Hosting Provided By

[AMaViS-user] preserved tempdirs

From: Alexander 'Leo' Bergolth <leo(at)strike.wu-wien.ac.at>
Date: Sun Nov 25 2007 - 09:19:24 EST

Hi!

Yesterday I ran into a problem that might also bring other amavis users into trouble:

Mailbombs containing special attachments caused clamav to get into trouble. It became very slow on scanning those attachments, so amavisd killed it after it reached the timeout. In my case (pre-queue-setup), it caused the mail to be rejected with a 451 temporary error. The bad thing is that amavisd didn't remove the temporary directory ("PRESERVING EVIDENCE ..."), in some cases containing more than 100 MB of unpacked files. Since it was a temporary error, the relaying mail-server retried delivery after some delay, so the same procedure looped until the filesystem containing the temporary files was full. After this point, mail delivery was completely disabled.

I know that my pre-filter-setup isn't recommended for production use, but I believe that this kind of loop (processing fails, directory is kept and the mail is requeued) could potentially also happen in a common post-queue scenario.

Maybe the decision what to do with a temporary directory after processing the mail had failed should be configurable in order to prevent possible DOS-attacks? Possible actions could be:
- keep directories only until a certain amount of disk space is filled

move those temporary directories into another place
generally do not preserve evidences

Cheers,

--leo
-- 
e-mail   ::: Alexander.Bergolth (at) wu-wien.ac.at
fax      ::: +43-1-31336-906050

location ::: Computer Center | Vienna University of Economics | Austria

This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/

AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/ Received on Sun Nov 25 09:19:41 2007

This message: [ Message body ]
Next message: Leon Kolchinsky: "Re: [AMaViS-user] preserved tempdirs"
Previous message: Michael Scheidell: "Re: [AMaViS-user] dkimproxy or dkimmilter?"
Next in thread: Leon Kolchinsky: "Re: [AMaViS-user] preserved tempdirs"
Reply: Leon Kolchinsky: "Re: [AMaViS-user] preserved tempdirs"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Tue Jul 15 2008 - 08:21:01 EDT