OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: Re: 451 Error: queue file write error
From: Wietse Venema (wietseporcupine.org)
Date: Sun Jul 02 2000 - 21:58:03 CDT

Is that header check based on regexp or pcre? What pcre version?
I haven't used pcre much, regexp works fine for me.

        Wietse

Jesper Skriver:
> On Fri, Jun 30, 2000 at 08:53:19PM -0400, Wietse Venema wrote:
> > Jesper Skriver wrote:
> > > Hi,
> > >
> > > We have a client (changed to x.x.x.x to protect the innocent), they
> > > connect about once a minute, and the below is what happends - can anyone
> > > see what goes wrong ?
> > >
> > > Jun 29 17:57:52 pasmtp postfix/master[3463]: warning: process /usr/libexec/postfix/cleanup pid 3520 killed by signal 4
> >
> > There's the problem. On some systems, signal 4 is SIGILL, aka
> > "illegal instruction", which normally means a memory corruption
> > problem (hardware or software).
>
> #define SIGILL 4 /* illegal instruction (not reset when caught) */
>
> according to <http://cvsweb.netbsd.org/cgi-bin/cvsweb.cgi/syssrc/sys/sys/signal.h?rev=1.42&content-type=text/x-cvsweb-markup>
>
> > You''ll have to zoom in on the cleanup daemon. What virtual/canonical
> > maps or header/body checks are being used?
>
> # postconf -n
> alias_database = hash:/etc/postfix/aliases
> alias_maps = hash:/etc/postfix/aliases
> command_directory = /usr/sbin
> daemon_directory = /usr/libexec/postfix
> debug_peer_level = 2
> default_destination_concurrency_limit = 10
> default_privs = nobody
> default_transport = smtp
> delay_warning_time = 2
> header_checks = pcre:/etc/postfix/badheaders
> home_mailbox = Mailbox
> local_destination_concurrency_limit = 2
> mail_owner = postfix
> maps_rbl_domains = rbl.maps.vix.com, relays.mail-abuse.org, relays.orbs.org
> maximal_queue_lifetime = 10
> mydestination = $myhostname
> mydomain = tele.dk
> myhostname = pasmtp.tele.dk
> mynetworks = $config_directory/mynetworks
> myorigin = $myhostname
> program_directory = /usr/sbin
> queue_directory = /var/spool/postfix
> relay_domains = $mydestination, $virtual_maps, /etc/postfix/relay_domains
> smtpd_banner = $myhostname ESMTP $mail_name on NetBSD/sparc
> smtpd_client_restrictions = hash:/etc/postfix/ok_relay, reject_maps_rbl, permit_mynetworks, permit
> smtpd_helo_required = yes
> smtpd_helo_restrictions = permit
> smtpd_recipient_restrictions = regexp:/etc/postfix/regexp_access, reject_non_fqdn_recipient, reject_unknown_recipient_domain, permit_auth_destination, check_client_access hash:/etc/postfix/no_relay, permit_mynetworks, reject
> smtpd_sender_restrictions = reject_unknown_sender_domain, reject_non_fqdn_sender, check_sender_access hash:/etc/postfix/junk, permit
> unknown_address_reject_code = 550
>
> Where /etc/postfix/badheaders contains rules like the below.
>
> # cat /etc/postfix/badheaders
> # common spam to/from addresses
> /^(To|From):.*theheadoffice.com/ REJECT
> /^(To|From):.*emailrequested.com/ REJECT
> /^(To|From):.*alltheworld.com/ REJECT
> /^(To|From):.*friendpublic.com/ REJECT
> /^(To|From):.*supercdhanmail.net/ REJECT
> /^(To|From):.*dontreply/ REJECT
> /^From:.*infowatch\.net/ REJECT
> /^To:.*customeraol/ REJECT
> /^(To|From):.*webevaluationasianoffice.com/ REJECT
> /^(To|From):.*lustland.com/ REJECT
> /^(To|From):.*depth-finder.com/ REJECT
>
> "Luckily" the sending mailserver gave up while I was partying - so I
> don't see these connects now, this limits the tests we can make, but I
> don't know if you have any ideas ?
>
> /Jesper
>
> --
> Jesper Skriver, jesper(at)skriver(dot)dk - CCIE #5456
> Work: Network manager AS3292 (Tele Danmark DataNetworks)
> Private: Geek AS2109 (A much smaller network ;-)
>
> One Unix to rule them all, One Resolver to find them,
> One IP to bring them all and in the zone to bind them.
>
>
>
>