The DCC or Distributed Checksum Clearinghouse is an anti-spam checksum network. This is an optional module for Spamassassin, that can further increase the effectiveness of filtering junk-email from user mailboxes.

When @Mail is configured as the mail-server DCC can be installed via Spamassassin to add another layer of Spam filtering. The DCC network, as of mid-2006, it involves millions of users, tens of thousands of clients and more than 250 servers collecting and counting checksums related to more than 300 million mail messages on week days.

To configure DCC support under Spamassassin follow the guide below:

Step1: Downloading and installing DCC

First download the DCC package:

# wget 'http://www.rhyolite.com/anti-spam/dcc/source/dcc.tar.Z'

Note: Visit the DCC homepage at: http://www.rhyolite.com/anti-spam/dcc/ for the latest version.

# tar xfvz dcc.tar.Z
# cd dcc-1.3.38 ; ./configure ; make install

This will install the complete DCC package on your system, based from the C source.

Step2: Testing the DCC network responds

The DCC framework uses UDP packets to contact the list of public DCC servers - http://www.rhyolite.com/anti-spam/dcc/#public-servers for details.

DCC traffic is like DNS traffic. Allow outgoing packets to distant UDP port 6277 and incoming packets from distant UDP port 6277. These ports must be open for the DCC module to function correctly.

For example, if running Linux iptables add the following rule to /etc/sysconfig/iptables

# DCC for Spamassassin UDP reply packets
-A RH-Firewall-1-INPUT -p udp -m udp --dport 1024:65535 --sport 6277 -j ACCEPT

Save the changes and restart iptables.

# service iptables restart

If running a dedicated firewall appliance or ipfw under BSD, configure incoming UDP packets on port 6277 to the @Mail server.

Next, check the DCC network is responding

# cdcc info

This should return at least some records as 100%, if so you have configured the firewall successfully. Otherwise check your firewall rules and try again.

Step3: Tweaking the Spamassassin configure file

The next step is to configure Spamassassin to recognize the new DCC library.

Edit /usr/local/atmail/spamassassin/etc/local.cf

Append:

loadplugin Mail::SpamAssassin::Plugin::DCC
dcc_path /usr/local/bin/dccproc

Check the pathname to your dccproc by using:

# whereis dccproc

Or

# locate dccproc

This is the binary Spamassassin uses to communicate to the DCC network.

Note: When using the @Mail Webadmin > Filters > Spam-settings the local.cf will be re-written, so this value will have to be reset ( DCC will be included by default in a future @Mail version )

Once complete, restart the @Mail services to recognize the new configuration:

# /etc/init.d/atmailserver restart

Or use this for Redhat/fedora

# service atmailserver restart

Step4: Test DCC is working via Spamassassin

First you can download a common spam message that will trigger DCC detection at:

# wget 'http://kb.atmail.com/attach/spam-mail.txt'

Next, test a message via Spamassassin in debug mode for the results

# /usr/local/atmail/spamassassin/bin/spamassassin -t -D < spam-mail.txt

This will print verbose debugging info while scanning the email via Spamassassin.

On a successful DCC installation you will see the following returned:

dbg: plugin: loading Mail::SpamAssassin::Plugin::DCC from @INC
dbg: dcc: network tests on, registering DCC

If the message is detected on the DCC network Spamassassin will return:

 1.4 DCC_CHECK              Listed in DCC (http://rhyolite.com/anti-spam/dcc/)

Once complete, DCC will further protect user mailboxes from Spam messages