DCC

• DCC is not installed by default because it is not open source but is still hightly recommended. See the DCC license for more details.
• DCC requires that port 6277 UDP OUT be opened if you are using a firewall.
• DCC detects if a message is bulk mail only. It does not determine if the message itself is spam.

The DCC or Distributed Checksum Clearinghouse is a system of servers collecting and counting checksums of millions of mail messages. The counts can be used by SpamAssassin to detect and reject or filter spam. Because simplistic checksums of spam can be easily defeated, the main DCC checksums are fuzzy and ignore aspects of messages. The fuzzy checksums are changed as spam evolves.

Install from source

// RHEL / Centos
yum install gcc make

// Debian / Ubuntu
apt-get install gcc make

wget https://www.dcc-servers.net/dcc/source/dcc.tar.Z
tar xzvf dcc.tar.Z
cd dcc-*
./configure --disable-dccm --bindir=/usr/bin --libexecdir=/usr/libexec/dcc --homedir=/var/lib/dcc -with-uid=popuser
make
make install

// Apply selinux security labels to new files
restorecon -Rv /usr/bin/cdcc
restorecon -Rv /usr/bin/dcc*
restorecon -Rv /var/lib/dcc/
restorecon -Rv /usr/libexec/dcc/

Test DCC

cdcc info

Enable the DCC Spamassassin plugin

Login to Plesk and go to Warden Anti-spam and Virus Protection -> Settings -> Plugin Settings -> Check DCC then save and press the restart button.

Tests

Area Test name Description Default scores
full DCC_CHECK Listed in DCC (https://rhyolite.com/dcc/) 0 1.1 0 1.1
full DCC_REPUT_00_12 DCC reputation between 0 and 12 % (mostly ham) 0 -0.8 0 -0.4
full DCC_REPUT_13_19 DCC reputation between 13 and 19 % 0 -0.1 0 -0.1
full DCC_REPUT_70_89 DCC reputation between 70 and 89 % 0 0.1 0 0.1
full DCC_REPUT_90_94 DCC reputation between 90 and 94 % 0 0.4 0 0.6
full DCC_REPUT_95_98 DCC reputation between 95 and 98 % (mostly spam) 0 0.7 0 1.0
full DCC_REPUT_99_100 DCC reputation between 99 % or higher (spam) 0 1.2 0 1.4

Related Pages