New Year's Resolution and new beta release
David Lee
t.d.lee at durham.ac.uk
Fri Jan 5 13:00:56 CET 2007
On Fri, 5 Jan 2007, Julian Field wrote:
> David Lee wrote:
> > [...]
> > Could you check, please, the report from November:
> > http://lists.mailscanner.info/pipermail/mailscanner/2006-November/067706.html
> >
> > which is part of thread:
> > http://lists.mailscanner.info/pipermail/mailscanner/2006-November/067415.html
> >
> > This is (presumably) rare for others, but it has been, and still is, real
> > for us. That is, it falls into the "occurs in real experience" category.
> > (I'm surviving by using a suboptimal fudge around the problem.)
> >
> >
> > Brief summary: "MailScanner/SA.pm" does a fork()/exec() to SpamAssassin.
> > If, for some reason, that SA crashes then the parent (MS) process seems
> > not to detect this, and treats it as a good, 'ham' result. (I give
> > possible suggestions in that November email.)
> >
> And therefore it is failing 'safe'. Why wouldn't you want it to fail
> safe? Failure resulting in message delivery sounds a whole lot better
> than failure resulting in message disposal.
That's envisioning it just as a two-state success/fail. The summary from
the end of the 17/11/06 email was:
-----------------------------------------------
MS BUG: If MS's call to SA fails (e.g. crash/segfault), MS is unable to
distinguish this from a successful return.
RESOLUTION: The code immediately following the "eval {}" ought to check
the return (e.g "$PipeReturn") to detect SA/child failures. Such failures
may reasonably be expected to be rare, but should nevertheless be handled,
perhaps by leaving the email where it is, and doing a high-priority (e.g.
"error") syslog message.
NOTE: Might the SA/child itself need an enclosing "eval {}"?
-----------------------------------------------
That is, at the least giving a syslog message, and if possible allowing
processing to be deferred (which, OK, would leave to a buildup in the
inbound queue). Or, in that "state" model, a (hopefully!) rare third
state of "deferred" with an associated "ring syslog alarm bells".
Does that seem OK?
--
: David Lee I.T. Service :
: Senior Systems Programmer Computer Centre :
: Durham University :
: http://www.dur.ac.uk/t.d.lee/ South Road :
: Durham DH1 3LE :
: Phone: +44 191 334 2752 U.K. :
More information about the MailScanner
mailing list