File: INSTALL.html

package info (click to toggle)
dcc 1.2.74-4
links: PTS
area: main
in suites: etch-m68k
size: 3,548 kB
ctags: 4,041
sloc: ansic: 41,038; perl: 2,310; sh: 2,185; makefile: 224
file content (813 lines) | stat: -rw-r--r-- 30,627 bytes
parent folder | download | duplicates (2)
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN">
<HTML>
<HEAD>
    <TITLE>DCC Installation</TITLE>
    <META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
    <META HTTP-EQUIV="Content-Style-Type" content="text/css">
    <STYLE type="text/css">
        <!--
        BODY {background-color:white; color:black}
        TABLE.center {text-align:center}
        TD {font-size:80%}
            TD.env {font-family:monospace}
            TD.conf {font-family:monospace}
        DL.compat {margin-left:5%; margin-right:10%}
        -->
    </STYLE>
</HEAD>

<BODY>
<H1>Distributed Checksum Clearinghouse (DCC) Installation</H1>

<P>
<OL>
<LI><H3>Fetch the source</H3>
The DCC is available in three successively larger packages:
<DL>
<DT>
<A HREF="http://www.rhyolite.com/anti-spam/dcc/source/dcc-dccproc.tar.Z">
dcc-dccproc.tar.Z</A>
<DD>
is the smallest <EM>tarball</EM>.
It contains the DCC procmail and non-sendmail interfaces,
<A HREF="dccproc.html">dccproc</A> and
<A HREF="dccifd.html">dccifd</A>.
This package also contains utilities such as <A HREF="cdcc.html">cdcc</A>
and all of the manual pages and documentation.
<DT>
<A HREF="http://www.rhyolite.com/anti-spam/dcc/source/dcc-dccm.tar.Z">dcc-dccm.tar.Z</A>
<DD>
adds the sendmail DCC interface, <A HREF="dccm.html">dccm</A>,
to mark or filter mail with sendmail.
<DT>
<A HREF="http://www.rhyolite.com/anti-spam/dcc/source/dcc-dccd.tar.Z">dcc-dccd.tar.Z</A>
<DD>
adds the DCC server, <A HREF="dccd.html">dccd</A>.
</DL>


<P><LI><H3>Read the documentation</H3>
<P>
The <A HREF="dcc.html#Installation-Considerations">DCC</A>
and other man pages describe the features, operating modes,
required data files, and other characteristics of the DCC.
Also see the DCC <A HREF=FAQ.html>FAQ</A>
or list of frequently answered questions.


<P><LI><H3><A NAME="step-sendmail">Build sendmail</A></H3>
If the DCC-sendmail interface, <A HREF="dccm.html">dccm</A>, is not used,
then <B>skip</B> to the <A HREF="#step-compile">next step</A>.
<P>
Sendmail must have the
Mail Filter API or Milter enabled.
Some systems such a FreeBSD 4.6 and newer are shipped with
Milter enabled and the library installed by default.
If your system comes with the Milter interface turn on,
then <B>skip</B> to the <A HREF="#step-compile">next step</A>.
Otherwise, the Milter interface must be explicitly enabled
by adding lines like those in
<A HREF="misc/site.config.m4">misc/site.config.m4</A>
to your sendmail/devtools/Site/site.config.m4 file or equivalent.
Then build sendmail as described in the INSTALL file distributed with sendmail.
You must build <CODE>libmilter</CODE> separately by something like
<PRE>
            cd libmilter
            sh ./Build
</PRE>
<P>
After sendmail has been rebuilt if necessary it will need to be restarted.
That should be done at the end of the next step.


<P><LI><H3><A NAME="step-compile">Configure, build, and
install the DCC programs</A></H3>

<P>
See the installation considerations in the
<A HREF="dcc.html#Installation-Considerations">DCC man page</A>.
<P>
Most DCC files are in a "home directory" such as /var/dcc.
DCC programs such as cdcc and dccproc are run by end
users and should be installed in a directory such as /usr/local/bin.
They must also be set-UID to the UID that can change the DCC
data files.
DCC programs that do not need to be run by end users
are installed by default in the libexec subdirectory of the DCC home directory.
See the <A HREF="#envtbl">table</A> of configure script and makefile
parameters.
Omit any parameters you don't need change and usually use:
<PRE>
        ./configure
        make install
</PRE>
<P>
End users installing only <A HREF="dccproc.html">dccproc</A>
can install it in their private
<Q>~/bin</Q> directories and use private directories for their DCC
home directories.
In this case, the DCC programs that would otherwise need to be set-UID
need not be.
<P>
To build <A HREF="dccproc.html">dccproc</A>
<A NAME="individual-user">for an individual user</A>,
use something like
<PRE>
        ./configure <A HREF="#envtbl--disable-sys-inst">--disable-sys-inst</A> <A HREF="#envtbl--disable-server"> --disable-server</A> <A HREF="#envtbl--disable-dccm">--disable-dccm</A> <A HREF="#envtbl--disable-dccifd">--disable-dccifd</A>
                <A HREF="#envtbl--homedir">--homedir=$HOME/dccdir</A>  <A HREF="#envtbl--bindir">--bindir=$HOME/bin</A>
        make install
</PRE>
<P>
The sendmail interface, <A HREF="dccm.html">dccm</A>,
must be built with the sendmail source and object tree.
By default, the makefiles look for a
native sendmail libraries (e.g. on FreeBSD 4.6), an installed "package"
(e.g. on FreeBSD), or a directory named sendmail parallel to the DCC
source and object tree.
Those who regularly build new versions of sendmail may find it convenient
to make a symbolic link there to their current sendmail.
Otherwise configure the dccm makefile with
<PRE>
        ./configure <A HREF="#envtbl--with-sendmail">--with-sendmail</A>=/some/where/sendmail
        make install
</PRE>
If dccm does not build because it cannot find libmilter,
check that libmilter was compiled with sendmail
in the <A HREF="#step-sendmail">previous step</A>.
<P>
To connect the sendmail Milter interface to <A HREF="dccm.html">dccm</A>,
copy or "sym-link" <A HREF="misc/dcc.m4">misc/dcc.m4</A>
and <A HREF="misc/dccdnsbl.m4">misc/dccdnsbl.m4</A> to
your sendmail/cf/feature directory and
add <CODE>FEATURE(dcc)</CODE> lines to your sendmail.mc configuration file.
Then rebuild and reinstall your sendmail.cf file, and restart sendmail.


<P><LI><H3>Create client configuration files</H3>
All DCC configuration files are in the DCC  home directory, usually /var/dcc.
See the
<A HREF="dcc.html#Client-Installation">dcc</A>,
<A HREF="dccm.html#FILES">dccm</A>,
<A HREF="dccifd.html#FILES">dccifd</A>,
and <A HREF="dccproc.html#FILES">dccproc</A>
man pages
for the files each needs.
Example files are in <A HREF="homedir">homedir</A>.

<UL>
<LI>Unless run anonymously, DCC clients need client-ID numbers and passwords
assigned by the operators of the chosen DCC servers in the /var/dcc/map file.
The <A HREF="homedir/ids">homedir/ids file</A> can be a start.
<LI>Even if run anonymously, the /var/dcc/map file must contain the IP addresses
of DCC servers.
The installation process generates a serviceable /var/dcc/map file
from the included <A HREF="homedir/map.txt">homedir/map.txt</A>.

<LI>Sources of legitimate bulk mail should be recorded in white lists.
Example <A HREF="homedir/whiteclnt">client</A>,
<A HREF="homedir/whitelist">server</A>, and
<A HREF="homedir/whitecommon">common</A> white lists are among
the other <A HREF="homedir/">sample configuration files</A>.
The format of DCC white lists is described in the
<A HREF="dcc.html#White-and-Blacklists">DCC</A> man page.

<LI>Put suitable values in the DCC configuration file,
<A HREF="homedir/dcc_conf.in">dcc_conf</A> for dccm or dccifd.
The default client values are usually good for a start and often only
DCCM_REJECT_AT needs to be changed when it is time to reject spam.

<LI>Start dccm or dccifd before sendmail or the other MTA with the
sample rc script <A HREF="misc/rcDCC.in">/var/dcc/libexec/rcDCC</A>.

<LI>Install a cron job like
<A HREF="misc/cron-dccd.in">/var/dcc/libexec//cron-dccd</A>
to prune <A HREF="dccm.html#FILE-logdir">dccm</A>,
<A HREF="dccifd.html#FILE-logdir">dccifd</A>,
and <A HREF="dccproc.html#FILE-logdir">dccproc</A> log files.
</UL>

<P><LI><H3>Create server files and start server</H3>
<B><A HREF="#step-greylist">Skip</A></B> this and the next step
if only remote DCC servers will be used.
<P>
It is best to use remote servers until the DCC client,
dccm or dccproc, is stable.
Then
<UL>
<LI>Put suitable values for dccd in the configuration file,
<A HREF="homedir/dcc_conf.in">dcc_conf</A>, in the home directory.
Only SRVR_ID and BRAND are commonly changed.
Every DCC server in a network of servers requires a unique
<A HREF="dcc.html#Client-and-Server-IDs">server-ID</A>.
Negotiate a unique server-ID with whomever is keeping track of
them in the network you'll join.

<LI>Choose a secret password for your server-ID in your
<A HREF="homedir/ids">/var/dcc/ids file</A>.
This password can be used to control your server remotely.

<LI>Start the server with the system by installing
<A HREF="misc/rcDCC.in">/var/dcc/libexec/rcDCC</A> or an equivalent.
If it is used unchanged, rcDCC is best installed with a symbolic link
to automate installing updates.

<LI><A NAME=cleaning>A script</A> like
<A HREF="misc/cron-dccd.in">/var/dcc/libexec/cron-dccd</A>
should be used to run
<A HREF="dbclean.html">dbclean</A> about once a day.
An entry like <A HREF="misc/crontab.in">misc/crontab</A> can be put into
the crontab file for the user that runs dccd on some systems.
If you have more than one DCC server,
stagger the times at which the cron job is run so
that not all of your servers are simultaneously busy cleaning databases.

<LI>Install a shutdown script such as
<A HREF="misc/rcDCC.in">/var/dcc/libexec/rcDCC</A>
to shut down the DCC server as the operating system stops.
If the DCC server fails to close the database cleanly,
the database must be cleaned by the server with it starts.
That can take time.

</UL>



<P><LI><H3><A NAME="step-flooding">Configure flooding</A></H3>
<B>Skip</B> to the <A HREF="#step-greylist">next step</A>
if only remote DCC servers will be used.
<P>
The DCC works better as more mailboxes participate,
and "flooding" or exchanging checksums with other servers is the most
effective way to get more participants.
Flooding requires that every server participating in a network of DCC
servers have a unique server-ID and know about all of the other server-IDs.
That means that if your server might join a network of DCC servers,
you should contact people involved in the network
to obtain server-IDs for your servers.
For now, server-IDs known to the public network of DCC server
can be obtained by contacting
<A HREF="mailto:vjs@rhyolite.com">Vernon Schryver</A>.
<P>
After you have an official server-ID,
<UL>
<LI>Obtain the <A HREF="dccd.html#FILE-flod">passwd-ID</A> and its password
and add them to your <A HREF="homedir/ids">/var/dcc/ids file</A>.
<LI>Add a line for each flooding peer to
the <A HREF="dccd.html#FILE-flod">/var/dcc/flod</A> file.
<LI>Wait a few minutes for dccd to notice the change to the file
and start flooding.
The <A HREF="cdcc.html#OPERATION-stats">cdcc&nbsp;stats</A>,
<A HREF="cdcc.html#OPERATION-flood-list">cdcc&nbsp;"id&nbsp;X;&nbsp;flood list"</A>
and
<A HREF="dblist.html#OPTION-H">/var/dcc/libexec/dblist&nbsp;-Hv</A>
commands can be used to monitor the floods of reports of checksums
of bulk mail.
</UL>

<P><LI><H3><A NAME="step-greylist">Configure greylisting</A></H3>
<B>Skip</B> to the <A HREF="#step-start-dccm">next step</A>
if greylisting will not be used.
<P>
Because greylisting uses a modified <A HREF="dccd.html#OPTION-G">DCC server</A>
to maintain a database of checksums of familiar mail senders, their addressees,
and the IP addresses of their SMTP clients,
the complete
<A HREF="http://www.rhyolite.com/anti-spam/dcc/source/dcc-dccd.tar.Z">dcc-dccd.tar.Z</A>
tarball must be used.
<P>
Larger sites can use more than one greylist server,
with the greylist servers flooding data just like DCC servers.
<P>
To configure greylisting:
<OL>
<LI><H4>Assign greylist client- and server-IDs</H4>
<P>Client-IDs and matching passwords must be used by clients of
greylist servers such as dccm and dccifd.
The client-IDs must be in the /var/dcc/map file on the client system.
Greylist client- and server-IDs must be in the
<A HREF="homedir/ids">/var/dcc/ids</A> file on the
greylist server.
When a system hosts both DCC and greylist servers, it is convenient
for clients to use the same client-ID and password for both.
It is also convenient for a greylist server and a DCC server on a system
to share a common server-ID and password.
<P>
The vast majority of installations, which do not have local DCC servers,
can use the greylist server-ID generated by the makefiles in the
<A HREF="homedir/ids">/var/dcc/ids</A> file.

<P><LI><H4>Add the greylist server to /var/dcc/map</H4>
<P>If the
cdcc&nbsp;"<A HREF="cdcc.html#OPERATION-info">info</A>"
command does not show the correct greylist server,
add it with something like
<PRE>
        cdcc "<A HREF="cdcc.html#OPERATION-add">add localhost greylist 32768 secret"</A>
</PRE>
The DCC makefile files add a greylist server at localhost or 127.0.0.1
to <A HREF="cdcc.html#FILES">/var/dcc/map</A> file

<P><LI><H4>Set /var/dcc/dcc_conf</H4>
In most installations, enable a local greylist server by setting
GREY_ENABLE=on in /var/dcc/dcc_conf.
<P>If necessary override the greylist
<A HREF="dccd.html#OPTION-G">embargo, wait, and white</A> values
in GREY_DCCD_ARGS in /var/dcc/dcc_conf.
Otherwise, simply set GREY_CLIENT_ARGS=on

<P><LI><H4>Set /var/dcc/grey_flod</H4>
<P>
Sites with more than one greylist server should arrange to flood
data among them by adding lines to
<A HREF="dccd.html#FILE-grey_flod">/var/dcc/grey_flod</A> files
in the same format as
<A HREF="dccd.html#FILE-flod">/var/dcc/flod</A> files.
Flooding among greylist servers uses port 6276 by default, and so that
port may need to be opened in firewalls.

</OL>



<P><LI><H3><A NAME="step-start-dccm">Start dccm or dccifd</A></H3>
If the DCC-sendmail interface, dccm, is not used,
<B>skip</B> to the <A HREF="#configure-dccproc">next step</A>.
<P>
The DCC sendmail milter interface <A HREF="dccm.html">dccm</A>
should be started before sendmail.
That commonly requires changing an /etc/rc script or configuration file.
The distributed file
<A HREF="misc/start-dccm.in">/var/dcc/libexec/start-dccm</A>
is a shell script that can be used to start dccm as the user "dcc."
It requires local configuration parameters in the
<A HREF="homedir/dcc_conf.in">dcc_conf</A> file in the DCC home directory.
The rc script <A HREF="misc/rcDCC.in">/var/dcc/libexec/rcDCC</A>
for starting dccd can be used with some versions of FreeBSD, Linux, and Solaris.
<P>
The general MTA interface <A HREF="dccifd.html">dccifd</A> usually
must be started before the MTA that uses it.


<P><LI><H3><A NAME="configure-dccproc">Configure uses of dccproc</A></H3>
If dccproc is used with procmail,
add rules to procmailrc files as described in the
<A HREF="dccproc.html#EXAMPLES">dccproc man page</A>.

<P><LI><H3>Adjust rejection thresholds</H3>
<P>It is best to only mark mail with X-DCC SMTP headers
before changing procmail or dccm to reject mail.
Configure dccm with DCCM_LOG_AT in <A HREF="homedir/dcc_conf.in">dcc_conf</A>
to log bulk mail with somewhat lower counts than

</OL>



<H2>Installation Parameters</H2>
<P>There are several installation configuration parameters that can
set to suit individual preferences and systems.

<P>
<TABLE class=center border="1" cellpadding="2%"
    summary="table of makefile and configure script controls">
<CAPTION><A NAME="envtbl">
    <B>Makefile and Configure Script Controls</B></A></CAPTION>
<TR><TH>configure option
    <TH>env name or <br>make variable
    <TH>used by
    <TH>default value
    <TH>use
<TR><TD class=env><A NAME="envtbl--homedir">--homedir=HOMEDIR</A>
    <TD>&nbsp;
    <TD>configure
    <TD>/var/dcc/
    <TD>DCC home directory with most DCC files.
<TR><TD class=env><A NAME="envtbl--installroot">--with-installroot=DIR</A>
    <TD>&nbsp;
    <TD>configure
    <TD>
    <TD>prefix all installation directories to build binary tarball
<TR><TD class=env><A NAME="envtbl--libexecdir">--libexecdir=DIR</A>
    <TD>&nbsp;
    <TD>configure
    <TD><A HREF="#envtbl--homedir">--homedir</A>/libexec
    <TD>directory containing most DCC programs.
<TR><TD class=env><A NAME="envtbl--bindir">--bindir</A>=DIR
    <TD>&nbsp;
    <TD>configure
    <TD>/usr/local/bin<SUP><SMALL>3</SMALL></SUP>
    <TD>installation directory for DCC user commands including cdcc and dccproc
<TR><TD class=env>--mandir=DIR
    <TD>&nbsp
    <TD>configure
    <TD>/usr/local/man<SUP><SMALL>3</SMALL></SUP>
    <TD>installation directory for man pages
<TR><TD class=env>&nbsp;
    <TD class=conf>NOMAN
    <TD>make<SUP><SMALL>1</SMALL></SUP>
    <TD>unset<SUP><SMALL>3</SMALL></SUP>
    <TD>do not install man pages when set
<TR><TD class=env><A NAME="envtbl--disable-sys-inst">--disable-sys-inst</A><SUP><SMALL>3</SMALL></SUP>
    <TD>&nbsp;
    <TD>configure
    <TD>enabled
    <TD>disable system installation or chmod, chgrp, and SUID
<TR><TD class=env><A NAME="envtbl--with-uid">--with-uid=UID</A>
    <TD>&nbsp;
    <TD>configure
    <TD>root
    <TD>user name for DCC programs and data
<TR><TD class=env>&nbsp;
    <TD class=conf>DCC_SUID
    <TD>make<SUP><SMALL>1</SMALL></SUP>
    <TD><A HREF="#envtbl--with-uid">--with-uid</A>
        or current<SUP><SMALL>3</SMALL></SUP>
    <TD>set-UID for <A HREF="dccproc.html">dccproc</A>,
        <A HREF="cdcc.html">cdcc</A>,
        and <A HREF="dccsight.html">dccsight</A>.
<TR><TD class=env>&nbsp;
    <TD class=conf><A NAME="envtbl-DCC_OWN">DCC_OWN</A>
    <TD>make<SUP><SMALL>1</SMALL></SUP>
    <TD>bin, daemon on OS X, or current<SUP><SMALL>3</SMALL></SUP>
    <TD>owner of most installed files
<TR><TD class=env>&nbsp;
    <TD class=conf><A NAME="envtbl-DCC_GRP">DCC_GRP</A>
    <TD>make<SUP><SMALL>1</SMALL></SUP>
    <TD>bin, daemon on OS X, or current<SUP><SMALL>3</SMALL></SUP>
    <TD>group of most installed files
<TR><TD class=env>&nbsp;
    <TD class=conf>DCC_MODE
    <TD>make<SUP><SMALL>1</SMALL></SUP>
    <TD>555
    <TD>mode of most installed programs
<TR><TD class=env>&nbsp;
    <TD class=conf>MANOWN
    <TD>make<SUP><SMALL>1</SMALL></SUP>
    <TD><A HREF="#envtbl-DCC_OWN">DCC_OWN</A>
        or current<SUP><SMALL>3</SMALL></SUP>
    <TD>owner of installed man pages
<TR><TD class=env>&nbsp;
    <TD class=conf>MANGRP
    <TD>make<SUP><SMALL>1</SMALL></SUP>
    <TD><A HREF="#envtbl-DCC_GRP">DCC_GRP</A>
        or current<SUP><SMALL>3</SMALL></SUP>
    <TD>group of installed man pages
<TR><TD class=env><A NAME="envtbl--disable-server">--disable-server</A>
    <TD>&nbsp;
    <TD>configure
    <TD>&nbsp;
    <TD>do not build server
<TR><TD class=env><A NAME="envtbl--disable-dccifd">--disable-dccifd</A>
    <TD>&nbsp;
    <TD>configure
    <TD>&nbsp;
    <TD>do not build program interface
<TR><TD class=env><A NAME="envtbl--disable-dccm">--disable-dccm</A>
    <TD>&nbsp;
    <TD>configure
    <TD>&nbsp;
    <TD>do not build sendmail interface
<TR><TD class=env><A NAME="envtbl--with-sendmail">--with-sendmail=DIR</A>
    <TD>&nbsp;
    <TD>configure
    <TD>../sendmail or /usr/ports/mail/...
    <TD>directory containing sendmail milter header files
<TR><TD class=env><A NAME="envtbl--cgibin">--with-cgibin</A>=DIR
    <TD>&nbsp;
    <TD>configure
    <TD><A HREF="#envtbl--homedir">--homedir</A>/cgi-bin
    <TD>directory for DCC white list CGI scripts
<TR><TD class=env>--with-rundir=DIR
    <TD>&nbsp;
    <TD>configure
    <TD>/var/run/dcc
    <TD>"run" directory for PIDs and sockets
<TR><TD class=env>&nbsp;
    <TD class=conf>CFLAGS
    <TD>both<SUP><SMALL>1</SMALL></SUP>
    <TD>&nbsp;
    <TD>compiler options such as -g or -O2
<TR><TD class=env>&nbsp;
    <TD class=conf>DCC_CFLAGS
    <TD>configure<SUP><SMALL>2</SMALL></SUP>
    <TD>depends on target
    <TD>compiler options
<TR><TD class=env>&nbsp;
    <TD class=conf>PTHREAD_CFLAGS
    <TD>configure<SUP><SMALL>2</SMALL></SUP>
    <TD>depends on target
    <TD>compiler options for compiling with pthreads
<TR><TD class=env>&nbsp;
    <TD class=conf>LDFLAGS
    <TD>both<SUP><SMALL>1</SMALL></SUP>
    <TD>&nbsp;
    <TD>linker options
<TR><TD class=env>&nbsp;
    <TD class=conf><A NAME="envtbl-DCC_LDFLAGS">DCC_LDFLAGS</A>
    <TD>configure<SUP><SMALL>2</SMALL></SUP>
    <TD>depends on target
    <TD>linker options
<TR><TD class=env>&nbsp;
    <TD class=conf>PTHREAD_LDFLAGS
    <TD>configure<SUP><SMALL>2</SMALL></SUP>
    <TD>depends on target
    <TD>linker options for compiling with pthreads
<TR><TD class=env>&nbsp;
    <TD class=conf><A NAME="envtbl-LIBS">LIBS</A>
    <TD>configure<SUP><SMALL>2</SMALL></SUP>
    <TD>&nbsp;
    <TD>additional libraries to be configured in makefiles.
<TR><TD class=env>&nbsp;
    <TD class=conf>PTHREAD_LIBS
    <TD>configure<SUP><SMALL>2</SMALL></SUP>
    <TD>depends on target
    <TD>libraries for pthreads
<TR><TD class=env>&nbsp;
    <TD class=conf>CC
    <TD>both <TD>cc
    <TD>C compiler such as "gcc" or "/opt/SUNWspro/SC6.1/bin/cc"
<TR><TD class=env>&nbsp;
    <TD class=conf>INSTALL
    <TD>make<SUP><SMALL>1</SMALL></SUP>
    <TD><A HREF="autoconf/install-sh">./autoconf/install-sh</A>
    <TD>installation script
<TR><TD class=env>&nbsp;
    <TD class=conf>DCCD_MAX_FLOODS
    <TD>make<SUP><SMALL>1</SMALL></SUP>
    <TD>32
    <TD>maximum DCC server flooding peers
<TR><TD class=env><A NAME="envtbl--with-db-memory">--with-db-memory=MB</A>
    <TD>&nbsp;
    <TD>configure
    <TD>64
    <TD>minimum server database buffer size MB between 8 and 3072 MByte
<TR><TD class=env><A NAME="envtbl--with-max-db-mem">--with-max-db-mem=MB</A>
    <TD>&nbsp;
    <TD>configure
    <TD>3072
    <TD>maximum server database buffer size
<TR><TD class=env><A NAME="envtbl--with-max-log-size">--with-max-log-size=KB</A>
    <TD>&nbsp;
    <TD>configure
    <TD>32
    <TD>maximum dccifd and dccm log file size in KBytes; 0=no limit
<TR><TD class=env><A NAME="envtbl--with-bad-locks">--with-bad-locks</A>
    <TD>&nbsp;
    <TD>configure
    <TD>without
    <TD>work around broken fcntl() locking
<TR><TD class=env><A NAME="envtbl--disable-IPv6">--without-IPv6</A>
    <TD>&nbsp;
    <TD>configure
    <TD>IPV6 on if supported
    <TD>turn off IPv6 support
<TR><TD class=env><A NAME="envtbl--with-socks">--with-socks[=lib]</A>
    <TD>&nbsp;
    <TD>configure
    <TD>&nbsp;
    <TD>location of <A HREF="#SOCKS">SOCKS</A> client library
<TR><TD class=env><A NAME="envtbl--with-DCC-MD5">--with-DCC-MD5</A>
    <TD>&nbsp;
    <TD>configure
    <TD>&nbsp;
    <TD>use MD5 code in DCC source instead of any local library
<TR><TD class=env><A NAME="envtbl--with-kludge">--with-kludge=FILE</A>
    <TD>&nbsp;
    <TD>configure
    <TD>&nbsp;
    <TD>include header FILE, best with an absolute path
</TABLE>

<DL>
<DT>Note<SUP><SMALL>1</SMALL></SUP>
<DD>These values are not built into the Makefiles by the
configure script but their current values in the environment
are used by the script and the Makefiles.

<DT>Note<SUP><SMALL>2</SMALL></SUP>
<DD>These values are copied by the configure script from the
environment into the generated Makefiles.

<DT>Note<SUP><SMALL>3</SMALL></SUP>
<DD>When <A HREF="#envtbl--disable-sys-inst">--disable-sys-inst</A>
is specified, the current UID and GID become the defaults,
the man pages are not installed, and
<A HREF="dccproc.html">dccproc</A>, <A HREF="cdcc.html">cdcc</A>,
and <A HREF="dccsight.html">dccsight</A> are not installed SUID.
It is usually also necessary to set
<A HREF="#envtbl--bindir">--bindir</A> to a private directory such
as $HOME/bin.
</DL>

<H2><A NAME="Compatibility">Compatibility</A></H2>
<P>The DCC is thought to work on several systems including:
<DL class=compat>
<DT>BSDI BSD/OS
<DD>The DCC works starting with version 3.0 of BSD/OS.

<DT>FreeBSD
<DD>The works starting with at least version 4.0 of FreeBSD.

<DT>NetBSD
<DD>The DCC should  work starting with at least 1.4.2 without threads
and so with dccd, dccproc, and all of DCC except the part that uses
threads, dccm.
Dccm is available if you point PTHREAD_LIBS, PTHREAD_CFLAGS, and
PTHREAD_LDFLAGS to the optional threads package.

<DT>OpenBSD
<DD>The DCC works starting with at least 2.9 despite lame
the lame mmap() implementation.

<DT>Linux
<DD>The DCC works starting with at least RedHat 5.2.

<DT>AIX
<DD>The DCC on 4.1.PPC has been tried but not well tested.
Rumor has it that the 4.1.PPC pthreads code does not work
with the sendmail milter library and dccm, but the rest of the
DCC does work.

<DT>Solaris
<DD>The DCC compiles on several versions of Solaris with gcc or
native compilers by setting the environment variable CC appropriately.
You must use gmake or alias make to gmake.
<P>
If your system has enough RAM to hold most of the database,
adding <A HREF="dbclean.html#OPTION-F">-F</A> to DBCLEAN_ARGS in
<A HREF="homedir/dcc_conf.in">dcc_conf</A>
can make the daily use of
<A HREF="dbclean.html">dbclean</A>
twice as fast and much less of a load on the system.
<P>
While building the sendmail milter library, consider using
<EM>_FFR_USE_POLL</EM> to avoid problems with large file descriptors
and select().

<DT>HP-UX
<DD>The DCC compiles and works on versions of HP-UX starting with 11.00.
It requires gmake.
<BR>
Dccproc should work on 10.20, since it does not use pthreads.
<BR>
At least some versions have no known method for dccd to determine
the size of physical memory, and so you must use
<PRE>
        ./configure <A HREF="./#envtbl--with-db-memory">--with-db-memory</A>
        make install
</PRE>

<DT>IRIX
<DD>The DCC compiles on IRIX 6.5.
It requires gmake.

<DT>OSF1
<DD>The DCC compiles on OSF1 V5.0 with gmake.

<DT>OpenUNIX
<DD>The DCC compiles on OpenUNIX 8.0.1.

<DT>Mac OS/X
<DD>The DCC compiles on at least some versions of Apple's OS/X.

<DT>Windows
<DD>The DCC client dccproc compiles and works on at least some versions of
Windows 98 and Windows XP with Borland's free SDK
and with Microsoft's SDK.
See the <A HREF="win32.mak">main Makefile</A> for Windows.


</DL>
<P>
<SMALL>Those system names include trademarks.  Please don't abuse them.</SMALL>

<H2><A NAME="Troubleshooting">Troubleshooting</A></H2>
<P>
Much of the DCC <A HREF=FAQ.html>list of frequently asked questions</A>
concerns troubleshooting DCC installations.
Many of the messages in the archive of the
<A HREF="http://www.rhyolite.com/pipermail/dcc/">DCC mailing list</A>
are also troubleshooting questions and answers.

<H2><A NAME="spam-traps">Spam Traps</A></H2>
<P><A HREF="dccm.html">Dccm</A> and sendmail can be configured to
report the checksums of unsolicited bulk mail so that other DCC clients
can reject later copies of the same unsolicited bulk mail
sent from other sources.
Such mechanisms are commonly called <EM>spam traps</EM>.

<P>The sendmail "feature file"
<A HREF="misc/dccdnsbl.m4">misc/dccdnsbl.m4</A> used as
<CODE>FEATURE(dccdnsbl)</CODE>
causes mail from blacklisted sources to be reported as extremely bulky
to the DCC server as well as rejected.
For example, the following would both reject and report mail
from RSS entries:
<PRE>
  <CODE>FEATURE(dccdnsbl, `relays.mail-abuse.org',
   `"Mail from " $`'&{client_addr} " reject to DCC - see http://www.mail-abuse.org/rss/"')</CODE>
</PRE>

<P>Entries in a sendmail access_db can also be rejected or discarded
while they are reported to the DCC server by dccm.
The script
<A HREF="misc/hackmc">misc/hackmc</A> modifies the output of
sendmail .mc files to tell dccm about some undesirable mail.
The script accepts one or more .mc files and generates the corresponding
slightly modified .cf files.
If the access_db entry starts with the string "DCC:",
the message is reported by dccm to the DCC server as extremely bulky.
Otherwise the message is rejected as usual.
The remainder of the the access_db entry after "DCC:" consists of
the optional string "DISCARD" followed by an optional SMTP status message.
If the string "DISCARD" is present, the message is discarded instead of
rejected.  This is important to keep senders of unsolicited bulk mail from
discovering and removing "spam trap" addresses from their lists.

<P>For example, a line like the following in an access_db can
discard all mail from example.com while reporting it to the DCC server
as extremely bulky.
 Note the quotes (").
<PRE>
    example.com     DCC: "DISCARD spam"
</PRE>

<P>It is also possible to route mail from a spam trap address to
dccproc as described in the
<A HREF="dccproc.html#EXAMPLES">dccproc man page</A>


<H2><A NAME="SOCKS">SOCKS</A></H2>
<P>The DCC client and server programs can be built to use the SOCKS
protocol.
The
<A HREF="#envtbl--with-socks">--with-socks</A>
configure parameter configures the DCC client library and the DCC server
to use common SOCKS network library functions.
If the SOCKS library is in a standard place,
something like <A HREF="#envtbl--with-socks">--with-socks=socks</A>
should be sufficient.
Setting the environment variable
<A HREF="#envtbl-DCC_LDFLAGS">DCC_LDFLAGS</A> to something
like <Em>-L/usr/local/lib</Em> is sometimes helpful.
Otherwise, using <A HREF="#envtbl--with-socks">--with-socks</A>
without specifying the library name and setting <A HREF="#envtbl-LIBS">LIBS</A>
to the full pathname of the library
might work.
<P>
DCC client programs
including dccproc and dccm that use the DCC client library
must be told to use the SOCKS5 protocol with the
<A HREF="cdcc.html#OPERATION-SOCKS">SOCKS&nbsp;on</A>
operation of
<A HREF="cdcc.html">cdcc</A>.
SOCKS5 is required instead of SOCKS4
because DCC clients communicate with DCC servers using UDP.

<P>
DCC servers can use SOCKS4 or SOCKS5 when exchanging
floods of reports of checksums.
Links between individual pairs of peers are configured with the
<Em>passive</Em> and <Em>SOCKS</Em> flags in the flod file described
in the <A HREF="dccd.html#FILE-flod">dccd</A> man page.
In both cases, the SOCKS library code must be configured, often
in the files /etc/socks.conf and /etc/socksd.conf.

<P>
When the DCC software is built with SOCKS,
IPv6 name resolution is turned off.

<P>
The DCC server and client programs have been tested with the
<A HREF="http://www.inet.no/dante/">DANTE</A> library and server.
The DANTE SOCKS implementation is also one of the FreeBSD "ports"
or packages.
<P>
Note that if a connection fails repeatedly, Dante will disable the rule
that failed and will eventually try the underlying connect()
call.
This fails in almost every SOCKS environment because there is
no available route for an ordinary connect().
Dante by default won't re-enable the failing rule.
To fix this, change BADROUTE_EXPIRE from the default of <EM>0*60</EM>
to <EM>5</EM> in include/config.h in the Dante source and recompile.
<P>
The <A HREF="http://www.socks.nec.com/">NEC</A> SOCKS implementation
should be similar.


<H3>Version</H3>
<P>
This document describes DCC version 1.2.74.
</P>

</BODY>
</HTML>
<!--  LocalWords:  dccproc libmilter pthreads procmail dccm dccd dcc libmilter
 -->
<!--  LocalWords:  homedir dbclean whitelist setenv nbsp Solaris crontab Linux
 -->
<!--  LocalWords:  gmake FreeBSD NetBSD CFLAGS PTHREAD LDFLAGS LIBS HPUX IDs DT
 -->
<!--  LocalWords:  cdcc DL DD ids var RTT TD TR dccifd greylist
 -->