[Amavisd-new-debian-devel] Fwd: Bug in amavisd-new.
Henrique de Moraes Holschuh
hmh at debian.org
Sun May 23 05:45:32 UTC 2010
> Postfix (25) is accepting the mail. �It then tries to deliver it to amavis,
> and it 'thinks' it is successful, so postfix removes it from the queue.
> Amavis actually had a problem, but instead of returning an error code to
> postfix, it inadvertantly returned a success code. �Here are the applicable
...
> log entries:
> May �7 14:54:18 av1 amavis[24167]: (24167-11-2) Negative SMTP resp to
> DATA: 250 Ok
> May �7 14:54:18 av1 amavis[24167]: (24167-11-2) Message-ID:
> <4BE40D65.3050609 at ac-lille.fr>, mail_id: w6Qb5UwLrm7G, Hits: -2.599,
> size: 2671, queued_as: 250 2.1.0 Ok/250 2.1.5 Ok, 5811 ms
>
> I don't know why my bug report doesn't appear in your bug reporting interface.
>
> And when i apply the patch found on this link :
> http://marc.info/?l=amavis-user&m=122055191316224
>
> All works fine.
Ok, so it is a silent dataloss bug, but quite rare (because it happens only
on sites with an extremely broken and stupid backscatter-generating
configuration that goes against every postfix and amavisd-new out there).
Also, the data lost is actually the information that the email was NOT going
to be delivered (i.e. the bounce), since it is the rejection in the
after-filter injection path that triggers the bug.
And it is supposed to be fixed in testing and sid, but stable is probably
vulnerable.
Should we bother with an upload to proposed-updates?
--
"One disk to rule them all, One disk to find them. One disk to bring
them all and in the darkness grind them. In the Land of Redmond
where the shadows lie." -- The Silicon Valley Tarot
Henrique Holschuh
More information about the Amavisd-new-debian-devel
mailing list