You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@spamassassin.apache.org by bu...@bugzilla.spamassassin.org on 2016/07/08 01:28:42 UTC

[Bug 7156] new_dns_packet (domain=something type=A class=IN) failed: a domain name contains a null label

https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7156

--- Comment #30 from Gerald Turner <gt...@unzane.com> ---
(In reply to Mark Martinec from comment #29)
> (In reply to Gerald Turner from comment #26)
> > On April 26th I upgraded SpamAssassin from 3.3.2 to 3.4.0 (Debian wheezy to
> > jessie upgrade).  My mailserver processes about 1000 emails per day.  This
> > error did not exist until May 27, and now I receive about two every day. 
> > This makes me think the new error may have been triggered by saupdate.
> 
> > spamd[22215]: dns: new_dns_packet
> >   (domain=...il.com. type=A class=IN) failed:
> >    a domain name contains a null label
> 
> This warning was added some time between 3.3.2 to 3.4.0. It does
> not indicate an error, it's just a reminder that an URL found in
> a message contained such invalid domain name.
> 
> The warning was intentionally left in the DNS code to remind
> us that it is probably up to the URL-gathering code do decide
> what to do with such invalid domains (e.g. sanitize them or
> ignore), so that such domain names won't reach DNS resolver
> code any longer.

I understand it's a warning, and it may be used to improve the URIBL code to
avoid querying DNS with bogus domains, so with that in mind, I'm reporting a
new and subtly different error:

  spamd[31180]: dns: new_dns_packet
(domain=ll-state-dept-asks-it-to-figure-out-ways-to-stop-bad-people-using-tor.sh.multi.surbl.org.
type=A class=IN) failed: a label in a domain name is longer than 63 bytes

This was triggered by a plain text email from a mailing list that had a long
URL broken up on several lines, e.g.:

  http://some.news.site/with-a-very-very-very-long-
  url-containing-more-than-36-bytes-on-one-of-the.li
  nes

BTW, I use "logcheck" on my mail server which runs every hour, detects any
unusual syslog messages that haven't been whitelisted in it's catalog of regexp
patterns, and reports them via email.  While I do have SpamAssassin's
"shortcircuit ALL_TRUSTED on" configured, the URIBL still seems to scan these
internal logcheck emails.  Therefore when something new like this happens,
where each logcheck email also triggers a new message from SpamAssassin, I get
an infinite loop of hourly emails until I "fix" yet another logcheck whitelist
regex.  Crazy sysadmin reactive busy work ;-)

-- 
You are receiving this mail because:
You are the assignee for the bug.