Thread: [Mixmaster-devel] Re: [Remops] destblocks aren't working
Brought to you by:
weaselp
From: Riot R. A. <rem...@ri...> - 2002-01-24 12:28:47
|
On Mon, 21 Jan 2002, cmeclax po'u le cmevi'u ke'umri wrote: > Someone just sent a message with several destblock requests in it to a bunch > of remailers. I'm in one of many Cc: headers. None of the addresses got added > to dest.blk, and no message about destblks was written to errlog. I think, i think that this is a mixmaster bug happaned in the same way at riot remailer. i can't figure why, but at least a messag in errlog was expected the message is like this: From: Anonymous <ano...@cr...> CC: an...@ri... Subject: one Message-ID: <8da...@re...> destination-block xxx@xxx destination-block yyy@yyy destination-block zzz@zzz c-ya! riot http://riot.eu.org/anon admin PGPKey: 7016731A57D4A69B 1A8EE5E90EF2608E (since 1995) |
From: Peter P. <pe...@pa...> - 2002-01-24 12:40:21
|
On Thu, 24 Jan 2002, Riot Remailer Admin wrote: > On Mon, 21 Jan 2002, cmeclax po'u le cmevi'u ke'umri wrote: >=20 > > Someone just sent a message with several destblock requests in it to a = bunch > > of remailers. I'm in one of many Cc: headers. None of the addresses got= added > > to dest.blk, and no message about destblks was written to errlog. I thi= nk, >=20 > i think that this is a mixmaster bug happaned in the same way at riot > remailer. i can't figure why, but at least a messag in errlog was expected >=20 > the message is like this: > From: Anonymous <ano...@cr...> > CC: an...@ri... It does not react on messages CCed. > Subject: one > Message-ID: <8da...@re...> >=20 > destination-block xxx@xxx > destination-block yyy@yyy > destination-block zzz@zzz Those are not valid addresses. yours, peter --=20 PGP signed and encrypted | .''`. ** Debian GNU/Linux ** messages preferred. | : :' : The universal | `. `' Operating System http://www.palfrader.org/ | `- http://www.debian.org/ |
From: Len S. <ra...@qu...> - 2002-01-24 17:59:33
|
On Thu, 24 Jan 2002, Peter Palfrader wrote: > > Subject: one > > Message-ID: <8da...@re...> > > > > destination-block xxx@xxx > > destination-block yyy@yyy > > destination-block zzz@zzz > > Those are not valid addresses. They aren't? They should be. --Len, aka rabbi@ai. |
From: Peter P. <pe...@pa...> - 2002-01-24 18:04:11
|
Hi Len! On Thu, 24 Jan 2002, Len Sassaman wrote: > On Thu, 24 Jan 2002, Peter Palfrader wrote: >=20 > > > Subject: one > > > Message-ID: <8da...@re...> > > > > > > destination-block xxx@xxx > > > destination-block yyy@yyy > > > destination-block zzz@zzz > > > > Those are not valid addresses. >=20 > They aren't? They should be. Perhaps. But I doubt there are many users having an email account at a Top Level Domain. xx...@xx... would get blocked. yours, peter --=20 PGP signed and encrypted | .''`. ** Debian GNU/Linux ** messages preferred. | : :' : The universal | `. `' Operating System http://www.palfrader.org/ | `- http://www.debian.org/ |
From: Peter P. <pe...@pa...> - 2002-01-24 18:27:58
|
[list CCed, hope you don't mind] Hi Len! On Thu, 24 Jan 2002, Len Sassaman wrote: > On Thu, 24 Jan 2002, Peter Palfrader wrote: >=20 > > > > Those are not valid addresses. > > > > > > They aren't? They should be. > > > > Perhaps. But I doubt there are many users having an email account at > > a Top Level Domain. xx...@xx... would get blocked. >=20 > Still, I like being RFC 822 compliant... Index: rem.c =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /cvsroot/mixmaster/Mix/Src/rem.c,v retrieving revision 1.12 diff -u -r1.12 rem.c --- rem.c 2002/01/10 23:59:16 1.12 +++ rem.c 2002/01/24 18:25:08 @@ -424,7 +424,7 @@ if (bufleft(line, "/")) { errlog(LOG, "Ignoring blocking request: %b is a regex.\n", addr); } else { - if (strchr(line->data, '@') && strchr(strchr(line->data, '@'), '.')) { + if (strchr(line->data, '@')) { strcpy( destblklst, DESTBLOCK ); destblk =3D strtok( destblklst, " " ); f =3D mix_openfile( destblk, "a" ); This should fix it. I have not tested it tho. yours, peter --=20 PGP signed and encrypted | .''`. ** Debian GNU/Linux ** messages preferred. | : :' : The universal | `. `' Operating System http://www.palfrader.org/ | `- http://www.debian.org/ |
From: <ul...@fi...> - 2002-01-25 21:37:17
|
On Thu, Jan 24, 2002 at 07:27:33PM +0100, Peter Palfrader wrote: > - if (strchr(line->data, '@') && strchr(strchr(line->data, '@'), '.')) { > + if (strchr(line->data, '@')) { > strcpy( destblklst, DESTBLOCK ); > destblk = strtok( destblklst, " " ); > f = mix_openfile( destblk, "a" ); > > This should fix it. I have not tested it tho. But the current code uses substring matching, and that's probably going to be a problem if you allow people to block truncated addresses |
From: Peter P. <pe...@pa...> - 2002-01-26 04:00:21
|
On Fri, 25 Jan 2002, Ulf M=F6ller wrote: > On Thu, Jan 24, 2002 at 07:27:33PM +0100, Peter Palfrader wrote: >=20 > > - if (strchr(line->data, '@') && strchr(strchr(line->data, '@'), '.= ')) { > > + if (strchr(line->data, '@')) { > > strcpy( destblklst, DESTBLOCK ); > > destblk =3D strtok( destblklst, " " ); > > f =3D mix_openfile( destblk, "a" ); > >=20 > > This should fix it. I have not tested it tho. >=20 > But the current code uses substring matching, and that's probably > going to be a problem if you allow people to block truncated > addresses A challenge response dialog would be the right thing to implement. yours, peter --=20 PGP signed and encrypted | .''`. ** Debian GNU/Linux ** messages preferred. | : :' : The universal | `. `' Operating System http://www.palfrader.org/ | `- http://www.debian.org/ |
From: Len S. <ra...@qu...> - 2002-01-26 20:28:26
|
On Fri, 25 Jan 2002, [iso-8859-1] Ulf M=F6ller wrote: > > This should fix it. I have not tested it tho. > > But the current code uses substring matching, and that's probably > going to be a problem if you allow people to block truncated > addresses Yes, I thought of that too after I sent mail to Peter. It poses two problems: someone with the email address "bar@foo" wants to be blocked, and someone at "ba...@fo...m" wants to receive mail. (How likely is this scenario to happen?) The problem exists in either behavior as long as we're doing substring matching, though, since there will be that conflict. The other problem is that users could maliciously block addresses. It doesn't make much difference if a user blocks someone else's address by blocking victim@aol or vi...@ao... -- he just gets a few more addressess implicitly added to the block list as a bonus. However, it definately matters if the dest.allow file can't compensate. (We also should be checking for remailer addresses from the key files and allowing them as well. We wouldn't want a block request for "randseed@melontraffickers" to be able to get around that. We probably shouldn't worry about addresses on top level domains afterall. --Len. |
From: cmeclax po'u le cmevi'u ke'u. <cm...@gm...> - 2002-01-26 20:52:09
|
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 de'i Saturday 26 January 2002 15:28 la Len Sassaman cusku di'e > On Fri, 25 Jan 2002, [iso-8859-1] Ulf Möller wrote: > > > This should fix it. I have not tested it tho. > > > > But the current code uses substring matching, and that's probably > > going to be a problem if you allow people to block truncated > > addresses > > Yes, I thought of that too after I sent mail to Peter. It poses two > problems: someone with the email address "bar@foo" wants to be blocked, > and someone at "ba...@fo...m" wants to receive mail. (How likely is this > scenario to happen?) The problem exists in either behavior as long as > we're doing substring matching, though, since there will be that conflict. Unlikely, but if someone has "foo.sf.ca" ("sf.ca" does exist) and someone else has "foo.sf.ca.us" (San Francisco) it could happen. Also Colombia and Colorado. cmeclax -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE8Uxbo3/k1hdmG9jMRAqpfAJ9vlbOrXL063hML+AJzBtDqQUogJACfaNPy vBePNDnGNV50I/hi/IOOlBs= =mUMc -----END PGP SIGNATURE----- |
From: Riot R. A. <rem...@ri...> - 2002-01-25 17:51:04
|
On Thu, 24 Jan 2002, Peter Palfrader wrote: > > the message is like this: > > From: Anonymous <ano...@cr...> > > CC: an...@ri... > It does not react on messages CCed. sorry, but i can't find any line that maky this discrimination from To: and CC: lines (can you tell me where is it?) > > Subject: one > > Message-ID: <8da...@re...> > > > > destination-block xxx@xxx > > destination-block yyy@yyy > > destination-block zzz@zzz > Those are not valid addresses. those are munged by me, but are intended as valid address like xx...@my... anyway if they aren't valid messages i expect a warn message in the logfile c-ya! riot http://riot.eu.org/anon admin PGPKey: 7016731A57D4A69B 1A8EE5E90EF2608E (since 1995) |
From: Peter P. <pe...@pa...> - 2002-01-25 18:10:20
|
Hi Riot! On Fri, 25 Jan 2002, Riot Remailer Admin wrote: > On Thu, 24 Jan 2002, Peter Palfrader wrote: >=20 > > > the message is like this: > > > From: Anonymous <ano...@cr...> > > > CC: an...@ri... > > It does not react on messages CCed. >=20 > sorry, but i can't find any line that maky this discrimination from To: > and CC: lines (can you tell me where is it?) I haven't look at the source, I tested mix' behaviour. blockrequest() seems to not be called if mix is only CCed. yours, peter --=20 PGP signed and encrypted | .''`. ** Debian GNU/Linux ** messages preferred. | : :' : The universal | `. `' Operating System http://www.palfrader.org/ | `- http://www.debian.org/ |
From: Peter P. <pe...@pa...> - 2002-01-25 18:24:48
|
Hi mixmaster-devel! On Fri, 25 Jan 2002, Peter Palfrader wrote: > Hi Riot! >=20 > On Fri, 25 Jan 2002, Riot Remailer Admin wrote: >=20 > > On Thu, 24 Jan 2002, Peter Palfrader wrote: > >=20 > > > > the message is like this: > > > > From: Anonymous <ano...@cr...> > > > > CC: an...@ri... > > > It does not react on messages CCed. > >=20 > > sorry, but i can't find any line that maky this discrimination from To: > > and CC: lines (can you tell me where is it?) >=20 > I haven't look at the source, I tested mix' behaviour. blockrequest() > seems to not be called if mix is only CCed. I found out. Requests will be handled, if either subject starts with "destination-block", or if the remail address is in the To header. line 192f of rem.c: | } else if (bufifind(to, REMAILERADDR) && blockrequest(message)) | logmail(MAILBLOCK, message); yours, peter --=20 PGP signed and encrypted | .''`. ** Debian GNU/Linux ** messages preferred. | : :' : The universal | `. `' Operating System http://www.palfrader.org/ | `- http://www.debian.org/ |