MS/perl segfaults

Julian Field MailScanner at ecs.soton.ac.uk
Sat Jan 17 20:15:38 GMT 2009



On 17/1/09 15:14, shuttlebox wrote:
> On Sat, Jan 17, 2009 at 3:03 PM, Julian Field
> <MailScanner at ecs.soton.ac.uk>  wrote:
>    
>> Re-visiting this issue.
>> Is it still a problem?
>> Is it worth attempting to solve?
>>
>> In the following descriptions, all timings would be configurable. It's just
>> easier to think about the problem with real numbers in there.
>>
>> When we scan the queue to build a batch, we look for unlocked messages as
>> normal. When we find an unlocked message, we look to see if it is in the
>> database table and was first scanned less than 20 minutes ago.
>> If it was first scanned 20 minutes ago, we ignore it in case it was a
>> one-off failure, or a failure caused by other messages in the same batch.
>> If it was first scanned 20-40 minutes ago, we scan it in a batch of 1
>> message, on its own.
>> If it was first scanned more than 40 minutes ago, we ignore it completely
>> and log the event as a scanner failure. Or we could mark it as infected
>> instead? What are your thoughts here? A DoS attack attempt would be a
>> reasonable conclusion.
>>
>> I need to catch every time a message leaves the batch and remove it from the
>> database table, that's my problem.
>> Also, I need to find all the race conditions when checking the database
>> about the message, but that's also my problem.
>>
>> What do you think of the approach above?
>>      
>
> Do we need a database? Couldn't you just stat the queue files to see
> how old they are and get the same result?
>
> To me, the queue dir is like a database, and the queue files are like
> records in the database. You have to put timestamps into the database
> but the files already have that. There's no records to remove when the
> message has been delivered because the files will be gone.
>
> If I'm not missing something it seems unnecessarily complex with a database..?
>    
Good idea, but what happens when older queue files are put in the queue? 
Such as when you suspend MailScanner but leave the incoming sendmail 
working when working on MailScanner but want to leave incoming sendmail 
working?
You need a timestamp that is touched by MailScanner but not by the 
message being written into the queue. Can't use the last-accessed 
timestamp as that will be touched by MailScanner reading it anyway.

And the timestamp we use needs to be implementable regardless of the MTA 
in use. Is the last-modified timestamp used by any of them? We also need 
to be able to tell if it hasn't been touched yet, maybe 
last-modified==created ? Again, does this work in every MTA?

I entirely agree it would be a very neat solution, but only if we can 
make it work in all MTAs.

Jules

-- 
Julian Field MEng CITP CEng
www.MailScanner.info
Buy the MailScanner book at www.MailScanner.info/store

MailScanner customisation, or any advanced system administration help?
Contact me at Jules at Jules.FM

PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
PGP public key: http://www.jules.fm/julesfm.asc


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.



More information about the MailScanner mailing list