Re: Greylisting no longer working ?

Wed, 07 Feb 2007 08:23:16 -0800 

Vernon,
I really think there is an issue with grey-listing, at least when using dccifd. I started with a vanilla dcc, compiled from the 1.3.50 sources, and used the default config files (but enabling dccifd and grey-listing). 


Grey-listing simply isn't used. All messages that don't fail the 
checksum test are accepted. As you can see from the data below, the 
greylist server seems to run and the output of "cdcc info" also seems ok.


What else should I be looking for ? Is there some debug switch ?

Regards,

Daniel

~~~~~

vps183:/var/dcc # grep grey /var/log/mail

Feb  7 16:59:09 vps183 dccd grey[15454]: 1.3.50 listening to port 6276 
with /var/dcc and 10 MByte window


~~~~~

vps183:/var/dcc # cdcc info | tail -20
dcc5.dcc-servers.net,-      RTT+1000 ms  anon
#  80.69.8.186,-                                                  MC ID 1128
#     protocol version 4
#     100% of  2 requests ok  744.90+1000+2000 ms RTT      148 ms queue wait

# *217.20.119.18,- 
sgs_public_dcc_server ID 1199

#     100% of  1 requests ok  109.42+1000 ms RTT       102 ms queue wait

127.0.0.1,-                 RTT-1000 ms  32768 4246470383y466
#  127.0.0.1,-
#      not answering

################
# 02/07/07 16:58:21 CET  GreyList /var/dcc/map
# Re-resolve names after 18:43:57  Check RTTs after 16:58:57
# 1 total, 1 working servers

127.0.0.1,-                 Greylist 32768 4246470383y466

# *127.0.0.1,6276                                                    ID 
32702

#     100% of  1 requests ok    0.36 ms RTT              0 ms queue wait

~~~~~

vps183:/var/dcc # ps -ef | grep dcc

vscan    15454     1  0 16:59 ?        00:00:00 /var/dcc/libexec/dccd 
-Gon -I vscan -i 32702
vscan    15484     1  0 16:59 ?        00:00:00 /var/dcc/libexec/dccifd 
-Ivscan -tCMN,50,50 -llog -wwhiteclnt -Uuserdirs -Gon -p 127.0.0.1,10023 
127.0.0.1/32 -o 127.0.0.1,10026 -SHELO -Smail_host -SSender -SList-ID
vscan    15485 15484  0 16:59 ?        00:00:00 /var/dcc/libexec/dccifd 
-Ivscan -tCMN,50,50 -llog -wwhiteclnt -Uuserdirs -Gon -p 127.0.0.1,10023 
127.0.0.1/32 -o 127.0.0.1,10026 -SHELO -Smail_host -SSender -SList-ID
vscan    15488 15485  0 16:59 ?        00:00:00 /var/dcc/libexec/dccifd 
-Ivscan -tCMN,50,50 -llog -wwhiteclnt -Uuserdirs -Gon -p 127.0.0.1,10023 
127.0.0.1/32 -o 127.0.0.1,10026 -SHELO -Smail_host -SSender -SList-ID
vscan    15489 15488  0 16:59 ?        00:00:00 /var/dcc/libexec/dccifd 
-Ivscan -tCMN,50,50 -llog -wwhiteclnt -Uuserdirs -Gon -p 127.0.0.1,10023 
127.0.0.1/32 -o 127.0.0.1,10026 -SHELO -Smail_host -SSender -SList-ID
vscan    15490 15488  0 16:59 ?        00:00:00 /var/dcc/libexec/dccifd 
-Ivscan -tCMN,50,50 -llog -wwhiteclnt -Uuserdirs -Gon -p 127.0.0.1,10023 
127.0.0.1/32 -o 127.0.0.1,10026 -SHELO -Smail_host -SSender -SList-ID


~~~~~

dcc_conf:
# GREY_CLIENT_ARGS contains "on", "-GnoIP", etc. to turn on greylisting
#       in the dccm and dccifd DCC clients.
#   Also turns on the local greylist dccd server unless GREY_ENABLE=off
GREY_CLIENT_ARGS=on
# GREY_ENABLE turns local greylist server 'on' or 'off',
#       but does not effect dccm, dccifd
GREY_ENABLE=on

~~~~~




Daniel Gehriger wrote:

Vernon,


Thanks for your follow-up. I tried upgrading again, and grey-listing 
stopped working. I then restored only the "libexec" directory from the 
backup, and grey-listing works again!



The dcc_conf file wasn't touched while upgrading, and the difference 
between dcc_conf.new and the current one are only minimal:


    vps183:/var/dcc # diff dcc_conf dcc_conf-new
    5c5
    < # from Rhyolite Software DCC 1.3.45-1.55 $Revision$
    ---
    > # from Rhyolite Software DCC 1.3.49-1.57 $Revision$
    46a47,49
    > #   For example

    > #DNSBL_ARGS="'-Bset:rej-msg=5.7.1 550 mail %s from %s rejected; 
see http://www.spamhaus.org/xbl/' -Bsbl-xbl.spamhaus.org,any"
    > #   checks SMTP envelope senders and URLs in mail message bodies 
in the XBL.

    49,50d51
    < # external filter -X parameters for dccifd and dccm
    < XFLTR_ARGS=


I really don't know what to do now. I even tried deleting all the cache 
files prior to upgrading.


Regards,

Daniel

Vernon Schryver wrote:

From: Daniel Gehriger 



I just upgraded DCC to version (1.3.48). Even though my config file 
hasn't changed, greylisting no longer seems to work. The servers 
start up as expected:



Feb  2 00:33:37 vps183 dccd grey[25876]: 1.3.48 listening to port 
6276 with /var/dcc and 10 MByte window
Feb  2 00:33:37 vps183 dccifd[25928]: 1.3.48 listening to 
127.0.0.1,10023 from 127.0.0.1/32




                     Fuz2: b1fea197 a6873b19 4be7a365 c8943df3       0
     substitute mail_host: e59df0e1 992e42c4 df8dea2a b4a9f9b7

result: accept


That segment of a dccifd log file and that dccifd did not complain
about the greylist server not responding shows that dccifd did not
even try to do greylisting.


I already deleted grey_db* and restarted dcc, but to no avail. Only 
restoring version 1.3.45 from the backup solved the problem.


I'm sorry, but I believe the restoration of 1.3.45 included restoring
either /var/dcc/dcc_conf and so reversing a change to GREY_CLIENT_ARGS
or restoring /var/dcc/map and so reversing a deletion of the greylist
server entry.


Vernon Schryver    vjs-w9Ndhk1xg/VWk0Htik3J/[EMAIL PROTECTED]




_______________________________________________
DCC mailing list      [email protected]
http://www.rhyolite.com/mailman/listinfo/dcc






















					Reply via email to