Menu
▾
▴
[Sqlgrey-users] Periodic crashes of sqlgrey
|
From: HaJo S. <ha...@ha...> - 2004-11-17 11:36:13
|
Hi List, Truly impressive what sqlgrey does to the amount of spam I receive (not). However I've identified a bug in both 1.1.3 and 1.3.0 which causes sqlgrey to crash (and hence the mail server to reject all incoming mail!): Some spammers nowadays use very bogus sender names, such as file names & paths to documents including backslashes, etc. If sqlgrey encounters one of these, it crashes with this log (I've replaced the "@" with an "-at-" so that the list mailer will not hide the address): Nov 16 00:29:38 sun sqlgrey[9064]: new: 219.254.35.115: c:documentsandsettingsadministratordesktopgevaliagevaliafroms.txt-at-mail.epelle.co.kr -> [my e-mail address] Nov 16 00:29:38 sun sqlgrey[9064]: Warning: couldn't do query: INSERT INTO connect (sender_name, sender_domain, ip_addr, rcpt, first_seen) VALUES('c:documentsandsettingsadministratordesktopgevaliagevaliafroms.txt', 'mail.epelle.co.kr', '219.254.35.115', '[my e-mail address]', NOW()): , sleeping and reconnecting to DB Nov 16 00:29:48 sun sqlgrey[9064]: warning: Database handle destroyed without explicit disconnect at /usr/bin/sqlgrey line 178. Nov 16 00:29:48 sun sqlgrey[9064]: fatal: Error: db reconnection failed: at /usr/bin/sqlgrey line 77. Nov 16 00:29:48 sun postfix/smtpd[5045]: warning: premature end-of-input on 127.0.0.1:2501 while reading input attribute name I'm getting these mails about twice a day, so my mail server is meanwhile more down than up... I believe sqlgrey would need some (more -- I understand some has been introduced since 1.2.0) sanity checks about values it wants to insert into the data base. I smell targeted exploits being possible here... HaJo -- HaJo Schatz <ha...@ha...> http://www.HaJo.Net PGP-Key: http://www.hajo.net/hajonet/keys/pgpkey_hajo.txt |
