[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
system/1429: smtpfwdd resends spam with bad "Message-Id:" header forever
- To: gnats@openbsd.org
- Subject: system/1429: smtpfwdd resends spam with bad "Message-Id:" header forever
- From: "Robert A. Lerche" <ral@msbit.com>
- Date: Mon, 2 Oct 2000 20:39:29 -0700 (PDT)
- Resent-Date: Mon, 2 Oct 2000 21:50:02 -0600 (MDT)
- Resent-From: gnats@cvs.openbsd.org (GNATS Management)
- Resent-Message-Id: <200010030350.e933o2N17001@cvs.openbsd.org>
- Resent-Reply-To: gnats@cvs.openbsd.org, ral@msbit.com
- Resent-Sender: owner-bugs@openbsd.org
- Resent-To: bugs@cvs.openbsd.org
>Number: 1429
>Category: system
>Synopsis: smtpfwdd resends spam with bad "Message-Id:" header forever
>Confidential: yes
>Severity: serious
>Priority: medium
>Responsible: bugs
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Mon Oct 2 21:50:01 MDT 2000
>Last-Modified:
>Originator: Robert A. Lerche
>Organization:
MSB Associates
>Release:
>Environment:
System : OpenBSD 2.7
Architecture: OpenBSD.i386
Machine : i386
>Description:
After configuring an OpenBSD system as a firewall, using smtpd/smtpfwdd
to process incoming mail from outside, I found that some spam would cause
a file to get stuck in /var/spool/smtpd. /var/log/maillog indicated
Sep 28 18:27:26 fw sendmail[4816]: e8T1RQg04816: ruleset=CheckMessageId, arg1=<00001cfe3a2a$00001b47$0000379b@>, relay=daemon@localhost, reject=553 5.0.0 Header Error
Sep 28 18:27:26 fw sendmail[4816]: e8T1RQg04816: from=<foreverwealthy@samerica.com>, size=4330, class=0, nrcpts=1, msgid=<00001cfe3a2a$00001b47$0000379b@>, relay=daemon@localhost
Sep 28 18:27:28 fw smtpfwdd[3902]: Temporary sendmail failure (status 17664), will retry later
Sep 28 18:27:36 fw smtpfwdd[16276]: Child process (3902) exited indicating retry
And the mail would be re-processed every 10 minutes. Of course, since
it's spam, the return address is no good, so a message goes to Postmaster
(me!) every 10 minutes indicating that "foreverwealty@samerica.com" is
a non-existent user.
>How-To-Repeat:
Place this file in /var/spool/smtpd/smtpdT27248:
FROM <foreverwealthy@samerica.com>
RCPT <ra@msbit.com>
BODY
Received: from UNKNOWN(195.57.106.132), claiming to be "[195.57.106.132]"
via SMTP by fw.msbit.com, id smtpdM17914; Thu Sep 28 23:59:13 2000
Received: from no.name.available by [195.57.106.132]
via smtpd (for msbit.com [207.44.139.194]) with SMTP; 29 Sep 2000 07:01:17 UT
Received: from jaen21 (1Cust164.tnt1.orlando.fl.da.uu.net [63.24.128.164]) by jaen22.promojaen.es with SMTP (Microsoft Exchange Internet Mail Service Version 5.5.2448.0)
id SJYSV0MR; Fri, 29 Sep 2000 08:57:49 +0200
Message-ID: <00001cfe3a2a$00001b47$0000379b@>
To: <Undisclosed Recipients>
From: foreverwealthy@samerica.com
Received: from 1Cust164.tnt1.orlando.fl.da.uu.net ([63.24.128.164]) by jaen21
via smtpd (for [172.20.30.22]) with SMTP; 29 Sep 2000 06:58:38 UT
Subject: DEALS DEALS DEALS!!!
Date: Thu, 28 Sep 2000 17:28:37 -0400
MIME-Version: 1.0
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
X-Priority: 3
X-MSMail-Priority: Normal
>Fix:
The problem is the "CheckMessageId" rule in /etc/mail/sendmail.cf. It
causes sendmail to reject the mail, but smtpfwdd doesn't realize
this is a permanent error. "CheckMessageId" doesn't work well with the
store-and-forward style used by smtpd/smtpfwdd.
Comment out the following lines in /etc/mail/sendmail.cf:
HMessage-Id: $>CheckMessageId
SCheckMessageId
R< $+ @ $+ > $@ OK
R$* $#error $: 553 Header Error
>Audit-Trail:
>Unformatted:
no
Incoming mail with a bad "Message-Id:" header gets stuck and resent
serious
medium
sw-bug
OpenBSD 2.7