You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@spamassassin.apache.org by bu...@bugzilla.spamassassin.org on 2006/03/22 00:57:19 UTC
[Bug 4836] New: Mail::SPF::Query::myquery must sanity-check $label
http://issues.apache.org/SpamAssassin/show_bug.cgi?id=4836
Summary: Mail::SPF::Query::myquery must sanity-check $label
Product: Spamassassin
Version: 3.1.1
Platform: Other
URL: http://mccarthy.vg/
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P5
Component: spamc/spamd
AssignedTo: dev@spamassassin.apache.org
ReportedBy: jamie@mccarthy.vg
Mail::SPF::Query::myquery() doesn't check $label for compliance with the RFC before it calls
my $resquery = $query->resolver->query($label, $qtype);
As a result, if $label is longer than 63 chars, Net::DNS::Packet::dn_comp() croaks. This dumps several of
these a day into my /var/log/syslog:
Mar 21 05:28:59 localhost spamd[4571]: spf: lookup failed: length of
hyper_luckylady8754158754_lookserver772_serebusystem03_heavensgift55 is larger than 63 octets at
/usr/lib/perl5/Net/DNS/Question.pm line 179
I asked the author of Net::DNS about this and he pointed out:
>It is part of the spec (RFC1035 section 2.3.1. "Preferred name syntax")
>
>> The labels must follow the rules for ARPANET host names. They must
>> start with a letter, end with a letter or digit, and have as interior
>> characters only letters, digits, and hyphen. There are also some
>> restrictions on the length. Labels must be 63 characters or less.
If you need more debugging info, I changed the croak to a confess so I have a stack trace in my logs.
Email me and I'll send it. The functions on the top of the stack were
Mail::SpamAssassin::Plugin::SPF::check_for_spf_helo_pass
Mail::SpamAssassin::Plugin::SPF::_check_spf
Mail::SpamAssassin::Timeout::run_and_catch
Mail::SpamAssassin::Timeout::_run
eval {...}
Mail::SpamAssassin::Plugin::SPF::__ANON__
Mail::SPF::Query::result
Mail::SPF::Query::spfquery
DirectiveSet::new
Mail::SPF::Query::myquery
Net::DNS::Resolver::Base::query
Net::DNS::Resolver::Base::send
Net::DNS::Packet::data
Net::DNS::Question::data
Net::DNS::Packet::dn_comp
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
[Bug 4836] Mail::SPF::Query::myquery must sanity-check $label
Posted by bu...@bugzilla.spamassassin.org.
http://issues.apache.org/SpamAssassin/show_bug.cgi?id=4836
spamassassin@dostech.ca changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |INVALID
------- Additional Comments From spamassassin@dostech.ca 2006-03-22 00:57 -------
SpamAssassin has no conrol over what Mail::SPF::Query may end up resolving while
trying to determine an SPF result since it'll end up trying to resolve
"anything" it finds in an SPF record.
I'd contact Julian (julian@mehnle.net) about this as there's nothing we can do.
Closing as invalid because there isn't a "not us" resolution choice.
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
[Bug 4836] Mail::SPF::Query::myquery must sanity-check $label
Posted by bu...@bugzilla.spamassassin.org.
http://issues.apache.org/SpamAssassin/show_bug.cgi?id=4836
------- Additional Comments From jamie@mccarthy.vg 2006-03-22 15:07 -------
Sorry about that. I wasn't paying attention and thought Mail::SPF::Query was part of the SpamAssassin
family. I'll contact them now.
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.