[qmailtoaster] Qmail Toaster - Times out on certain SMTP connections - Status 256
Hi, I'm using the latest update of QTP but something appears broken. I am seeing errors in the SMTP log where the connection appears to timeout and returns a status of 256. It only happens with a couple of specific connections - but they are important ones ie Paypal and Amazon! 98% of connections are fine - something seems to freeze or prevent data coming in. I obtained the script using recordio. Using FIXCRIO seems to block the server, each connection never completes. Until recently this was not a problem - I cannot be sure whether it is the Qmail Toaster upgrade or whether the remote MX's have changed and are causing the problem. Here is the log output. ( I have obfuscated ip addresses ) 2008-11-16 18:59:53.133233500 tcpserver: pid 11346 from 87.xxx.84.26 2008-11-16 18:59:53.133307500 tcpserver: ok 11346 ip-72-xxx-47-196.ip.secureserver.net:72.xxx.47.196:25 :87.xxx.84.26::48913 008-11-16 18:59:56.292441500 11346 220 MYSERVER - Welcome to SMTP Server ESMTP 008-11-16 18:59:56.433152500 11346 EHLO mm-retail-out-12102.amazon.com 008-11-16 18:59:56.433194500 11346 250-MTSERVER - Welcome to SMTP Server 008-11-16 18:59:56.433196500 11346 250-STARTTLS 008-11-16 18:59:56.433210500 11346 250-PIPELINING 008-11-16 18:59:56.433211500 11346 250-8BITMIME 008-11-16 18:59:56.433212500 11346 250-SIZE 20971520 008-11-16 18:59:56.433213500 11346 250 AUTH LOGIN PLAIN CRAM-MD5 008-11-16 18:59:56.574199500 11346 MAIL FROM:[EMAIL PROTECTED] SIZE=46021 2008-11-16 18:59:56.702990500 CHKUSER accepted sender: from [EMAIL PROTECTED]:: remote mm-retail-out-12102.amazon.com:unknown:87.xxx.84.26 rcpt : sender accepted 2008-11-16 19:04:56.531551500 11346 [EOF] 008-11-16 19:06:14.701562500 11346 451 SPF lookup failure (#4.3.0) 2008-11-16 19:06:14.701648500 11346 [EOF] 2008-11-16 19:06:14.701709500 tcpserver: end 11346 status 256 ## HELP! Any clues as to what is happenning and how to fix this or patch it would be appreciated. thanks! George - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Qmail Toaster - Times out on certain SMTP connections - Status 256
George wrote: 008-11-16 19:06:14.701562500 11346 451 SPF lookup failure (#4.3.0) 2008-11-16 19:06:14.701648500 11346 [EOF] 2008-11-16 19:06:14.701709500 tcpserver: end 11346 status 256 ## HELP! Any clues as to what is happenning and how to fix this or patch it would be appreciated. Change /var/qmail/control/spfbehavior from 3 to 1. It's failing SPF lookups. - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Qmail Toaster - Times out on certain SMTP connections - Status 256
Thanks for the quick response, unfortunately, it did not fix the issue. I modified spfbehavior and changed the value to 1. I then did qmailctl restart . Is that sufficient? The problem is still there. If you look at the log in my original mail there appears to be a 5 minute pause between CHKUSR accepting sender and the remote server giving up and sending an [EOF]. The SPF error appears after this and therefore I suspect it is not the root of the issue. It looks like the remote server is waiting for some kind of response before sending any further data, also the amount of initial data sent by the remote server seems small compared with normal interactions ... OR qmail_smtp is failing to read the data ... I am currently only experiencing this problem fom Paypal and Amazon MXs - everything else works perfectly. The remote severs continue to to try to resend the mails. Your help is already much appreciated! Thanks George Jake Vickers wrote: George wrote: 008-11-16 19:06:14.701562500 11346 451 SPF lookup failure (#4.3.0) 2008-11-16 19:06:14.701648500 11346 [EOF] 2008-11-16 19:06:14.701709500 tcpserver: end 11346 status 256 ## HELP! Any clues as to what is happenning and how to fix this or patch it would be appreciated. Change /var/qmail/control/spfbehavior from 3 to 1. It's failing SPF lookups. - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[qmailtoaster] (another) Vulnerability in clamav
Hi list, For our own common interest: http://www.securityfocus.com/bid/32207/discuss ClamAV is prone to an off-by-one heap-based buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data. Successfully exploiting this issue will allow attackers to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. Versions prior to ClamAV 0.94.1 are vulnerable. Current clamav-toaster is 0.94, so, there's a chance we are affected by this issue. May be it's time to let clamav package be updated via OS updates? Best regards, --- David Sanchez Martin Administrador de Sistemas [EMAIL PROTECTED] GPG Key ID: 0x37E7AC1F E2000 Nuevas Tecnologías Tel : +34 902 830500 smime.p7s Description: S/MIME cryptographic signature
