[exim] Re: failure to transfer data from subprocess

Página superior
Eliminar este mensaje
Responder a este mensaje
Autor: Robert Nicholson
Fecha:  
A: exim users
Asunto: [exim] Re: failure to transfer data from subprocess
Here is some feedback I received from support for the host I’m using.

I’m not quite sure I follow the significant of what they are pointing out and also it doesn’t look like I have the ability to debug exim myself

The claim below is that it’s my pipe to the perlscript that causes the issues.

Sure, but what does the whole tainted thing have to do with it?

02:19:39 13517  Condition is false: $header_from: matches rss@??? <mailto:rss@elastica.com>
02:19:39 13517   ╭considering: $tod_full running with sa $header_from: to $header_to:
02:19:39 13517   
02:19:39 13517   ├considering:  running with sa $header_from: to $header_to:
02:19:39 13517   
02:19:39 13517   ├───────text:  running with sa 
02:19:39 13517   ├considering: $header_from: to $header_to:
02:19:39 13517   
02:19:39 13517   ├considering:  to $header_to:
02:19:39 13517   
02:19:39 13517   ├───────text:  to 
02:19:39 13517   ├considering: $header_to:
02:19:39 13517   
02:19:39 13517   ├considering: 
02:19:39 13517   
02:19:39 13517   ├───────text: 
02:19:39 13517   
02:19:39 13517   ├──expanding: $tod_full running with sa $header_from: to $header_to:
02:19:39 13517   
02:19:39 13517   ╰─────result: Fri, 12 May 2023 02:19:39 -0700 running with sa Firstname Lastname <user@??? <mailto:bbarlow@matlensilver.com>> to me@??? <mailto:robert@elastica.com>
02:19:39 13517   
02:19:39 13517              ╰──(tainted)
02:19:39 13517  writing filter log as euid 1043
02:19:39 13517  Filter: pipe message to: nice -10 $home/perlscripts/filter.pl
02:19:39 13517 LOG: MAIN PANIC
02:19:39 13517   SIGSEGV (fault address: (nil))


as it's basically pipe tu custom extension which is not provided by DA it's not considered as direct exim issue, as it plain simply not parsing correctly.
 
You can debug variables passed and hot it's processed and guess where it's failing using debug devilry of failing message using etc.:
exim -d+all -M 1pwiuk-0008E9-06

Just a hint:
39 13517   ╰─────result: sending message 1pwiuk-0008E9-06 from Firstname Lastname <user@??? <mailto:bbarlow@matlensilver.com>> to me@??? <mailto:robert@elastica.com> to pipe
02:19:39 13517   
02:19:39 13517              ╰──(tainted)
02:19:39 13517  writing filter log as euid 1043
02:19:39 13517   ╭considering: $header_from:
02:19:39 13517   ├──expanding: $header_from:
02:19:39 13517   ╰─────result: Firstname Lastname <user@??? <mailto:bbarlow@matlensilver.com>>
02:19:39 13517              ╰──(tainted)

which can be a new thing for custom filter in relation to exim changes and how client provided input is treated(basically less/no trust is given):
 
https://github.com/Exim/exim/blob/master/doc/doc-txt/ChangeLog
"JH/25 Taint-check exec arguments for transport-initiated external processes.
      Previously, tainted values could be used.  This affects "pipe", "lmtp" and
      "queryprogram" transport, transport-filter, and ETRN commands.
      The ${run} expansion is also affected: in "preexpand" mode no part of
      the command line may be tainted, in default mode the executable name
      may not be tainted.”

exim -bV
Exim version 4.96-58-g4e9ed49f8 #2 built 07-Jan-2023 06:47:04
Copyright (c) University of Cambridge, 1995 - 2018
(c) The Exim Maintainers and contributors in ACKNOWLEDGMENTS file, 2007 - 2022
Berkeley DB: Berkeley DB 5.3.21: (May 11, 2012)
Support for: crypteq IPv6 Perl OpenSSL TLS_resume move_frozen_messages Content_Scanning DKIM DNSSEC Event OCSP PIPECONNECT PRDR Queue_Ramp SPF SRS TCP_Fast_Open
Lookups (built-in): lsearch wildlsearch nwildlsearch iplsearch cdb dbm dbmjz dbmnz dnsdb
Authenticators: cram_md5 dovecot plaintext spa
Routers: accept dnslookup ipliteral manualroute queryprogram redirect
Transports: appendfile/maildir/mailstore/mbx autoreply lmtp pipe smtp
Malware: f-protd f-prot6d drweb aveserver fsecure kavdaemon sophie clamd mksd avast sock cmdline
Fixed never_users: 0
Configure owner: 0:0
Size of off_t: 8
2023-05-12 02:30:58 cwd=/var/log/exim 2 args: exim -bV
Configuration file is /etc/exim.conf

-----

> On May 10, 2023, at 5:31 PM, Robert Nicholson via Exim-users <exim-users@???> wrote:
>
> To answer this question my ISP uses DirectAdmin and I believe exim is packaged with that.
>
>> On May 10, 2023, at 6:52 AM, Jeremy Harris via Exim-users <exim-users@???> wrote:
>>
>>
>> On 10/05/2023 12:02, Robert Nicholson via Exim-users wrote:
>>> Exim version 4.96-58-g4e9ed49f8 #2 built 07-Jan-2023 06:47:04
>>
>> Who built it? What is the provenance of the sourcecode?
>>
>>> mainlog:2023-05-09 13:49:51 1pwUHO-0005xx-1O SIGSEGV (null pointer indirection)
>>
>> Definitely a bug; you should not be able to induce this by doing
>> something odd in a .forward.
>>
>> For debugging it, it'd help if you could provide the matching .forward
>> rule (if there is indeed one), and even more if you could get a coredump.
>>
>> The "failure to transfer data" log is a follow-on resulting from
>> the transport process dying (and not providing data) not ignore that.
>>
>> Is the message successfully delivered on a subsequent queue-run
>> (grep the log for the message ID)? I see several failed tries in
>> the log extract you gave.
>>
>> If not, and the message is still queued, please try forcing a delivery
>> with debug enabled ("exim -d+all -M 1pwUHO-0005xx-1O 2>&1 | tee debuglog")
>> --
>> Cheers,
>> Jeremy
>>
>>
>> --
>> ## subscription configuration (requires account):
>> ## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
>> ## unsubscribe (doesn't require an account):
>> ## exim-users-unsubscribe@???
>> ## Exim details at http://www.exim.org/
>> ## Please use the Wiki with this list - http://wiki.exim.org/
>
>
> --
> ## subscription configuration (requires account):
> ## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
> ## unsubscribe (doesn't require an account):
> ## exim-users-unsubscribe@???
> ## Exim details at http://www.exim.org/
> ## Please use the Wiki with this list - http://wiki.exim.org/



--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@???
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/