HomeEmailAnti-SpamDCC

Setup DCC to Use Remote Public Servers

voyageur | March 30, 2009 - 50 weeks 5 days

Install DCC

Follow http://www.rhyolite.com/dcc/INSTALL.html. The essence is:

# export DCC_OWN=mail_deamon_user
# export DCC_GRP=mail_deamon_grp
# ./configure --with-uid=$DCC_OWN
# make && make install
# chown $DCC_OWN:$DCC_GRP /var/dcc

Configure DCC Client

  1. Edit the file /var/dcc/whiteclnt, and add "OK", "MX", and "MXDCC" entries for the trusted mail hosts. See sample whitelist for DCC clients for reference.
  2. Install a daily or more frequent cron job like misc/crontab and /var/dcc/libexec/cron-dccd to prune dccm or dccifd log files and the prune dccd database with dbclean.

Configure Greylisting

Enable a local greylist server by installing the script /var/dcc/libexec/rcDCC with a symbolic link, setting GREY_ENABLE=on in /var/dcc/dcc_conf and then running

        /var/dcc/libexec/rcDCC start

Adjust Firewall

You will need to allow traffic to and from (both directions) port 6277 in the public DCC servers. Run the command

# cdcc "info"

to get the list of servers and their IPs.

Start dccifd

If you are using SpamAssassin or some general MTA interface, instead of dccm, then do the following:

The general MTA interface dccifd should usually be started before the mail transfer agent or MTA. It should be enabled by setting DCCIFD_ENABLE=on in dcc_conf. It is also usually necessary to change an /etc/rc script or configuration file to start and stop the daemon with the system. The script /var/dcc/libexec/rcDCC should be installed, best with a symbolic link. The daemon can be started manually with

        rcDCC start

Dccifd can be used as a Postfix Before-Queue Content filter as described the dccifd documentation.

Test DCC

  1. You can run
    # cdcc "info"
    to see how DCC is working and all DCC servers are responding OK.
  2. Run DCC through spamassassin. cd to the source folder of your SpamAssassin, and find the sample spam and not-spam txt file. Then run them through spamassassin:

    # spamassassin -D < sample-nonspam.txt
    # spamassassin -D < sample-spam.txt

    And you shall see something like the following:

    dbg: rules: ran eval rule DCC_CHECK ======> got hit (1)
    ...
    *  1.4 DCC_CHECK Listed in DCC (http://rhyolite.com/anti-spam/dcc/)

  3. Download a test message from spam-mail.txt, and run:

    # spamassassin -D < spam-mail.txt