Joshua, > > > Just observed amavisd-new collapsing under the memory pressure of > > > decoding a 2500+ nested MIME mail (sitting in the middle of two > > > retarded faulty MTAs). > http://www.koshua.org/offending-email.txt.gz
David F. Skoll writes: > Yes, that will certainly cause problems with MIME::Tools. Our long-term > goal here at Roaring Penguin is to rewrite MIME::Tools, but that's a lot of > work and we're progressing slowly. > In the meantime, you can use $parser->max_parts(some_reasonable_limit) > to abort on deeply-nested MIME messages (and probably reject them.) Thanks for the sample, and to David for a proposed solution and response! Here is a patch to amavisd-new-2.4.3 that handles such degenerate cases more gracefully. It still takes a minute or two to trigger the limit (1500 files is a default limit), but at least processing then proceeds normally. --- amavisd~ Mon Oct 2 02:05:20 2006 +++ amavisd Mon Oct 9 20:53:35 2006 @@ -5188,5 +5188,5 @@ my($entity) = shift; my($first_received); - if (defined($entity)) { + if ($entity) { my($fields) = parse_received($entity->head->get('received', -1)); if (exists $fields->{'from'}) { @@ -5214,5 +5214,5 @@ ::/0)) ) if [EMAIL PROTECTED]; # rfc3330, rfc3513 my($first_received_from_ip); - if (defined($entity)) { + if ($entity) { my(@received) = reverse $entity->head->get_all('received'); $#received = 5 if $#received > 5; # first six, chronologically @@ -5756,5 +5756,5 @@ BEGIN { - import Amavis::Conf qw(:platform c cr ca); + import Amavis::Conf qw(:platform c cr ca $MAXFILES); import Amavis::Timing qw(section_time); import Amavis::Util qw(snmp_count ll do_log); @@ -5883,4 +5883,5 @@ $parser->extract_nested_messages("NEST"); # parse embedded message/rfc822 $parser->extract_uuencode(1); # to enable or not to enable ??? + $parser->max_parts($MAXFILES) if $MAXFILES > 0; my($entity); snmp_count('OpsDecByMimeParser'); @@ -5901,6 +5902,10 @@ $mime_err = substr($mime_err,0,250) . '...' if length($mime_err) > 250; do_log(1, "WARN: MIME::Parser %s", $mime_err) if $mime_err ne ''; + } elsif (!defined($entity)) { + $mime_err = "Unable to parse, perhaps message contains too many parts"; + do_log(1, "WARN: MIME::Parser %s", $mime_err); + $entity = ''; } - mime_traverse($entity, $tempdir, $parent_obj, 0, '1'); + mime_traverse($entity, $tempdir, $parent_obj, 0, '1') if $entity; section_time('mime_decode'); ($entity, $mime_err); @@ -11744,5 +11749,5 @@ $field_body = $msginfo->orig_header_fields->{lc($field_name)}; # quick $field_body = $msginfo->mime_entity->head->get($field_name,0) # slower - if !defined($field_body); + if !defined($field_body) && $msginfo->mime_entity; if (!defined($field_body)) { # such header field does not exist, do nothing Mark ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys -- and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/