Mailing List Archive

[Bug 2903] Rewrite rules in 4.96 cause SMTP connections to drop
https://bugs.exim.org/show_bug.cgi?id=2903

Git Commit <git@exim.org> changed:

What |Removed |Added
----------------------------------------------------------------------------
CC| |git@exim.org

--- Comment #6 from Git Commit <git@exim.org> ---
Git commit:
https://git.exim.org/exim.git/commitdiff/e7ec503729970a03d4509921342bc81313976126

commit e7ec503729970a03d4509921342bc81313976126
Author: Jeremy Harris <jgh146exb@wizmail.org>
AuthorDate: Tue Jul 12 22:14:04 2022 +0100
Commit: Jeremy Harris <jgh146exb@wizmail.org>
CommitDate: Tue Jul 12 22:15:04 2022 +0100

fix exit on attempt to rewrite a malformed address. bug 2903
----
doc/doc-txt/ChangeLog | 5 +
src/src/rewrite.c | 9 +-
test/confs/0471 | 7 ++
test/log/0471 | 5 +
test/scripts/0000-Basic/0471 | 4 +-
test/stderr/0471 | 245 ++++++++++++++++++++++++++++++++++++++++++-
6 files changed, 267 insertions(+), 8 deletions(-)

--
You are receiving this mail because:
You are on the CC list for the bug.
--
## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##
[Bug 2903] Rewrite rules in 4.96 cause SMTP connections to drop [ In reply to ]
https://bugs.exim.org/show_bug.cgi?id=2903

Jeremy Harris <jgh146exb@wizmail.org> changed:

What |Removed |Added
----------------------------------------------------------------------------
Assignee|unallocated@exim.org |jgh146exb@wizmail.org
Component|Delivery in general |Address Rewriting

--- Comment #1 from Jeremy Harris <jgh146exb@wizmail.org> ---
Can you get a debug run? NB: debug to file, controlled by ACL, might be
simplest. Speculative debug, even.

Also, check /var/log/messages or equivalent, in case there's a SEGV involved.
If so, a stacktrace from a coredump would be useful (even better, recompile
with "-O0 -ggdb" first). Usual caveats on coredumps-for-suid-binaries apply.

--
You are receiving this mail because:
You are on the CC list for the bug.
--
## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##
[Bug 2903] Rewrite rules in 4.96 cause SMTP connections to drop [ In reply to ]
https://bugs.exim.org/show_bug.cgi?id=2903

--- Comment #2 from Jeremy Harris <jgh146exb@wizmail.org> ---
A quick test gives me:

15:11:53 25169 rewrite headers
15:11:53 25169 rewrite_one_header: type=F:
15:11:53 25169 From: <dpc22@>
15:11:53 25169 LOG: MAIN
15:11:53 25169 rewrite: domain missing or malformed
15:11:53 25169 created log directory /home/jgh/git/exim/test/spool/log

which seems quite explicit, and arguably correct behaviour.
Did you get the logging?

--
You are receiving this mail because:
You are on the CC list for the bug.
--
## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##
[Bug 2903] Rewrite rules in 4.96 cause SMTP connections to drop [ In reply to ]
https://bugs.exim.org/show_bug.cgi?id=2903

--- Comment #3 from David Carter <dpc22@cam.ac.uk> ---
No sign of a core dump with:

echo "/tmp/core.%e.%t.%p" > /proc/sys/kernel/core_pattern
echo 2 > /proc/sys/fs/suid_dumpable
ulimit -c unlimited

I attach the output from:

/opt/exim/bin/exim -d+all -bh 127.0.0.1 -oMi "[127.0.0.1]:25" -d+all 2>&1 | tee
/tmp/out.txt

with the following minimal Exim configuration:

---8<---

spool_directory = /spool/exim
keep_environment = ""
never_users = root
log_file_path = /spool/exim/log/%slog

acl_smtp_rcpt = accept hosts = : @[]

begin rewrite

*@*.hermes.cam.ac.uk $1@hermes.cam.ac.uk hF

begin routers
dnslookup:
driver = dnslookup
transport = smtp

begin transports
smtp:
driver = smtp

--8<--

That ends:

16:00:01 2891 rewrite_one_header: type=F:
16:00:01 2891 From: <dpc22@>
16:00:01 2891 LOG: MAIN
16:00:01 2891 rewrite: domain missing or malformed
16:00:01 2891 search_tidyup called
16:00:01 2891 >>>>>>>>>>>>>>>> Exim pid=2891 (fresh-exec) terminating with
rc=1 >>>>>>>>>>>>>>>>

which looks like Exim bailing out with "rc=1" right after the rewrite rule is
applied. It doesn't wait for the message body after the headers, or the "."
termination.

--
You are receiving this mail because:
You are on the CC list for the bug.
--
## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##
[Bug 2903] Rewrite rules in 4.96 cause SMTP connections to drop [ In reply to ]
https://bugs.exim.org/show_bug.cgi?id=2903

--- Comment #4 from David Carter <dpc22@cam.ac.uk> ---
Created attachment 1426
--> https://bugs.exim.org/attachment.cgi?id=1426&action=edit
exim -d+all output

This time attached to the correct ticket. Bugzilla sent me to:

https://bugs.exim.org/show_bug.cgi?id=123

for some reason.

--
You are receiving this mail because:
You are on the CC list for the bug.
--
## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##
[Bug 2903] Rewrite rules in 4.96 cause SMTP connections to drop [ In reply to ]
https://bugs.exim.org/show_bug.cgi?id=2903

Jeremy Harris <jgh146exb@wizmail.org> changed:

What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |ASSIGNED

--- Comment #5 from Jeremy Harris <jgh146exb@wizmail.org> ---
Best thing to do seems to only log the issue; ignore this address as far
as rewrites go (ie. never match), and trust the admin to be using
verify=header_syntax - because they will leak this bad address from their
broken source out to the world if they do not.

--
You are receiving this mail because:
You are on the CC list for the bug.
--
## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##
[Bug 2903] Rewrite rules in 4.96 cause SMTP connections to drop [ In reply to ]
https://bugs.exim.org/show_bug.cgi?id=2903

Jeremy Harris <jgh146exb@wizmail.org> changed:

What |Removed |Added
----------------------------------------------------------------------------
Status|ASSIGNED |WAIT_FIX_CONFIRMATION

--
You are receiving this mail because:
You are on the CC list for the bug.
--
## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##
[Bug 2903] Rewrite rules in 4.96 cause SMTP connections to drop [ In reply to ]
https://bugs.exim.org/show_bug.cgi?id=2903

--- Comment #7 from David Carter <dpc22@cam.ac.uk> ---
Okay, that seems to have fixed the issue. Thanks.

I agree that broken headers are not desirable.

Unfortunately we seem to have quite a lot of people (including people who do
actually know better) who have set up internal servers and external bulk email
providers using broken headers because it used to work.

I guess that I need to set up an ACL which logs verify=header_syntax failures
to found out how prevalent this actually is.

--
You are receiving this mail because:
You are on the CC list for the bug.
--
## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##
[Bug 2903] Rewrite rules in 4.96 cause SMTP connections to drop [ In reply to ]
https://bugs.exim.org/show_bug.cgi?id=2903

--- Comment #8 from David Carter <dpc22@cam.ac.uk> ---
Just to add:

I was redirected to:

https://bugs.exim.org/show_bug.cgi?id=123

again when I hit submit on the last comment. That page showed the comment that
I just submitted, but fortunately ticket 123 hasn't also been updated.

Something weird is definitely going on with Bugzilla and/or my browser.

--
You are receiving this mail because:
You are on the CC list for the bug.
--
## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##
[Bug 2903] Rewrite rules in 4.96 cause SMTP connections to drop [ In reply to ]
https://bugs.exim.org/show_bug.cgi?id=2903

Jeremy Harris <jgh146exb@wizmail.org> changed:

What |Removed |Added
----------------------------------------------------------------------------
Status|WAIT_FIX_CONFIRMATION |RESOLVED
Resolution|--- |FIXED

--- Comment #9 from Jeremy Harris <jgh146exb@wizmail.org> ---
Thanks for the confirm; closing.

I've not seen (famous last words) any redirection oddities myself with
the bugzilla.

--
You are receiving this mail because:
You are on the CC list for the bug.
--
## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##
[Bug 2903] Rewrite rules in 4.96 cause SMTP connections to drop [ In reply to ]
https://bugs.exim.org/show_bug.cgi?id=2903

Dean Brooks <dean@iglou.com> changed:

What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |REOPENED
CC| |dean@iglou.com
Resolution|FIXED |---

--- Comment #10 from Dean Brooks <dean@iglou.com> ---
I'm reopening out of an abundance of caution. We ran into this same problem
with global rewrites after upgrading to 4.96 yesterday. However, our problem is
occurring for some addresses even if *none* of the rewrite rules match. It
would immediately log an error and the smtp connection would drop.

The rewrite rule we have in the format of:

^(.*)@ourdomain.net $1@ourdomain.com hE

To reproduce, in a manual smtp transaction we used the following commands:
-----------------------------------------------------------------------
EHLO ourdomain.com
MAIL FROM:<johndoe@ourdomain.com>
RCPT TO:<johndoe@ourdomain.com>
DATA
From: johndoe@ourdomain.com <johndoe@ourdomain.com>
To: johndoe@ourdomain.com
Subject: test

test message
.
-----------------------------------------------------------------------

Immediately upon encountering the blank line after the headers, the smtp
transaction would drop. Debug shows:

end of ACL "check_rcpt": ACCEPT
250 Accepted
data
354 Enter message, ending with "." on a line by itself
From: johndoe@ourdomain.com <johndoe@ourdomain.com>
To: johndoe@ourdomain.com
Subject: test
host in ignore_fromline_hosts? no (option unset)

johndoe@ourdomain.com in "^(.*)@ourdomain.net"? no (end of list)
LOG: MAIN
rewrite: malformed address: <johndoe@ourdomain.com>
may not follow johndoe@ourdomain.com

** Note that the address did *not* actually match the rewrite rule, but it
still threw an error and disconnected the smtp transaction. I don't know if
this commit fixes this issue as well, but wanted to be sure someone saw this.

--
You are receiving this mail because:
You are on the CC list for the bug.
--
## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##