Mailing List Archive: Strange message about SMTPS connection being dropped after upgrading to Exim 4.97

Strange message about SMTPS connection being dropped after upgrading to Exim 4.97

Nov 9, 2023, 1:18 PM

Post #1 of 4 (129 views)

Hello

In Exim 4.96.2, the log_connect_tls_drop() function appeared in the file
src/src/smtp_in.c:

static void
log_connect_tls_drop(const uschar * what, const uschar * log_msg)
{
gstring * g = s_tlslog(NULL);
uschar * tls = string_from_gstring(g);

log_write(L_connection_reject,
log_reject_target, "%s%s%s dropped by %s%s%s",
LOGGING(dnssec) && sender_host_dnssec ? US" DS" : US"",
host_and_ident(TRUE),
tls ? tls : US"",
what,
log_msg ? US": " : US"", log_msg);
}

The value of the last parameter of the log_write function is not checked
before output to the log file. If you use drop without log_message, then
when connecting to port 465 the following message will be displayed in
the log file:

2023-11-09 22:43:41 [36164] H=hostname.domain.tld [1.2.3.4]:17784
I=[5.6.7.8]:465 dropped by 'connect' ACLNULL

In exim 4.96.2, instead of "dropped by 'connect' ACLNULL" it was
displayed "dropped by 'connect' ACL". But in exim 4.96.2 there was no
log_connect_tls_drop() function.

--
Best wishes Victor Ustugov
mailto:victor@corvax.kiev.ua
public GnuPG/PGP key: https://victor.corvax.kiev.ua/corvax.asc

--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@lists.exim.org
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: Strange message about SMTPS connection being dropped after upgrading to Exim 4.97 [ In reply to ]

exim-users at lists

Nov 9, 2023, 1:39 PM

Post #2 of 4 (129 views)

Permalink

On 09/11/2023 21:18, Victor Ustugov via Exim-users wrote:
> 2023-11-09 22:43:41 [36164] H=hostname.domain.tld [1.2.3.4]:17784
> I=[5.6.7.8]:465 dropped by 'connect' ACLNULL

I saw it doing that while fixing 3039 (post 4.97) - but
the fix eliminated the logging call I was dealing with,
so didn't follow that up.

Worth picking up eb09d0da1fb9 and trying your test again,
just in case it helps, if you're compiling from sourse.
--
Cheers,
Jeremy

--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@lists.exim.org
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: Strange message about SMTPS connection being dropped after upgrading to Exim 4.97 [ In reply to ]

exim-users at lists

Nov 10, 2023, 12:14 PM

Post #3 of 4 (129 views)

Permalink

Jeremy Harris via Exim-users wrote on 09.11.2023 23:39:
> On 09/11/2023 21:18, Victor Ustugov via Exim-users wrote:
>> 2023-11-09 22:43:41 [36164] H=hostname.domain.tld [1.2.3.4]:17784
>> I=[5.6.7.8]:465 dropped by 'connect' ACLNULL
>
>
> I saw it doing that while fixing 3039 (post 4.97) - but
> the fix eliminated the logging call I was dealing with,
> so didn't follow that up.
>
> Worth picking up eb09d0da1fb9 and trying your test again,
> just in case it helps,

Nothing has changed when logging dropped connections to port 465. I
still see "ACLNULL".

> if you're compiling from sourse.

I don't compile exim from source. I build exim from ports on FreeBSD,
from src.rpm on CentOS, from deb src on Debian/Ubuntu. This doesn't
prevent me from using patches obtained from git.

--
Best wishes Victor Ustugov
mailto:victor@corvax.kiev.ua
public GnuPG/PGP key: https://victor.corvax.kiev.ua/corvax.asc

--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@lists.exim.org
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: Strange message about SMTPS connection being dropped after upgrading to Exim 4.97 [ In reply to ]

exim-users at lists

Nov 10, 2023, 1:52 PM

Post #4 of 4 (129 views)

Permalink

Jeremy Harris via Exim-users wrote on 09.11.2023 23:39:
> On 09/11/2023 21:18, Victor Ustugov via Exim-users wrote:
>> 2023-11-09 22:43:41 [36164] H=hostname.domain.tld [1.2.3.4]:17784
>> I=[5.6.7.8]:465 dropped by 'connect' ACLNULL
>
>
> I saw it doing that while fixing 3039 (post 4.97) - but
> the fix eliminated the logging call I was dealing with,
> so didn't follow that up.
>
> Worth picking up eb09d0da1fb9 and trying your test again,
> just in case it helps, if you're compiling from sourse.

What if we just replace

log_msg ? US": " : US"", log_msg);

with

log_msg ? US": " : US"",
log_msg == NULL ? "" : log_msg);

?

--
Best wishes
Victor Ustugov
mailto:victor@corvax.kiev.ua
public GnuPG/PGP key: https://victor.corvax.kiev.ua/corvax.asc

--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@lists.exim.org
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/