Re: [Mailman-Users] Problems with SMTPDirect / Security Bug?
palsina@chasque.net said:
Using SMTPDirect as delivery module just times out, not sending any mail out. I used Sendmail as MTA, and saw a few messages on this board suggesting that Postfix was faster, so I replaced sendmail with Postfix.
You are running a SMTP daemon on 127.0.0.1 [or actually on whatever address SMTPHOST is set to]?
If you telnet to that address/port do you see the initial SMTP banner in a reasonable length of time? Can you then go through the basic SMTP commands that would be used for sending a message (HELO, MAIL FROM, RCPT TO) and have it turn those round in reasonable time? Its most likely the MTA that is misconfigured - either not listening, or trying to verify everything and taking lots of time about it.
palsina@chasque.net said:
Looking at the code, I see that the recipient list is not sanatized before invoking the shell. Unless I'm wrong, one could subscribe an 'larry;command_here;@none.com' and make the command_here to get executed!
Ugh. I'm going to repeat my comment that I don't think Sendmail.py is ready for prime time.
I'm going to try to patch the Sendmail.py to put each recipient between '' to avoid shell expansion. Hope that will do.
It would be better not to shell at all - the argument list should be built up in python and then exec-ed across without a shell being involved (since a shell has nothing to contribute here except burning some CPU cycles and lousing up the argument lists.
Nigel.-- [ - Opinions expressed are personal and may not be shared by VData - ] [ Nigel Metheringham Nigel.Metheringham@VData.co.uk ] [ Phone: +44 1423 850000 Fax +44 1423 858866 ]
On Tue, 23 May 2000, Nigel Metheringham wrote:
palsina@chasque.net said:
Using SMTPDirect as delivery module just times out, not sending any mail out. I used Sendmail as MTA, and saw a few messages on this board suggesting that Postfix was faster, so I replaced sendmail with Postfix.
You are running a SMTP daemon on 127.0.0.1 [or actually on whatever address SMTPHOST is set to]?
If you telnet to that address/port do you see the initial SMTP banner in a reasonable length of time? Can you then go through the basic SMTP commands that would be used for sending a message (HELO, MAIL FROM, RCPT TO) and have it turn those round in reasonable time? Its most likely the MTA that is misconfigured - either not listening, or trying to verify everything and taking lots of time about it.
My SMTP daemon is running locally. SMTPHOST is set to the servers public name and SMTPPORT is set to 25. Doing 'telnet [SMTPHOST] [SMTPPORT]' connects in less than 1 second, and allows me to send mail out with no delays.
Why is SMTP_MAX_RCPTS not used in the code? Shouln't this be a solution?
Looking at the code, I see that the recipient list is not sanatized before invoking the shell. Unless I'm wrong, one could subscribe an 'larry;command_here;@none.com' and make the command_here to get executed!
Ugh. I'm going to repeat my comment that I don't think Sendmail.py is ready for prime time.
I would be happy not using it, but it seems like the only way to get the it working. Is someone using MailMan and SMTPDirect to handle a 3000+ subs. mailing list with success?
Thanks for your help. Pablo
"PA" == Pablo Alsina <palsina@chasque.net> writes:
PA> Why is SMTP_MAX_RCPTS not used in the code? Shouln't this be a
PA> solution?I just forgot to include this when I re-implemented the delivery modules. I'll make sure that 2.0b3 adds back support for SMTP_MAX_RCPTS.
-Barry
On Tue, 23 May 2000, Barry A. Warsaw wrote:
I just forgot to include this when I re-implemented the delivery modules. I'll make sure that 2.0b3 adds back support for SMTP_MAX_RCPTS.
I think that would be great. I resolved my problem raising the limit on the RCPT per connection in the MTA configuration file (Postfix: smtpd_recipient_limit), but as a general solution, it would be better if Mailman honors its own limit.
Using ptrace to find out what was happening between Mailman and my MTA, I saw that the MTA was replying with 452 Error: too many recipients
So I think that Mailman does not end all the RCPT commands because the connection between Mailman and the MTA closes (probably the MTA is closing it after too many errors). As a general solution to this issue, Mailman (smtplib really) should end sending RCPT commands if the MTA replies with "too many recipients", and deliver the remaining recipients in another connection.
Thanks for your help. I will be waiting for that 2.0b3! Pablo
"PA" == Pablo Alsina <palsina@chasque.net> writes:
PA> I would be happy not using it, but it seems like the only way
PA> to get the it working. Is someone using MailMan and SMTPDirect
PA> to handle a 3000+ subs. mailing list with success?Just to follow up, as I'm desperately trying to clear my backlog. The latest CVS snapshot adds back support for SMTP_MAX_RCPTS in SMTPDirect.py and I've tested it with 10000 fake addresses[1] and 6 real ones. AFAICT, delivery is working for this scenario, so beta3 should work much better for large lists.
-Barry
[1] For Postfixers, what I did was create a dummy transport for a fake domain. The transport's argv=/bin/true and then I subscribed 10000 addresses in that domain to the list. If anybody has a better way of doing this in Postfix, please let me know.
participants (3)
-
bwarsaw@python.org -
Nigel Metheringham -
Pablo Alsina