DCC how to
Andrea Soliva
soliva at comcept.ch
Tue Aug 8 13:15:38 CEST 2006
I hope it helps.....as a pitty again in german but it should be
selfunderstanding! Also I hope the format within this mail is not too ugly
:-)
********************************************************************
* 275.0 Zusaetzlich Distributed Checksum Clearinghouse fuer Kolab2 *
********************************************************************
275.1) Um DCC zu installieren gehe folgendermassen vor:
# opa /kolab
# mkdir /kolabtmp/dcc
# cd /kolabtmp/dcc
# mv dcc-dccd.tar.Z /kolabtmp/dcc
# gzip -dc dcc.tar.Z | tar xvf -
# cd dcc-1.3.39
Nun konfigurieren wir die Source:
# ./configure \
--homedir=/kolab/opt/dcc-dccd-1.3.39 \
--bindir=/kolab/opt/dcc-dccd-1.3.39/bin \
--mandir=/kolab/opt/dcc-dccd-1.3.39/man \
--with-uid=kolab-r \
--with-rundir=/kolab/var/amavisd \
--disable-server \
--disable-dccifd \
--disable-dccm \
--without-db-memory \
--without-max-db-mem \
--without-max-log-size \
--without-DCC-MD5 \
--without-cgibin \
--without-sendmail \
--disable-IPv6
ACHTUNG "disable-dccm" steht fuer "disable sendmail support" und da wir kein
******* Sendmail installiert haben ist "dccm" ueberfluessig. Mit
"./configure
--help" koennen weitere Optionen fuers kompilieren
eingesehen werden.
Die Option "with-db-memory" steht fuer eine Optiomierung dh. wenn
30 bis 40% des installierten Memorys angegeben wird laeuft
"DCC" markant
besser und schneller. Diese Angabe ist ab aer Version 1.2.6
nicht mehr
umbedingt noetig!
Jetzt gehen wir ans Kompilieren:
# /kolab/bin/make
# /kolab/bin/make install
# chown -R kolab-r:kolab /kolab/opt/dcc-dccd-1.3.39
Nun nach der Installation ergiebt sich folgendes Bild:
/kolab/opt/dcc-dccd-1.3.39/
bin
cgi-bin
libexec
log
man/cat8
ACHTUNG Es kann ein Test ausgefuehrt werden nach der Installation jedoch
muss
******* der Server nach aussen kommunizieren und zwar auf "Port 6277
Service udp".
# /kolab/opt/dcc-dccd-1.3.39/bin/cdcc 'info'
--------------- Protokoll von cdcc 'info' ---------------
# 09/10/03 01:24:11 MEST /opt/dcc-dccd-1.3.39/map
# Re-resolve names after 03:23:13 Check RTTs after 01:38:15
# 160.05 ms threshold, 205.70 ms average 12 total, 11 working servers
IPv6 off
dcc1.dcc-servers.net,- RTT+0 ms anon
# 38.144.80.31- Servercave ID
1183
# 100% of 1 requests ok 241.08+0 ms RTT 105 ms queue wait
# 137.118.60.88- neonova ID
1127
# 100% of 1 requests ok 265.00+0 ms RTT 117 ms queue wait
# 153.19.44.233- WEiAPG ID
1072
# 100% of 2 requests ok 4000.00+0 ms RTT 3846 ms queue wait
# 194.85.132.210- SPAMCHECK.NET ID
1168
# 100% of 1 requests ok 437.24+0 ms RTT 344 ms queue wait
# * 194.109.153.82- NIET ID
1080
# 100% of 1 requests ok 155.70+0 ms RTT 104 ms queue wait
# 198.137.254.71- Misty ID
1170
# 100% of 1 requests ok 451.63+0 ms RTT 311 ms queue wait
# 203.147.165.193- MessageCare ID
1108
# 100% of 1 requests ok 461.26+0 ms RTT 64 ms queue wait
# 206.169.162.65- servers ID
1049
# 100% of 1 requests ok 358.61+0 ms RTT 131 ms queue wait
# 212.95.66.23- SdV ID
1179
# 100% of 1 requests ok 160.05+0 ms RTT 104 ms queue wait
# 216.240.97.63- dmv.com ID
1181
# 100% of 1 requests ok 366.17+0 ms RTT 143 ms queue wait
# 216.244.192.216- SINECTIS ID
1114
# 100% of 1 requests ok 427.07+0 ms RTT 106 ms queue wait
dcc2.dcc-servers.net,- RTT+0 ms anon
dcc3.dcc-servers.net,- RTT+0 ms anon
dcc4.dcc-servers.net,- RTT+0 ms anon
dcc5.dcc-servers.net,- RTT+0 ms anon
127.0.0.1,- RTT-1000 ms 32768 3889040617y249
# 127.0.0.1-
# not answering
################
# 09/10/03 01:24:11 MEST GreyList /opt/dcc-dccd-1.3.39/map
# Re-resolve names after 03:23:15
# 1 total, 0 working servers
127.0.0.1,- Greylist 32768 3889040617y249
# 127.0.0.1-
# not answering
--------------- Protokoll von cdcc 'info' ---------------
275.2) Nun muss noch gewaehrleitste werden das "Amavisd-New" das Programm
"DCC" findet.
Diese erreichen wir indem wir "DCC" in die "$path" Variable von
"amavisd.conf.template"
aufnehmen:
# vi /kolab/etc/kolab/templates/amavisd.conf.template
--------------- /kolab/etc/kolab/templates/amavisd.conf.template
---------------
$path =
'/kolab/sbin:/kolab/bin:/usr/sbin:/sbin:/usr/bin:/bin:/kolab/opt/f-prot-4.6.5/bin:/kolab/opt/sophos-4.07/bin:/kolab/opt/antivir-2.1.6-16:/kolab/opt/dcc-dccd-1.3.39/bin';
--------------- /kolab/etc/kolab/templates/amavisd.conf.template
---------------
275.3) Damit DCC aktiviert wird muss das "local.conf" File so manipuliert
werden damit DCC
activiert wird:
# vi /kolab/etc/spamassassin/local.cf
--------------- /kolab/etc/spamassassin/local.cf ---------------
# This is the right place to customize your installation of SpamAssassin.
#
# See 'perldoc Mail::SpamAssassin::Conf' for details of what can be
# tweaked.
#
###########################################################################
#
rewrite_header Subject ****SPAM(_SCORE_)****
## lock_method flock
#
# If you are using a UNIX machine with all database files on local disks,
# and no sharing of those databases across NFS filesystems, you can use a
# more efficient, but non-NFS-safe, locking mechanism. Do this by adding
# the line "lock_method flock" to the /etc/mail/spamassassin/local.cf
# file. This is strongly recommended if you're not using NFS, as it is
# much faster than the NFS-safe locker.
#
lock_method flock
## report_safe { 0 | 1 | 2 } (default: 1)
#
# if this option is set to 1, if an incoming message is
# tagged as spam, instead of modifying the original message,
# SpamAssassin will create a new report message and attach
# the original message as a message/rfc822 MIME part (ensuring
# the original message is completely preserved, not easily
# opened, and easier to recover).
#
# If this option is set to 2, then original messages will
# be attached with a content type of text/plain instead of
# message/rfc822. This setting may be required for safety
# reasons on certain broken mail clients that automatically
# load attachments without any action by the user. This
# setting may also make it somewhat more difficult to
# extract or view the original message.
#
report_safe 1
## use_bayes ( 0 | 1 ) (default 1)
#
# Whether to use the naive-Bayesian-style classifier built
# into SpamAssassin.
#
use_bayes 1
## bayes_path /path/to/file (default: ~/.spamassassin/bayes)
#
# Path for Bayesian probabilities databases. Several databases
# will be created, with this as the base, with _toks, _seen etc.
# appended to this filename; so the default setting results in
# files called ~/.spamassassin/bayes_seen, ~/.spamassassin/bayes_toks
# etc. By default, each user has their own, in their ~/.spamassassin
# directory with mode 0700/0600, but for system-wide SpamAssassin
# use, you may want to reduce disk space usage by sharing this
# across all users. (However it should be noted that Bayesian
# filtering appears to be more effective with an individual
# database per user.)
#
bayes_path /kolab/var/amavisd/.spamassassin/bayes
## use_razor2 ( 0 | 1 ) (default 1)
#
# Whether to use Razor version 2, if it is available.
#
# Up to Spamassassin v3.1.X razor would not be anymore enabled
# in this file. Use instead v310.pre file to enable.
#
#use_razor2 1
#razor_config /kolab/var/amavisd/.razor/razor-agent.conf
#razor_timeout 10
# use_dcc ( 0 | 1 ) (default 1)
#
# Whether to use DCC, if it is available.
#
# Up to Spamassassin v3.1.X razor would not be anymore enabled
# in this file. Use instead v310.pre file to enable.
#
use_dcc 1
dcc_home /kolab/opt/dcc-dccd-1.3.39
dcc_path /kolab/opt/dcc-dccd-1.3.39/bin/dccproc
dcc_timeout 10
## use_pyzor ( 0 | 1 ) (default 1)
#
# Whether to use Pyzor, if it is available.
#
# Up to Spamassassin v3.1.X razor would not be anymore enabled
# in this file. Use instead v310.pre file to enable.
#
#use_pyzor 0
## add_header
#
# DCC processing creates a message header containing the
# statistics for the message. This option sets whether SpamAssassin
# will add the heading to messages it processes. The default is to
# not add the header.
#
add_header all DCC _DCCB_: _DCCR_
## dns_available { yes | test[: name1 name2...] | no } (default: test)
#
# By default, SpamAssassin will query some default hosts on the internet
# to attempt to check if DNS is working on not. The problem is that it
# can introduce some delay if your network connection is down, and in some
# cases it can wrongly guess that DNS is unavailable because the test
# connections failed. SpamAssassin includes a default set of 13 servers,
# among which 3 are picked randomly.
#
# You can however specify your own list by specifying
#
# dns_available test: server1.tld server2.tld server3.tld
#
# Please note, the DNS test queries for MX records so if you specify
# your own list of servers, please make sure to choose the one(s)
# which has an associated MX record.
#
dns_available yes
## skip_rbl_checks { 0 | 1 } (default: 0)
#
# By default, SpamAssassin will run RBL checks. If your ISP
# already does this for you, set this to 1
#
skip_rbl_checks 0
## header FROM_HAS_MIXED_NUMS From =~ /\d+[a-z]+\d+\S*@/i
#
header LOCAL_RCVD Received =~ /\S+\.domain\.com\s+\(.*\[.*\]\)/
## describe FROM_HAS_MIXED_NUMS From: contains numbers mixed in with
letters
#
describe LOCAL_RCVD Received from local machine
## score SYMBOLIC_TEST_NAME n.nn [ n.nn n.nn n.nn ]
#
# Assign scores (the number of points for a hit) to a given test.
# Scores can be positive or negative real numbers or integers.
# SYMBOLIC_TEST_NAME is the symbolic name used by SpamAssassin for that
# test; for example, 'FROM_ENDS_IN_NUMS'. If only one valid score is
# listed, then that score is always used for a test.
#
# If four valid scores are listed, then the score that is used depends
# on how SpamAssassin is being used. The first score is used when both
# Bayes and network tests are disabled. The second score is used when
# Bayes is disabled, but network tests are enabled. The third score is
# used when Bayes is enabled and network tests are disabled. The fourth
# score is used when Bayes is enabled and network tests are enabled.
#
# Setting a rule's score to 0 will disable that rule from running.
#
# Note that test names which begin with '__' are reserved for meta-match
# sub-rules, and are not scored or listed in the 'tests hit' reports.
#
# If no score is given for a test, the default score is 1.0, or 0.01 for
# tests whose names begin with 'T_' (this is used to indicate a rule in
# testing).
#
# By convention, rule names are be all uppercase and have a length of no
# more than 22 characters.
#
score LOCAL_RCVD -50
score DCC_CHECK 4.000
#score RAZOR2_CHECK 2.500
score SPF_FAIL 10.000
score SPF_HELO_FAIL 10.000
score BAYES_99 4.300
#score BAYES_90 3.500
score BAYES_95 3.500
score BAYES_80 3.000
# Up to Spamassassin v3.1.X score BAYES_90 doese not anymore
# exist. Use instead BAYES_95 or 99
## WHITE-LISTED SENDERS (the good guys):
#
#whitelist_from *.good-domain.net # This domain is safe
#whitelist_from *@goodguys.com # These guys are ok
#whitelist_from dudley.duright at mounties.ca # He never spams us
## WHITE-LISTED RECEIVERS (no scanning for SPAM):
#
#all_spam_to spam-lover at companymail1.com # He likes it
## BLACK-LISTED SENDERS (the bad guys):
#
#blacklist_from *@badguys.com # nasty outlaws
#blacklist_from *@casino-fun.* # we don't want any
of this stuff
## Additional DNSBL Servers
#
# BNBL (The BlueShore Network Black List) bl.blueshore.net
#
header RCVD_IN_BNBL eval:check_rbl('bl', 'bl.blueshore.net.')
describe RCVD_IN_BNBL Listed by BNBL
tflags RCVD_IN_BNBL net
score RCVD_IN_BNBL 2
--------------- /kolab/etc/spamassassin/local.cf ---------------
275.4) Da wir DCC nicht als Deamon laufen lassen ist das Log Verzeichnis
von DCC eigentlich
umbedeutend jedoch ordnungshalber und fuer zukuenftige Zwecke legen
wird dieses
dennoch an:
# mkdir /kolab/var/dcc
# chown kolab-r:kolab /kolab/var/dcc
# chmod 755 /kolab/var/dcc
# vi /kolab/opt/dcc-dccd-1.3.39/dcc_conf
--------------- /kolab/opt/dcc-dccd-1.3.39/dcc_conf ---------------
DCCM_LOGDIR=/kolab/var/dcc
--------------- /kolab/opt/dcc-dccd-1.3.39/dcc_conf ---------------
ACHTUNG Beim Upgrade auf SpamAssassin 3.X.X kann es zu einem Phaenomen
******* kommen das DCC in ein Timeout laeuft dh. im Debug Modus von
amavisd-new scheint alles normal zu arbeiten jedoch wenn man
nachtraeglich beim aktiven Gateway das Postfix Log kontrolliert
erscheint dort folgende "error" Nachricht:
dccproc[11602]: [ID 349477 mail.error] missing message body; fatal error
Wie schon erwaehnt ist ein Timout schuld an dieser Fehlermeldung
und hat grundsaetzlich nichts zu tun mit flaschen "header" etc.
Nun in SpamAssassin 3.X.X wurde eine neue Routine eingebaut
und diese scheint nicht allen Gegebenheiten gerecht zu werden dh.
die Loesung ist denkbar einfach dh. die neue Routine muss
deaktiviert werden und die alte reaktiviert und danach sollte
alles wieder einwandfrei laufen. Dieser Workaround der benutzt
werden sollte fuer DCC bis im neuen Release von SpamAssassin
dies geaendert wird ist nachzulesen auf folgenden Link:
http://issues.apache.org/eyebrowse/ReadMsg?listName=users@spamassassin.apache.org&msgNo=16316
# vi /export/kolab/lib/perl/vendor_perl/5.8.7/Mail/SpamAssassin/Dns.pm
---------------
/export/kolab/lib/perl/vendor_perl/5.8.7/Mail/SpamAssassin/Dns.pm
---------------
dbg("DCC command: ".join(' ', $path, "-H", $opts, "< '$tmpf'",
"2>&1"),'dcc'
,-1);
my $pid = open(DCC, join(' ', $path, "-H", $opts, "< '$tmpf'",
"2>&1", '|'
)) || die "$!\n";
# my $pid = Mail::SpamAssassin::Util::helper_app_pipe_open(*DCC,
# $tmpf, 1, $path, "-H", split(' ', $opts));
$pid or die "$!\n";
---------------
/export/kolab/lib/perl/vendor_perl/5.8.7/Mail/SpamAssassin/Dns.pm
---------------
275.4) Nun sollte alles fuer DCC vorbereitet sein dh. als letzte Aktion
fuehren wir
"kolabconf" aus:
# /kolab/sbin/kolabconf
--------------- /kolab/sbin/kolabconf ---------------
kolabconf - Kolab Configuration Generator
Version: 2.0.1
Copyright (c) 2004 Klaraelvdalens Datakonsult AB
Copyright (c) 2003 Code Fusion cc
Copyright (c) 2003 Tassilo Erlewein, Martin Konold, Achim Frank, erfrakon
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
OpenPKG: restart: amavisd.
OpenPKG: stop: proftpd.
--------------- /kolab/sbin/kolabconf ---------------
275.5) Nun wenn es zu Problemen kommt und "amavisd" im "debug" Mode
ausgefuehrt werden soll
kann dies mit folgender Modifikation errreicht werden:
# vi /kolab/etc/kolab/templates/amavisd.conf.template
--------------- /kolab/etc/kolab/templates/amavisd.conf.template
---------------
# Turn on SpamAssassin debugging (output to STDERR, use with 'amavisd
debug')
$sa_debug = 1; # defaults to false
--------------- /kolab/etc/kolab/templates/amavisd.conf.template
---------------
# /kolab/sbin/kolabconf
# /kolab/sbin/amavisd \
-c /kolab/etc/amavisd/amavisd.conf debug
Nach diesem Befehl sollte folgendes ersichtlich sein:
--------------- amavisd debug output ---------------
debug: DCCifd is not available: no r/w dccifd socket found.
debug: executable for dccproc was found at
/kolab/opt/dcc-dccd-1.3.39/bin/dccproc
debug: DCC is available: /kolab/opt/dcc-dccd-1.3.39/bin/dccproc
debug: entering helper-app run mode
debug: setuid: helper proc 28451: ruid=19415 euid=19415
debug: DCC: got response: X-DCC-dcc.uncw.edu-Metrics: kolab2 1201;
Body=65711 Fuz1=265174 Fuz2=265171
--------------- amavisd debug output ---------------
Wenn alles in Ordnung ist deaktiviere den "debug" Modus und starte
alle Services neu:
# vi /kolab/etc/kolab/templates/amavisd.conf.template
--------------- /kolab/etc/kolab/templates/amavisd.conf.template
---------------
# Turn on SpamAssassin debugging (output to STDERR, use with 'amavisd
debug')
$sa_debug = 1; # defaults to false
--------------- /kolab/etc/kolab/templates/amavisd.conf.template
---------------
# /kolab/sbin/kolabconf
More information about the users
mailing list