Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 21 Jan 2009 18:24:14 GMT
From:      Michael Scheidell <scheidell@secnap.net>
To:        freebsd-gnats-submit@FreeBSD.org
Subject:   ports/130835: fix BIG backscatter problem in amavisd-new
Message-ID:  <200901211824.n0LIOEoe080950@www.freebsd.org>
Resent-Message-ID: <200901211830.n0LIU7Rr079137@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help 

>Number:         130835
>Category:       ports
>Synopsis:       fix BIG backscatter problem in amavisd-new
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Wed Jan 21 18:30:06 UTC 2009
>Closed-Date:
>Last-Modified:
>Originator:     Michael Scheidell
>Release:        all
>Organization:
SECNAP Network Security
>Environment:
all
>Description:
I think its serious!
Without this patch, all email looks like a legitimate bounce, and using the (default from amavisd.conf-dist) bounce_killer_score setting of 100, all bounces will bypass spamassassin scoring and be let it if using sql logging.

It a one line patch, so should be easy to verify.

Also, removed (obsolete) dependency on io-stringy.


>How-To-Repeat:
use sql logging, 
you will see that all msgs.message_id values == 1.
you will also see the bounce_killer_score in amavisd.conf is 100.

you will notice log entries with scores 'Hits: -,' and users complaining about backscatter.

This patch (from amavisd-new author) fixes this.

documentation:

http://www.usenet-forums.com/amavis-user/409614-re-amavis-user-bouncekiller-documentation-vs-config-files.html
>Fix:
diff -bBru /var/tmp/amavisd262/ ./
diff -bBru /var/tmp/amavisd262/Makefile ./Makefile
--- /var/tmp/amavisd262/Makefile        2008-12-25 21:29:00.000000000 -0500
+++ ./Makefile  2009-01-21 13:14:10.000000000 -0500
@@ -8,6 +8,7 @@
 
 PORTNAME=      amavisd-new
 PORTVERSION=   2.6.2
+PORTREVISION=  1
 PORTEPOCH=     1
 CATEGORIES=    security
 MASTER_SITES=  http://www.ijs.si/software/amavisd/ \
@@ -26,7 +27,6 @@
                ${SITE_PERL}/Archive/Zip.pm:${PORTSDIR}/archivers/p5-Archive-Zip \
                ${SITE_PERL}/${PERL_ARCH}/Digest/MD5.pm:${PORTSDIR}/security/p5-Digest-MD5 \
                ${SITE_PERL}/${PERL_ARCH}/Time/HiRes.pm:${PORTSDIR}/devel/p5-Time-HiRes \
-               ${SITE_PERL}/IO/Wrap.pm:${PORTSDIR}/devel/p5-IO-stringy \
                ${SITE_PERL}/IO/Socket/INET6.pm:${PORTSDIR}/net/p5-IO-INET6 \
                p5-Net-Server>=0.93:${PORTSDIR}/net/p5-Net-Server \
                p5-Mail-DKIM>=0.31:${PORTSDIR}/mail/p5-Mail-DKIM
diff -bBru /var/tmp/amavisd262/files/patch-amavisd ./files/patch-amavisd
--- /var/tmp/amavisd262/files/patch-amavisd     2009-01-21 13:23:45.000000000 -0500
+++ ./files/patch-amavisd       2009-01-21 13:17:23.000000000 -0500
@@ -0,0 +1,10 @@
+--- amavisd.orig       2008-12-15 01:50:09.000000000 +0100
++++ amavisd    2009-01-20 22:31:46.000000000 +0100
+@@ -19179,5 +19179,5 @@
+       }
+       my($m_id) = $msginfo->get_header_field_body('message-id');
+-      $m_id = parse_message_id($m_id) if $m_id ne ''; # strip CFWS, take #1
++      $m_id = join(' ',parse_message_id($m_id))  if $m_id ne '';  # strip CFWS
+       my($subj) = $msginfo->get_header_field_body('subject');
+       my($from) = $msginfo->get_header_field_body('from');  # raw full field
+


>Release-Note:
>Audit-Trail:
>Unformatted:

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200901211824.n0LIOEoe080950>