You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@spamassassin.apache.org by bu...@bugzilla.spamassassin.org on 2005/10/20 20:13:31 UTC

[Bug 4639] Problem with Socket.pm in spamd

http://issues.apache.org/SpamAssassin/show_bug.cgi?id=4639





------- Additional Comments From sidney@sidney.com  2005-10-20 20:13 -------
I think the problem is in the way you use KeepAlived rather than in spamd. There
is nothing in the spamd protocol that says what it is supposed to do in response
to a random packet. If spamd crashed in response, then that would be a DoS
vulnerability, but an error in the log when it receives a bad packet seems to me
like a reasonable result.

The spamd protocol does have a PING. I think you should be using a MISC_CHECK
script in Keepalived instead of a TCP_CHECK (I'm seeing this the Keeapalived
User's Guide from their web site) to send the following string to spamd on its port:

PING SPAMC/

which will get a response from spamd that looks lke

SPAMD/1.2 0 PONG

I do think that it is reasonable to expect that you could use a command line
option in spamc to do this. For one thing, the ping needs to be on the correct
tcp port or unix pipe and use SSL if spamd requires it. Such details are already
taken care of by spamc.

I propose adding a ping option to spamc that causes it to send PING SPAMC/1.2
(the 1.2 being the current version of the protocol), send to stdout whatever
spamd returns and exit with a return code of 1 if it is looks correct, otherwise
0. Then you can have a Keepalived MISC_CHECK script that calls spamc with the
ping option. Looking at what option characters are available (spamc requires
single character options) I propose -K (for Keepalive) as being the least
confusing. I don't like -P for Ping because it is too close to -p.

I'll code that up unless someone jumps in with an objecting comment first.

In the meantime, if you don't want the error messages in the log, whip up some
code that sends the correct PING string on the port and checks the response and
use that in a MISC_CHECK.

I'm leaving this ticket open until there is at least some comment on the idea of
implementing PING in spamc. Other than that I would close this as being INVALID
since I don't see the behavior as a bug in spamd.



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.