> On 07 Apr 2016, at 07:54, Michiel van Es <m...@pragmasec.nl> wrote: >> On 07 Apr 2016, at 01:19, Joerg Jung <m...@umaxx.net> wrote: >> >> Nope, but you can try adding some more debug >> logs in the filter source.
I fear we need to take this route now, I hope you are ready ;) >> What asr version have you installed? Recent one? >> >> You can also do a tcpdump please, to see what >> exactly goes over the wire (and comes back)? >> >> Also please temporarily disable all other filters, to >> rule-out chain problems. > > I installed libasr, opensmtpd and OpenSMTPD-Extras from github to ensure the > latest version. > > I use the following config to only use dnsbl: > > filter dnsbl dnsbl "-h" "psbl.surriel.com" > filter filter-clamav clamav > filter all chain dnsbl > filter sub chain filter-clamav > pki server.pragmasec.nl key > "/etc/letsencrypt/archive/server.pragmasec.nl/privkey1.pem" > pki server.pragmasec.nl certificate > "/etc/letsencrypt/archive/server.pragmasec.nl/fullchain1.pem" > listen on lo > listen on ens3 port 25 filter all hostname server.pragmasec.nl tls pki > server.pragmasec.nl > listen on ens3 port 587 filter sub hostname server.pragmasec.nl tls-require > pki server.pragmasec.nl auth mask-source > expire 7d > table vdomains "/usr/local/etc/vdomains" > table vusers "/usr/local/etc/vusers" > accept from any for domain <vdomains> virtual <vusers> deliver to mda > "/usr/lib/dovecot/dovecot-lda -f %{sender} -a %{rcpt}" > accept from local for any relay > > tcpdump of any traffic to psbl.surriel.org: (this seems useless as the > traffic is only dns and goes to the forwarders via my dnsmasq local cache) > tcpdump -i any | grep ’74.92.59.67' > > *nothing* > > the error with strace and running with smtpd -d -v -T filter: > > epoll_wait(3, debug: smtp: new client on listener: 0x79d0c0 > smtp-in: New session 71768b23cba98cf7 from host pro-mail-smtp-001.bol.com > [185.14.168.222] > filter: post-event event=EVENT_CONNECT filter=dnsbl > filter: new query QUERY_CONNECT > filter: filter_drain_query 71768b247df9084f[QUERY_CONNECT=178.21.114.197 <-> > 185.14.168.222(pro-mail-smtp-001.bol.com),filter_session@0x795bc0[datalen=0,eom=(nil),ofile=(nil)]] > filter: running filter filter:dnsbl[hooks=0xffffffff,flags=0x0000] for query > 71768b247df9084f[QUERY_CONNECT=178.21.114.197 <-> > 185.14.168.222(pro-mail-smtp-001.bol.com),filter_session@0x795bc0[datalen=0,eom=(nil),ofile=(nil)]] > filter: waiting for running query > 71768b247df9084f[QUERY_CONNECT=178.21.114.197 <-> > 185.14.168.222(pro-mail-smtp-001.bol.com),filter_session@0x795bc0[datalen=0,eom=(nil),ofile=(nil)]] > dnsbl[22353]: debug: on_connect: checking 222.168.14.185.psbl.surriel.com. > dnsbl[22353]: warn: session 71768b23cba98cf7: event_dispatch: REJECT address > filter: imsg IMSG_FILTER_RESPONSE from procfilter > dnsbl[hooks=0xffffffff,flags=0x0000] > filter: filter_drain_query 71768b247df9084f[QUERY_CONNECT=178.21.114.197 <-> > 185.14.168.222(pro-mail-smtp-001.bol.com),filter_session@0x795bc0[datalen=0,eom=(nil),ofile=(nil)]] > filter: filter_end_query 71768b247df9084f[QUERY_CONNECT=178.21.114.197 <-> > 185.14.168.222(pro-mail-smtp-001.bol.com),filter_session@0x795bc0[datalen=0,eom=(nil),ofile=(nil)]] > filter: query 71768b247df9084f done: status=FILTER_CLOSE code=554 > response="5.7.1 Address in DNSBL" > smtp-in: Failed command on session 71768b23cba98cf7: "" => 554 5.7.1 Address > in DNSBL > smtp-in: Closing session 71768b23cba98cf7 > debug: smtp: 0x859c80: deleting session: done > filter: post-event event=EVENT_DISCONNECT filter=dnsbl > > dnsmasq logging: > > Apr 7 07:48:41 server dnsmasq[6018]: query[A] > 222.168.14.185.psbl.surriel.com from 127.0.0.1 > Apr 7 07:48:41 server dnsmasq[6018]: forwarded > 222.168.14.185.psbl.surriel.com to 95.85.9.86 > Apr 7 07:48:41 server dnsmasq[6018]: reply 222.168.14.185.psbl.surriel.com > is NXDOMAIN > > any more pointers what could go wrong? To me, this really looks like a bug/problem in libasr now (Ubuntu specific). Despite the NXDOMAIN reply, this condition seems to become true for you: https://github.com/OpenSMTPD/OpenSMTPD-extras/blob/master/extras/wip/filters/filter-dnsbl/filter_dnsbl.c#L44 The question is why does it become true und what is the value of: ar->ar_gai_errno (and why has it this value). Can you add/print the value to the log line please? For example: log_warnx("warn: session %016"PRIx64": event_dispatch: REJECT address ar_gai_errno=%d", *q, ar->ar_gai_errno); You may also want to print further members of struct asr_result to see what is going on. -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org