[Raw Msg Headers][Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: smtp-policy.src syntax caveat

On Fri, Aug 22, 2003 at 01:41:58PM -0300, Mariano Absatz wrote:
> Hi,
> this morning I had a nasty surprise which was probably due to my own 
> stupidity... however, less stupid people might as well be advised...
> The syntax of the smtp-policy.src file, requires that every tag defined have 
> some content... even if the content is merely a blank comment.

That hasn't, exactly, been my intention, as the dblookup and
interpreter doesn't much care about the data, the trouble must
be in  makedb  tool.

Ah, right.  Drops core, and the wrapper does only yield exit-code,
but does not tell anything to the user, who in good UNIX tradition
has right to presume that something will be reported in such case.
Anyway, the crash caused the partially built database temp file
not to be taken into use.

Fixed code does complain about it, but don't _silently_ crash..
Further text and comments after this small diff:

Index: utils/policy-builder.sh.in
RCS file: /home/mea/src/CVSROOT/zmailer/utils/policy-builder.sh.in,v
retrieving revision 1.24
retrieving revision 1.25
diff -u -r1.24 -r1.25
--- utils/policy-builder.sh.in  5 May 2003 12:30:10 -0000       1.24
+++ utils/policy-builder.sh.in  22 Aug 2003 20:14:46 -0000      1.25
@@ -183,7 +183,14 @@
 # has same key repeating, append latter data instances to the first
 # one (-A):
-$MAILBIN/makedb -A -p $DBTYPE smtp-policy-new smtp-policy.dat || exit $?
+if $MAILBIN/makedb -A -p $DBTYPE smtp-policy-new smtp-policy.dat
+  :
+  rc=$?
+  echo "smtp-policy control database makedb failure rc= $rc"
+  exit $rc
 case $DBTYPE in

> That is, if, for instance, "_rbl0" is used in the right hand side of a policy 
> definition somewhere, then, the definition for "_rbl0" MUST NOT be blank, 
> that is, a line like this:
> _rbl0
> is invalid and will bring you headaches (see below).
> If you don't want any rbl to be checked (and don't want to edit every rule 
> that includes the _rbl0 tag on the right hand side, edit the _rbl0 tag 
> definition like this:
> _rbl0  #
> or, better yet:
> _rbl0  # if you erase this comment, you'll regret it :-)
> For the (not so) funny details: this morning I noticed that external 
> connections to our server were established, but the 220 banner wasn't being 
> issued (at least not in a reasonable time). Connections from our private 
> network were working just fine.
> Checking the logs I saw a lot of protocol timeouts (20 minutes), and saw the 
> rbl checks. As I know that many RBL's (especially osirusoft) are suffering 
> DoS attacks, I (correctly) supposed the delays had to do with that, so I 
> decided that I'd eliminate RBL checking altogether.
> I edited smtp-policy.src and modified the line that read
> _rbl0  rcpt-dns-rbl    relays.osirusoft.com
> with plain
> _rbl0
> (now I gues I should have put "_rbl0  rcpt-dns-rbl").
> I run policy-builder.sh, but the DNS checks kept appearing in the logs... I 
> restarted smtpserver to no avail.

Yes, because crashing  makedb  prevented new policy database from
being taken into use.

> Later I noticed that smtp-policy.db was older than smtp-policy.dat and that I 
> had a newer smtp-policy-new.db...

The temp file, which was probably incomplete.

> I stupidly copied smtp-policy-new.db over smtp-policy.db and the RBL checks 
> (and the timeouts) disappeared altogether...

I have to agree with you at that..

> Further investigating what had happened, I noted that in fact, the "makedb" 
> near the end of policy-builder.sh hung, dumping core... my old RedHat 6.1 box 
> shell didn't inform that (testing on newer RH7.x did scream to stderr that a 
> command inside the shell script dumped core).

Right, most shells are silent.

> I couldn't understand exactly what happened... running strace didn't help me 
> much... but at that moment I noticed that the smtp-policy-new.db that I had 
> manually put in production was probably corrupted... I could confirm that 
> when I was able to manually send a message from an outside IP to a non-
> configured domain thru my server... I had created an open relay in my own 
> server for about half an hour!!!!!!
> At that same time I was making tests on a non-production server and noticed 
> that the comment trick was working OK, so I added the comment, re-built the 
> policy database and everything went fine...

Ok, fine.

> Post analysis showed that the server was not abused (not even teased) during 
> that time.

Sometimes you get away with it, sometimes you don't..

> Anyway, it might be good to add a comment in the smtp-policy.src file
> (maybe at the top, when explaining the syntax) like:
> #| Don't be stupid as Mariano and _do_ put something on the right hand
> #| side when defining a _tag
> Regards.
> --
> Mariano Absatz
> El Baby
/Matti Aarnio	<mea@nic.funet.fi>
To unsubscribe from this list: send the line "unsubscribe zmailer" in
the body of a message to majordomo@nic.funet.fi