You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by "Koopmann, Jan-Peter" <ja...@koopmann.eu> on 2008/04/10 15:24:59 UTC
Botnet.pm causing SA timeouts
Hi,
I just noticed BotNet (0.8) causing SA timeouts when used with
MailScanner. This is what the log gives me:
[21308] dbg: spf: query for
esuapmet_1966@mater.ustb.edu.cn/75.117.130.5/unknown: result: fail,
comment: Please see
http://www.openspf.org/Why?id=esuapmet_1966%40mater.ustb.edu.cn&ip=75.11
7.130.5&receiver=proxy.aclick.de, text: Mechanism '-all' matched
[21308] dbg: Botnet: starting
[21308] dbg: Botnet: no trusted relays
[21308] dbg: Botnet: get_relay good RDNS
[21308] dbg: Botnet: IP is '75.117.130.5'
[21308] dbg: Botnet: RDNS is '!75.117.130.5!'
[21308] dbg: Botnet: HELO is ''
[21308] dbg: Botnet: sender 'esuapmet_1966@MATER.USTB.EDU.CN'
Then it just hangs for quite some time and finally runs into the
timeout. Any idea?
Regards,
JP
Re: Botnet.pm causing SA timeouts
Posted by John Rudd <jr...@ucsc.edu>.
Mark,
Thanks, I'll try to work that into 0.9.
John
Mark Martinec wrote:
> Jan-Peter,
>
>> I just noticed BotNet (0.8) causing SA timeouts
>
>> Then it just hangs for quite some time and finally runs into the
>> timeout. Any idea?
>
> A known problem, it uses a default timeout of Net::DNS,
> which is very long for certain unresolvable DNS queries.
> Try the following patch:
>
>
> --- Botnet.pm.ori 2007-08-06 15:59:16.000000000 +0200
> +++ Botnet.pm 2007-08-06 16:02:43.000000000 +0200
> @@ -711,5 +711,14 @@
> (defined $max) &&
> ($max =~ /^-?\d+$/) ) {
> - $resolver = Net::DNS::Resolver->new();
> + $resolver = Net::DNS::Resolver->new(
> + udp_timeout => 5,
> + tcp_timeout => 5,
> + retrans => 0,
> + retry => 1,
> + persistent_tcp => 0,
> + persistent_udp => 0,
> + dnsrch => 0,
> + defnames => 0,
> + );
> if ($query = $resolver->search($name, $type)) {
> # found matches
> @@ -834,5 +843,14 @@
> my ($ip) = @_;
> my ($query, @answer, $rr);
> - my $resolver = Net::DNS::Resolver->new();
> + my $resolver = Net::DNS::Resolver->new(
> + udp_timeout => 5,
> + tcp_timeout => 5,
> + retrans => 0,
> + retry => 1,
> + persistent_tcp => 0,
> + persistent_udp => 0,
> + dnsrch => 0,
> + defnames => 0,
> + );
> my $name = "";
>
>
>
> Mark
RE: Botnet.pm causing SA timeouts
Posted by "Koopmann, Jan-Peter" <ja...@koopmann.eu>.
> > Then it just hangs for quite some time and finally runs into the
> > timeout. Any idea?
>
> A known problem, it uses a default timeout of Net::DNS,
> which is very long for certain unresolvable DNS queries.
> Try the following patch:
Looks like this did the trick!
Great. Thanks!
Re: Botnet.pm causing SA timeouts
Posted by Mark Martinec <Ma...@ijs.si>.
Jan-Peter,
> I just noticed BotNet (0.8) causing SA timeouts
> Then it just hangs for quite some time and finally runs into the
> timeout. Any idea?
A known problem, it uses a default timeout of Net::DNS,
which is very long for certain unresolvable DNS queries.
Try the following patch:
--- Botnet.pm.ori 2007-08-06 15:59:16.000000000 +0200
+++ Botnet.pm 2007-08-06 16:02:43.000000000 +0200
@@ -711,5 +711,14 @@
(defined $max) &&
($max =~ /^-?\d+$/) ) {
- $resolver = Net::DNS::Resolver->new();
+ $resolver = Net::DNS::Resolver->new(
+ udp_timeout => 5,
+ tcp_timeout => 5,
+ retrans => 0,
+ retry => 1,
+ persistent_tcp => 0,
+ persistent_udp => 0,
+ dnsrch => 0,
+ defnames => 0,
+ );
if ($query = $resolver->search($name, $type)) {
# found matches
@@ -834,5 +843,14 @@
my ($ip) = @_;
my ($query, @answer, $rr);
- my $resolver = Net::DNS::Resolver->new();
+ my $resolver = Net::DNS::Resolver->new(
+ udp_timeout => 5,
+ tcp_timeout => 5,
+ retrans => 0,
+ retry => 1,
+ persistent_tcp => 0,
+ persistent_udp => 0,
+ dnsrch => 0,
+ defnames => 0,
+ );
my $name = "";
Mark