+for checksum queries and reports but also
+.Xr cdcc 8
+.Ic stats
+requests.
+A missing value for
+.Ar inflate
+turns off inflation.
+.Pp
+The default value is
+.Ar 50,none ,
+except when
+.Fl G
+is used in which case
+.Ar FOREVER
+is assumed and required.
+.It Fl C Ar dbclean
+changes the default name or path of the program used to rebuild
+the hash table when it becomes too full.
+The default value is
+.Pa @libexecdir@/dbclean
+in the
+.Pa @libexecdir@
+directory.
+The value can include arguments as in
+.Ar -C '$DCC_LIBEXEC/dbclean -F' .
+.Pp
+Dbclean
+.Em should not
+be run by
+.Nm
+except in emergencies such as database corruption or hash table overflow.
+.Xr Dbclean 8
+should be run daily with the @libexecdir@/cron-dccd cron script
+.It Fl L Ar ltype,facility.level
+specifies how messages should be logged.
+.Ar Ltype
+must be
+.Ar error ,
+.Ar info ,
+or
+.Ar off
+to indicate which of the two types of messages are being controlled or
+to turn off all
+.Xr syslog 3
+messages from
+.Nm .
+.Ar Level
+must be a
+.Xr syslog 3
+level among
+.Ar EMERG ,
+.Ar ALERT ,
+.Ar CRIT , ERR ,
+.Ar WARNING ,
+.Ar NOTICE ,
+.Ar INFO ,
+and
+.Ar DEBUG .
+.Ar Facility
+must be among
+.Ar AUTH ,
+.Ar AUTHPRIV ,
+.Ar CRON ,
+.Ar DAEMON ,
+.Ar FTP ,
+.Ar KERN ,
+.Ar LPR ,
+.Ar MAIL ,
+.Ar NEWS ,
+.Ar USER ,
+.Ar UUCP ,
+and
+.Ar LOCAL0
+through
+.Ar LOCAL7 .
+The default is equivalent to
+.Dl Fl L Ar info,MAIL.NOTICE  Fl L Ar error,MAIL.ERR
+.It Fl R Xo
+.Sm off
+.Op Ar RL_SUB ,
+.Op Ar RL_ANON ,
+.Op Ar RL_ALL_ANON ,
+.Op Ar RL_BUGS
+.Xc
+.Sm on
+sets one or more of the four rate-limits.
+.Ar RL_SUB
+limits the number of DCC transactions per second from subscribers
+or DCC clients with known client-IDs and passwords.
+This limit applies to each IP address independently.
+.Pp
+.Ar RL_ANON
+limits the number of DCC transactions per second from anonymous DCC clients.
+This limit applies to each IP address independently.
+It is better to use
+.Fl u
+than to change this value to exclude anonymous clients.
+.Pp
+.Ar RL_ALL_ANON
+limits the number of DCC transactions per second from all anonymous DCC clients.
+This limit applies to all anonymous clients as a group, regardless of their
+IP addresses.
+.Pp
+.Ar RL_BUGS
+limits the number of complaints or error messages per second for all
+anonymous DCC clients as a group as well as for each DCC client by IP
+address.
+.Pp
+The default is equivalent to
+.Fl R Ar 400,50,600,0.1
+.El
+.Sh FILES
+.Bl -hang -width @prefix@ -compact
+.It Pa @prefix@
+is the DCC home directory containing data and control files.
+.It Pa dcc_db
+is the database of mail checksums.
+.It Pa dcc_db.hash
+is the mail checksum database hash table.
+.It Pa grey_db
+is the database of greylist checksums.
+.It Pa grey_db.hash
+is the greylist database hash table.
+.It Pa flod
+contains lines controlling DCC flooding of the form:
+.br
+.Bd -ragged -compact
+.Ar host Ns Xo
+.Sm off
+.Op Ar ,rport
+.Op Ar ;src Op Ar ,lport
+.Sm on
+.Xc
+.Ar rem-ID
+.Op Ar passwd-ID Op Ar o-opt Op Ar i-opt
+.Ed
+where absent optional values are signaled with "-" and
+.Bl -hang -offset 1n -width 2n -compact
+.It Ar host
+is the IP address or name of a DCC server and
+.Ar rport
+is the name or number of the TCP port used by the remote server.
+.It Ar src
+and
+.Ar lport
+are the IP address or host name and TCP port
+from which the outgoing flooding connection should come.
+Incoming flooding connections must arrive at an address and port
+specified with
+.Fl a .
+.It Ar rem-id
+is the server-ID of the remote DCC server.
+.It Ar passwd-ID
+is a server-ID that is not assigned to a server,
+but whose first password is used to sign
+checksum reports sent to the remote system.
+Either of its passwords are required with incoming reports.
+If it is absent or "-", outgoing floods are signed with the first
+password of the local server in the
+.Pa ids
+file and incoming floods must be signed with either password of
+the remote server-ID.
+.It Ar i-opt Li and Ar o-opt
+are comma separated lists of
+.Bl -hang -offset 1n -width 2n -compact
+.It Ar off
+turns off flooding to the remote or local system.
+.It Ar traps
+indicates that
+the remote sending or local receiving system has only spam traps.
+.It Ar no-del
+says checksum delete requests are refused by the remote or local server
+and so turns off sending or accepting delete requests, respectively.
+By default, delete requests are sent to remote servers and accepted
+in incoming floods if and only if the peers are exchanging DCC reputations.
+.It Ar del
+says delete requests are accepted by the remote or local server.
+.It Ar no-log-del
+turns off logging of incoming requests to delete checksums.
+.It Ar passive
+is used to tell a server outside a firewall to expect a peer
+inside to create both of the pair
+of input and output TCP connections used for flooding.
+The peer inside the firewall should use
+.Ar SOCKS
+or
+.Ar NAT
+on its
+.Pa flod
+file entry for this system.
+.It Ar SOCKS
+is used to tell a server inside a firewall that it should create both
+of the TCP connections used for flooding and that SOCKS protocol should
+be used.
+The peer outside the firewall should use
+.Ar passive
+on its
+.Pa flod
+file entry for this system.
+.It Ar NAT
+differs from
+.Ar SOCKS
+only by not using the SOCKS protocol.
+.It Ar ID1->ID2
+converts server-ID
+.Ar ID1
+in flooded reports to server-ID
+.Ar ID2 .
+Either
+.Ar ID1
+or
+.Ar ID2
+may be the string
+.Sq self
+to specify the server's own ID.
+.Ar ID1
+can be the string
+.Sq all
+to specify all server-IDs
+or a pair of server-IDs separated by a dash to specify an inclusive range.
+.Ar ID2
+can be the string
+.Sq ok
+to send or receive reports without translation
+or the string
+.Sq reject
+to not send outgoing or refuse incoming reports.
+Only the first matching conversion is applied.
+For example, when
+.Sq self->ok,all->reject
+is applied to a locally generated report,
+the first conversion is applied and the second is ignored.
+.It Ar leaf=path-len
+does not send reports with paths longer than
+.Ar path-len
+server-IDs.
+.It Ar IPv4
+overrides a
+.Fl 6
+setting for this flooding peer.
+.It Ar IPv6
+overrides the
+default or an explicit
+.Fl 4
+setting.
+.It Ar vers
+specifies the version of the DCC flooding protocol used by the remote
+DCC server with a string such as
+.Sq version2 .
+.It Ar trace
+sends information about a single peer like the
+.Xr cdcc 8
+command
+.Ic trace FLOOD on
+does for all peers.
+.It Ar trace2
+sends information about individual flooded reports like the
+.Xr cdcc 8
+command
+.Ic trace FLOOD2 on
+does for all peers.
+.El
+.El
+.It Pa grey_flod
+is the equivalent of
+.Pa flod
+used by
+.Nm
+when it is a greylist server.
+.It Pa flod.map
+is an automatically generated file in which
+.Nm
+records its progress sending or flooding reports to DCC peers.
+.It Pa grey_flod.map
+is the equivalent of
+.Pa flod.map used by
+.Nm
+when it is a greylist server.
+.It Pa ids
+contains the IDs and passwords known by the DCC server.
+An
+.Pa ids
+file that can be read by others cannot be used.
+It contains blank lines, comments starting
+with "#" and lines of the form:
+.Bd -ragged -compact -offset indent
+.Sm off
+.Ar id
+.Op Ar ,rpt-ok
+.Op Ar ,delay=ms  Ns Op Ar *inflate
+.Sm on
+.Ar passwd1 Op Ar passwd2
+.Ed
+where
+.Bl -hang -offset 1n -width 2n -compact
+.It Ar id
+is a DCC
+.Ar client-ID
+or
+.Ar server-ID .
+.It Ar Rpt-ok
+if present overrides
+.Fl Q
+by saying that this client is trusted
+to report only checksums for unsolicited bulk mail.
+.It Ar delay=ms  Ns Op Ar *inflate
+delays answers to systems using the client
+.Ar id .
+The
+.Ar delay
+in milliseconds is multiplied by 1 plus the number of recent requests from
+an IP address using
+.Ar id
+divided by the
+.Ar inflate
+value.
+See
+.Fl u .
+.It Ar passwd1
+is the password currently used by clients with identifier
+.Ar id .
+It is a 1 to 32 character string that does not contain
+blank, tab, newline or carriage return characters.
+.It Ar passwd2
+is the optional next password that those clients will use.
+A DCC server accepts either password if both are present in the file.
+.El
+Both passwords can be absent if the entry not used except to tell
+.Nm
+that server-IDs in the flooded reports are valid.
+The string
+.Em unknown
+is equivalent to the null string.
+.It Pa whitelist
+contains the DCC server whitelist.
+It is not used directly but is loaded into the database when
+.Xr dbclean 8
+is run.
+.It Pa grey_whitelist
+contains the greylist server whitelist.
+It is not used directly but is loaded into the database when
+.Xr dbclean 8
+is run with
+.Fl G .
+.It Pa blacklist
+if present, contains a list of IP addresses and blocks of IP addresses
+DCC clients that are ignored.
+Each line in the file should be blank, a comment starting with '#',
+or an IP address or block of IP addresses in the form
+.Bd -ragged -compact -offset indent
+.Op Ar trace,
+.Op Ar ok,
+.Op Ar bad
+.No xxx.xxx.xxx.xxx Ns Op /yy
+.Ed
+Changes to the file are automatically noticed and acted upon within
+a few minutes.
+Addresses or blocks of addresses can be preceded with
+.Em ok
+to "punch holes"
+in blacklisted blocks or with
+.Em trace
+to log activity.
+This mechanism is intended for no more than a few dozen blocks of addresses.
+.It Pa dccd_clients
+contains client IP addresses and activity counts.
+.It Pa grey_clients
+contains greylist client IP addresses and activity counts.
+.El
+.Sh EXAMPLES
+.Nm
+is usually started with other system daemons with something like the
+script
+.Pa @libexecdir@/rcDCC .
+That scripts uses values in @prefix@/dcc_conf to start the server.
+With the argument
+.Em stop ,
+.Pa @libexecdir@/rcDCC
+can be used to stop the daemon.
+.Pp
+The database grows too large unless old reports are removed.
+.Xr dbclean 8
+should be run daily with the @libexecdir@/cron-dccd cron script
+.Sh SEE ALSO
+.Xr cdcc 8 ,
+.Xr dcc 8 ,
+.Xr dbclean 8 ,
+.Xr dblist 8 ,
+.Xr dccifd 8 ,
+.Xr dccm 8 ,
+.Xr dccproc 8 .
+.Xr dccsight 8 ,
+.Sh HISTORY
+.Nm
+is based on an idea from Paul Vixie.
+It was designed and written at Rhyolite Software, starting in 2000.
+This document describes version 1.3.103.

Mercurial > notdcc

comparison dccd.8.in @ 0:c7f6b056b673