table of contents
Mail::SpamAssassin::Plugin::DCC(3) | User Contributed Perl Documentation | Mail::SpamAssassin::Plugin::DCC(3) |
NAME¶
Mail::SpamAssassin::Plugin::DCC - perform DCC check of messages
SYNOPSIS¶
loadplugin Mail::SpamAssassin::Plugin::DCC full DCC_CHECK eval:check_dcc() full DCC_CHECK_50_79 eval:check_dcc_reputation_range('50','79')
DESCRIPTION¶
The DCC or Distributed Checksum Clearinghouse is a system of servers collecting and counting checksums of millions of mail messages. The counts can be used by SpamAssassin to detect and filter spam.
See https://www.dcc-servers.net/dcc/ for more information about DCC.
Note that DCC is disabled by default in "v310.pre" because its use requires software that is not distributed with SpamAssassin and that has license restrictions for certain commercial uses. See the DCC license at https://www.dcc-servers.net/dcc/LICENSE for details.
Enable it by uncommenting the "loadplugin Mail::SpamAssassin::Plugin::DCC" confdir/v310.pre or by adding this line to your local.pre. It might also be necessary to install a DCC package, port, rpm, or equivalent from your operating system distributor or a tarball from the primary DCC source at https://www.dcc-servers.net/dcc/#download See also https://www.dcc-servers.net/dcc/INSTALL.html
TAGS¶
The following tags are added to the set, available for use in reports, header fields, other plugins, etc.:
_DCCB_ DCC server ID in X-DCC-*-Metrics header field name _DCCR_ X-DCC-*-Metrics header field body _DCCREP_ DCC Reputation or percent bulk mail (0..100) from commercial DCC software
USER OPTIONS¶
- use_dcc (0|1) (default: 1)
- Whether to use DCC, if it is available.
- dcc_body_max NUMBER
- dcc_fuz1_max NUMBER
- dcc_fuz2_max NUMBER
- Sets how often a message's body/fuz1/fuz2 checksum must have been reported
to the DCC server before SpamAssassin will consider the DCC check hit.
999999 is DCC's MANY count.
The default is 999999 for all these options.
- dcc_rep_percent NUMBER
- Only the commercial DCC software provides DCC Reputations. A DCC Reputation is the percentage of bulk mail received from the last untrusted relay in the path taken by a mail message as measured by all commercial DCC installations. See http://www.rhyolite.com/dcc/reputations.html You "must" whitelist your trusted relays or MX servers with MX or MXDCC lines in /var/dcc/whiteclnt as described in the main DCC man page to avoid seeing your own MX servers as sources of bulk mail. See https://www.dcc-servers.net/dcc/dcc-tree/dcc.html#White-and-Blacklists The default is 90.
ADMINISTRATOR OPTIONS¶
- dcc_timeout n (default: 8)
- How many seconds you wait for DCC to complete, before scanning continues without the DCC results. A numeric value is optionally suffixed by a time unit (s, m, h, d, w, indicating seconds (default), minutes, hours, days, weeks).
- dcc_home STRING
- This option tells SpamAssassin where to find the dcc homedir. If not specified, try to use the locally configured directory from the "cdcc homedir" command. Try /var/dcc if that command fails.
- dcc_dccifd_path STRING
- This option tells SpamAssassin where to find the dccifd socket instead of
a local Unix socket named "dccifd" in
the "dcc_home" directory. If a socket is
specified or found, use it instead of
"dccproc".
If specified, "dcc_dccifd_path" is the absolute path of local Unix socket or an INET socket specified as "[Host]:Port" or "Host:Port". Host can be an IPv4 or IPv6 address or a host name Port is a TCP port number. The brackets are required for an IPv6 address.
The default is "undef".
- dcc_path STRING
- Where to find the "dccproc" client
program instead of relying on SpamAssassin to find it in the current PATH
or "dcc_home/bin". This must often be
set, because the current PATH is cleared by taint mode in the Perl
interpreter,
If a "dccifd" socket is found in "dcc_home" or specified explicitly with "dcc_dccifd_path", use the dccifd(8) interface instead of "dccproc".
The default is "undef".
- dcc_options options
- Specify additional options to the dccproc(8) command. Only
characters in the range [0-9A-Za-z ,._/-] are allowed for security
reasons.
The default is "undef".
- dccifd_options options
- Specify additional options to send to the dccifd daemon with the ASCII
protocol described on the dccifd(8) man page. Only characters in
the range [0-9A-Za-z ,._/-] are allowed for security reasons.
The default is "undef".
- dcc_learn_score n (default: undef)
- Report messages with total scores this much larger than the SpamAssassin spam threshold to DCC as spam.
2021-04-09 | perl v5.26.3 |