Sometimes you do silly things and complicate it simple things ... This is the story of how complicated something that should have worked well from the beginning, simply because the wrong version of a software tool (and how they finally found the error.)
In one of our products (mail server), I use a content management system based on a modified version of simscan.
Last Friday I was trying to compile the latest version (1.4.0) with some modifications to address implementation details when referring to the ClamAV antivirus (basically, the problem arises from the asset at the time umask that creates simscan working directory where you will attachments stored for processing), so I applied the changes and tried to compile. The final product seemed to be perfectly fine, so it was installed and was "working."
consequential In tests, I noticed that the SMTP service failed miserably. When trying to send any message through the new server, an error appeared in the mail program, but the error did not appear as intended, but only appeared a transmission error (mail client fucking stinky ...). 
I put a snapshot of traffic on the server, and when I tried to send a message I could see the error message sent to the server client (the client does not show me ...): mail server 451 Temporarily Rejected message (# 4.3.0)
I tried to find the error in the source code for QMail (using grep) to determine what was causing it, and so I got the file
qmail.c
, where I found that the line was consistent with the error code number 71:
switch (exitcode) {case 71
[...] : return "server Zmail Temporarily Rejected message (# 4.3.0)"; In linux, error codes are defined in the file / usr / include / sysexits.h the kernel headers, so as I do not remember exactly what was for, I looked at the source code, leading to the line containing the explanation of the error: # define
EX_OSERR 71 / * system error (eg, can not fork) * /
Apparently, QMail could not start an instance of "something" that is invoked when the message is going to happen to the queue for further processing, so obviously the problem would be in the management program of the tail. There are only two options here, or use the original program management QMail queue qmail-queue
, or invoke the program that handles contained checks, and that's the simscan
.
anyway as I did not know why it failed, activate a recordio about the service (basically capture the output and error messages of all the programs involved in the transaction and stored in the log for later analysis), and so could see what was exactly the same records. And then the error became apparent: @ 400000004b6c75a6291a77f4 simscan: error ripmime @ 400000004b6c75a6291a7bdc simscan: exit error code: 71
400000004b6c75a6291ca2a4 @ 10303> 451 mail server Temporarily Rejected message (# 4.3.0)
Apparently, was a failed ripmime ... rare thing, because I had never problem. Simscan ripmime used to extract the attachments from messages and then pass the antivirus and antispam to each one separately. I decided to check the ripmime and everything seemed right. The ripmime could be called without problems from the command line. I try to verify that he did his job and everything worked fine, disorienting more every time. I checked the code that instantiates the ripmime in the simscan source, and finally I found this line:
/ * fork ripmime * /
switch (pid = vfork ()) {
case -1:
case 0:
close (1);
close (2);
execl (RIPMIME, "ripmime", "- disable-qmail-bounce"
"-i" message_name, "-d" NULL);
_exit (-1);}
I was struck by the argument passed to ripmime at the fork, - disable-qmail-bounce , and he did not recall seeing him in support of it, so I checked the source of ripmime well and I realized that this argument did not exist in the version I was using (!)...
comment on the argument in the invocation of ripmime, recompile simscan, I installed it and when I tried send the e-mail, everything worked perfectly!
There the problem became obvious last.
"-i" message_name, "-d" NULL);
_exit (-1);}
I was struck by the argument passed to ripmime at the fork, - disable-qmail-bounce , and he did not recall seeing him in support of it, so I checked the source of ripmime well and I realized that this argument did not exist in the version I was using (!)...
comment on the argument in the invocation of ripmime, recompile simscan, I installed it and when I tried send the e-mail, everything worked perfectly!
There the problem became obvious last.
I checked it and realized that the version of ripmime he was using was 1.3.0.9, so I looked again more calmly, and found the latest available version 1.4.0.9. This version DOES have the above argument, and the invocation of ripmime with this parameter works. He had missed the download version for digit.
simply, the error was ripmime New versions of old, who had no simscan the argument was wrong when invoked.
happy ending, but after a while of "entertaining" debugging ...
The moral?: Double check that you turn down to compile. Security had been told you so, but it does not hurt to remember from time to time ...
Happy hacking!
0 comments:
Post a Comment