Insecure dependency in open while running with -T switch at
/usr/lib/perl/5.10/IO/File.pm and headerless quarantineing
Gabor FUNK
FUNK.Gabor at hunetkft.hu
Sat Nov 21 17:48:52 GMT 2009
Hi all,
I have two recent problems with MS (currently at 4.78.17-1 but was trying
different ones, last known good was 4.68.8-1, though for problem 2) the
change in /usr/lib/perl/5.10/IO/File.pm seems to be the triggering cause in
any MS version)
1) previously [v4.68.8-1] the
Quarantine Whole Messages As Queue Files = no
worked as intended, but now with 4.78.17-1 it saves
the body ONLY, without the headers.
2) messages with zip, doc and other attachments got into the quarantine,
mail.log said something like that:
2009-11-10 21:05:14 ns1 MailScanner[21038]:
Making attempt 2 at processing message 1N7wta-0005Be-OV
2009-11-10 21:09:09 ns1 MailScanner[21419]:
Making attempt 3 at processing message 1N7wta-0005Be-OV
2009-11-10 21:12:28 ns1 MailScanner[5011]:
Making attempt 4 at processing message 1N7wta-0005Be-OV
2009-11-10 21:25:41 ns1 MailScanner[26105]:
Making attempt 5 at processing message 1N7wta-0005Be-OV
2009-11-10 21:37:55 ns1 MailScanner[15173]:
Making attempt 6 at processing message 1N7wta-0005Be-OV
2009-11-10 21:38:13 ns1 MailScanner[15275]:
Warning: skipping message 1N7wta-0005Be-OV as it has been attempted
too many times
2009-11-10 21:38:13 ns1 MailScanner[15275]:
Quarantined message 1N7wta-0005Be-OV as it caused MailScanner to
crash several times
2009-11-10 21:38:13 ns1 MailScanner[15275]:
Saved entire message to
/var/spool/MailScanner/quarantine/20091110/1N7wta-0005Be-OV
Since the "caused MailScanner to crash several times" didn't give any hint
what and where were the crash, I played with tnef and other settings with
no useful results.
Then, after setting
Maximum Archive Depth = %rules-dir%/max.arch.depth
to
Maximum Archive Depth = 0
and copy files back to incoming queue, the mail "passed through":
2009-11-10 22:02:55 ns1 MailScanner[23964]: Filename Checks:
Allowing 1N7wta-0005Be-OV msg-23964-1.txt (no rule matched)
2009-11-10 22:02:55 ns1 MailScanner[23964]: Filename Checks:
Allowing 1N7wta-0005Be-OV 2009-11-10_21-00-54_report.zip (no rule
matched)
a "MailScanner --debug --id=1N7wta-0005Be-OV" result's is:
"
In Debugging mode, not forking...
Trying to setlogsock(unix)
Building a message batch to scan...
Have a batch of 1 message.
Insecure dependency in open while running with -T switch at
/usr/lib/perl/5.10/IO/File.pm line 63.
"
Googling for it gave me:
http://episteme.arstechnica.com/eve/forums/a/tpc/f/96509133/m/966003098931
then
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=529358
There is a suggested fix at the end of the bugreport (msg 30)
Anybody else experiencing any or both of the above problems?
Regards,
Gabor
More information about the MailScanner
mailing list