dbclean(8)            Distributed Checksum Clearinghouse            dbclean(8)

NNAAMMEE
     ddbbcclleeaann -- Clean Distributed Checksum Clearinghouse Database

SSYYNNOOPPSSIISS
     ddbbcclleeaann [--ddDDffFFNNRRPPSSVVqq] [--ii _i_d] [--aa [_s_e_r_v_e_r_-_a_d_d_r][_,_p_o_r_t]] [--hh _h_o_m_e_d_i_r]
             [--GG _o_n] [--ss _h_a_s_h_-_s_i_z_e] [--ee _s_e_c_o_n_d_s] [--EE _s_p_a_m_s_e_c_s]
             [--tt _t_y_p_e_,_a_l_l_s_e_c_s_,_t_h_r_e_s_h_o_l_d_,_b_u_l_k_s_e_c_s] [--LL _l_t_y_p_e_,_f_a_c_i_l_i_t_y_._l_e_v_e_l]

DDEESSCCRRIIPPTTIIOONN
     DDbbcclleeaann creates empty, rebuilds corrupted, and deletes or expires old
     reports of checksums from DCC databases.  It should be installed where it
     will be found with the path given the DCC server daemon when the daemon
     needs to expand the hash table.  See dccd(8).  It should also be run by
     cron(8) approximately daily.

     If the hash table in the database has been damaged, ddbbcclleeaann tries to
     repair the database.

     The contents of the _w_h_i_t_e_l_i_s_t file are built into the DCC server's data-
     base.  Changes to the whitelist are not effective until dbclean is run to
     expire reports.  White or blacklists can also be used by DCC clients, and
     generally work better there.

   OOPPTTIIOONNSS
     The following options are available:

     --dd   enables debugging output.  Additional --dd options increase the number
          of messages.

     --DD   indicates that dccd(8) started ddbbcclleeaann.

     --FF   uses write() instead of mmap() in some cases to modify the DCC data-
          base.  This works better on some versions of Solaris provided the
          entire DCC database fits in RAM and provided the file system has not
          been tuned for the large, random accesses of a DCC database.  It is
          the default on Solaris.

     --ff   turns off --FF.

     --NN   creates a new, empty database.  There must not be an existing data-
          base and the DCC server, dccd(8), must not be running.

     --RR   repairs a database.

     --PP   expires old checksums from a database using the --ee, --EE, and --tt val-
          ues from the preceding use of ddbbcclleeaann.  --PP cannot be used with --ee,
          --EE, or --tt.  Note also that using --PP differs from not using --ee, --EE or
          --tt, because in the absence of all four, their default values are
          used.

     --SS   says that the DCC server, dccd(8), is not running and so ddbbcclleeaann
          should run stand-alone and not try to tell the DCC server about
          changes to the database.  --ii is not needed when --SS is present.

     --VV   displays the version of the DCC database cleaner.

     --qq   quiets the announcement of results at the end.

     --ii _i_d
          specifies the DCC ID recognized by the local DCC server as its own.
          This ID allows the DCC server to recognize commands from ddbbcclleeaann to
          stop using the database while it is being cleaned.

     --aa [_s_e_r_v_e_r_-_a_d_d_r][_,_p_o_r_t]
          is commonly used to specify a UDP port or IP address of the local
          server other than the default.

     --hh _h_o_m_e_d_i_r
          overrides the default DCC home directory, which is often /var/dcc.

     --GG _o_n
          cleans a greylist database.

     --ss _h_a_s_h_-_s_i_z_e
          specifies a size for the hash table.  By default the hash table is
          rebuilt to be approximately 80% full based on an estimate of the
          number of distinct checksums in the main file.

     --ee _s_e_c_o_n_d_s
          specifies that reports older than _s_e_c_o_n_d_s and with totals below
          their --tt thresholds should be deleted.  Reports older than _s_e_c_o_n_d_s
          of checksums that have been reported more recently are summarized in
          the database.  The default value is 1DAY or the value of --EE, which-
          ever is smaller.  The 1 day default is reduced if the system does
          not appear to have enough RAM to hold the database.  The minimum is
          1 hour.  _S_e_c_o_n_d_s can also be _N_E_V_E_R or a number of hours, days, or
          weeks followed by _H_O_U_R_S, _H, _D_A_Y_S, _D, _W_E_E_K_S or _W.

          The --ee thresholds for both DCC Reputation counts must be the same.
          Their default values of 1DAY is not affected by the size of the sys-
          tem's RAM.

          DCC servers that are not very busy and are isolated or do not
          receive "floods" of checksums from busy servers should use longer
          values to increase their chances of recognizing bulk mail.

     --EE _s_p_a_m_s_e_c_s
          changes the expiration of checksums exceding --tt thresholds from the
          default of 30DAYS or the explicit value of --ee, whichever is larger.
          The default is reduced if the system does not have enough RAM to
          hold the database.  _S_p_a_m_s_e_c_s can also be _N_E_V_E_R or a number of hours,
          days, or weeks followed by _H_O_U_R_S, _H, _D_A_Y_S, _D, _W_E_E_K_S or _W.

     --tt _t_y_p_e_,_a_l_l_s_e_c_s[_,_t_h_r_e_s_h_o_l_d_,_b_u_l_k_s_e_c_s]
          overrides the global --ee setting and specifies that reports of check-
          sums of _t_y_p_e with total counts of at least _t_h_r_e_s_h_o_l_d should be kept
          for _b_u_l_k_s_e_c_s seconds.  All reports should be kept for the shorter
          duration, _a_l_l_s_e_c_s seconds.  The threshold is either a number or the
          string _M_A_N_Y indicating millions of targets.  By default ddbbcclleeaann acts
          as if given --tt _F_u_z_1_,_s_e_c_o_n_d_s_,_1_0_,_s_p_a_m_s_e_c_s --tt _F_u_z_2_,_s_e_c_o_n_d_s_,_1_0_,_s_p_a_m_s_e_c_s,
          where _s_e_c_o_n_d_s is the value for --ee and _s_p_a_m_s_e_c_s is the value for --EE.
          All other checksum types act by default as if --tt _t_y_p_e_,_s_e_c_o_n_d_s were
          specified.  _A_l_l_s_e_c_s and _b_u_l_k_s_e_c_s can also be _N_E_V_E_R or a number of
          hours, days, or weeks followed by _H_O_U_R_S, _H, _D_A_Y_S, _D, _W_E_E_K_S or _W.

          _T_h_r_e_s_h_o_l_d for both DCC Reputation counts is fixed at the equivalent
          of 1%.

     --LL _l_t_y_p_e_,_f_a_c_i_l_i_t_y_._l_e_v_e_l
          specifies how messages should be logged.  _L_t_y_p_e must be _e_r_r_o_r or
          _i_n_f_o to indicate which of the two types of messages are being con-
          trolled.  _L_e_v_e_l must be a syslog(3) level among _E_M_E_R_G, _A_L_E_R_T,
          _C_R_I_T, _E_R_R, _W_A_R_N_I_N_G, _N_O_T_I_C_E, _I_N_F_O, and _D_E_B_U_G.  _F_a_c_i_l_i_t_y must be among
          _A_U_T_H, _A_U_T_H_P_R_I_V, _C_R_O_N, _D_A_E_M_O_N, _F_T_P, _K_E_R_N, _L_P_R, _M_A_I_L, _N_E_W_S, _U_S_E_R,
          _U_U_C_P, and _L_O_C_A_L_0 through _L_O_C_A_L_7.  The default is equivalent to

                -L info,MAIL.NOTICE -L error,MAIL.ERR

     ddbbcclleeaann exits 0 on success, and > 0 if an error occurs.

FFIILLEESS
     /var/dcc      is the DCC home directory containing data and control
                   files.
     dcc_db        is the main file containing mail checksums.
     dcc_db.hash   mail checksum database hash table.
     grey_db       is the database of greylist checksums.
     grey_db.hash  is the greylist database hash table.
     dcc_db-new, dcc_db-new.hash, grey_db-new, grey_db-new.hash
                   new database and hash files until they are renamed.
     dcc_db-old, grey_db-old
                   previous database files.
     ids           list of IDs and passwords, as described in dccd(8).
     whitelist     contains the DCC server whitelist in the format described
                   in dcc(8).
     grey_whitelist
                   contains the greylist server whitelist.

SSEEEE AALLSSOO
     cdcc(8), cron(8), dcc(8), dccd(8), dblist(8), dccifd(8), dccm(8),
     dccproc(8).

HHIISSTTOORRYY
     Implementation of ddbbcclleeaann was started at Rhyolite Software, in 2000.
     This describes version 1.3.50.

                               February 5, 2007