Re: [exim] deferring mysql lockups

Top Page
Delete this message
Reply to this message
Author: David Saez Padros
Date:  
To: Bill Hacker, EXIM mailing list
CC: 
Subject: Re: [exim] deferring mysql lockups
Hi !!

>> when a message is temporary rejected due to a failed mysql query
>> (i.e. when there are too many mysql connections) the 4xx error
>> returned to the client includes the whole mysql query, which can
>> reveal sensitive data to the remote party, maybe it will be better
>> to just return the mysql error without the query or to be able to
>> define a global error message to use in that circunstances.
>
> That should be 'controllable' in your own settings.
>
> Are you specifying a 'message =' or leaving it to the
> defaults?


'message' is only used if the condition fails but not when it
defers, when it defers the 4xx messages says:

failed to expand "${lookup mysql {SELECT ...}": lookup of "SELECT ..."
gave DEFER: MYSQL connection failed: Too many connections

and in general any expand failure gives all the data to the remote
party revealing in that case the database structure (at least) and
in other cases it could also reveal other kind of sensitive data.
This is the only thing i really dislike from exim

--
Best regards ...

----------------------------------------------------------------
    David Saez Padros                http://www.ols.es
    On-Line Services 2000 S.L.       e-mail  david@???
    Pintor Vayreda 1                 telf    +34 902 50 29 75
    08184 Palau-Solita i Plegamans   movil   +34 670 35 27 53
----------------------------------------------------------------