You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@spamassassin.apache.org by bu...@bugzilla.spamassassin.org on 2007/01/02 12:01:30 UTC

[Bug 5267] New: DNS requests have bad local unprivileged ports

http://issues.apache.org/SpamAssassin/show_bug.cgi?id=5267

           Summary: DNS requests have bad local unprivileged ports
           Product: Spamassassin
           Version: 3.1.7
          Platform: Other
        OS/Version: other
            Status: NEW
          Severity: normal
          Priority: P5
         Component: Libraries
        AssignedTo: dev@spamassassin.apache.org
        ReportedBy: chris_craft_4@hotmail.com


Hello
Happy new year to all the team !
And congratulations for your splendid work !

I am working on Fedora Core 4 using MailScanner+SpamAssassin+Razor2.
I am working with my own rpm modules.

Versions used :
+ MailScanner  : 4.4.8
+ SpamAssassin : 3.1.7
+ razor-agents : 2.8.2
+ Net-DNS      : 0.59
+ Net-IP       : 1.25

I am searching since version 3.1.0 about bad port usage on DNS connections :
the local port was often not respecting the constraints contained in file
/proc/sys/net/ipv4/ip_local_port_range. This file controls the local port 
attribution specifying the min and the max of the local port number for all 
IP connections. After very long search (because I did know which module 
exactly was concerned), I found something in file 
lib/Mail/SpamAssassin/DnsResolver.pm. The port range is hardcoded to values 
1024 - 65535 (for example my settings are 32768 - 60000). Changing them to 
my local values was solving my local range trouble.

Here is the code :

  # find next available unprivileged port (1024 - 65535)
  # starting at a random value to spread out use of ports
  my $port_offset = int(rand(64511));  # 65535 - 1024
  for (my $i = 0; $i<64511; $i++) {
    my $lport = 1024 + (($port_offset + $i) % 64511);

Best regards.
Chris



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

[Bug 5267] DNS requests have bad local unprivileged ports

Posted by bu...@bugzilla.spamassassin.org.

http://issues.apache.org/SpamAssassin/show_bug.cgi?id=5267


shiva@sewingwitch.com changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|                            |DUPLICATE




------- Additional Comments From shiva@sewingwitch.com  2007-01-02 14:39 -------


*** This bug has been marked as a duplicate of 5264 ***



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.