Sorry for the late reply ...
On Fri, 7 Dec 2001, Philip Hazel wrote:
> On Thu, 6 Dec 2001, Christopher Curtis wrote:
>
> > The message isn't that large. I have both sender and recipient verify, as
> > well as some system filters installed. Immediately after the process gets
> > unstuck, ltrace continues with:
> >
> > mail:~# ltrace -p 7733
[...]
> > strcmp("message_body", "message_body") = 0
>
> This shows that it is expanding the variable $message_body. That loop is
> searching the list of variable names (by binary chop). So, this means
> that the tight loop is happening when processing some expansion string
> containing $message_body.
>
> Do you have any such strings in your Exim configuration? Or in your Exim
> filter? If so, what are they? What comes immediately before
> $message_body?
>
> Just a thought: are you using any regular expressions?
Expansion string containing $message_body: Little confused at this point,
but guessing that I don't. I do, however, filter, and I do use regular
expressions. message_body_visible = 5000; I have an ~6k filter script.
It's based on the generic system-filter I downloaded, but highly modified.
A summary of the script is:
If message_body contains and message_body contains (Sircam)
If message_body contains and message_body contains (Badtrans.B)
If message_body contains and h_subject contains (Pentagone)
If message_body contains (Snowhite)
If message_body matches ... regex is:
"name=\".*\\..*\\.(ad[ep]|ba[st]|chm|cmd|com|cpl|crt|eml|exe|hlp|hta|in[fs]|isp|jse?|lnk|md[be]|ms[cipt]|pcd|pif|reg|scr|sct|shs|url|vb[se]|ws[fhc])\""
... idea is to pick up *.*.foo (double extension executables)
If message_body matches "a\\\\shref=(['\"])mailto:([^@]@[^@])\$1"
If message_body contains (html messages)
If message_body contains (javascript in mail)
If message_body contains (Dear Friend,)
If h_to contains or h_from contains "friend@"
If h_to contains or h_from contains "@public.com"
If message_body contains or message_body contains (not spam/junk mail)
If sender_address matches ...
"([a-z\\\\d]+)@(lycos|hotmail|aol|yahoo|msn)\\\\.co(\\\\..*|m)" and
$1 matches "\\d{3,}"
If h_subject contains \\\$\\\$
Each of the 9 rules above modify n9 (adder) and n5 (bitmask).
If $n9 > 99, exim adds a "Potential SPAM" header and logs the message&mask
If $n9 > 0, exim logs it as a warning (to tune the rules).
> > memcpy(0x080d9268, "", 0) = 0x080d9268
>
> The code for that is
> body[0] = 0;
> Is your Exim compiled in some kind of debugging mode? I would have
> expected a compiler to compile inline code for that statement.
I'm running Debian/Sid ... The diff.gz has this:
(
http://ftp.debian.org/debian/pool/main/e/exim/exim_3.33-1.diff.gz)
--- exim-3.33.orig/OS/Makefile-Linux
+++ exim-3.33/OS/Makefile-Linux
@@ -3,12 +3,12 @@
BASENAME_COMMAND=look_for_it
-CFLAGS=-O
+CFLAGS = -O2 -g -Wall
So it looks like the answer would be "yes".
Thanks,
Chris
