 |
| Prev-20 | Home | Next-20 |
| Prev-20 | Home | Next-20 |
| Prev-Msg | Prev-Thread | Postfix-users | Jul-2007 | Next-Thread | Next-Msg |
| Subject: | Possible DoS when the adress and the virtual mysql transport table's characterset mismatches? |
| Group: | Postfix-users |
| From: | Horváth Róbert |
| Date: | 24 Jul 2007 |
When Postfix tries to look up the adress in the transport table and the
address contains a character which is invalid with the table's character
set, mysql emits a warning:
Illegal mix of collations (latin1_swedish_ci,IMPLICIT) and
(utf8_general_ci,COERCIBLE) for operation '='
The problem starts here. After an error like this Postfix fails a few
more times with *correct addresses*. This looks like a DoS. Unfortunatly
I couldn't find any bugtracking system on PF's homepage, so I don't have
a clue if this is a known problem or even fixed one. I can reproduce the
problem:
# postmap -q címveghm
mysql:/etc/postfix/mysql_virtual_transport_maps.cf
this will silently fail as no such mail address exist, but issuing it
from an iso-8859-2 terminal (former was utf-8):
# postmap -q 'c▒mveghm'
mysql:/etc/postfix/mysql_virtual_transport_maps.cf
postmap: warning: mysql query failed: Illegal mix of collations
(latin1_swedish_ci,IMPLICIT) and (utf8_general_ci,COERCIBLE) for
operation '='
Here is the syslog, the bad address is "c?mveghm@zio.." which contains
an `í' character:
Jul 24 02:29:37 [postfix/smtpd] connect from
venus.ultranet.hu[193.142.214.16]
Jul 24 02:29:37 [postfix/trivial-rewrite] warning: mysql query failed:
Illegal mix of collations (latin1_swedish_ci,IMPLICIT) and
(utf8_general_ci,COERCIBLE)
for operation '='
Jul 24 02:29:37 [postfix/trivial-rewrite] warning: transport_maps lookup
failure
Jul 24 02:29:37 [postfix/smtpd] NOQUEUE: reject: RCPT from
venus.ultranet.hu[193.142.214.16]: 451 4.3.0 <c mveghm>:
Temporary lookup failure; fro
m=<www-data> to=<c?mveghm> proto=ESMTP
helo=<venus.ultranet.hu>
Jul 24 02:29:37 [postfix/cleanup] 840B93A09:
message-id=<20070724002937.840B93A09>
Jul 24 02:29:37 [postfix/cleanup] 870313A0D:
message-id=<20070724002937.870313A0D>
Jul 24 02:29:37 [postfix/qmgr] 840B93A09:
from=<double-bounce>, size=1041, nrcpt=1 (queue active)
Jul 24 02:29:37 [postfix/trivial-rewrite] warning: transport_maps lookup
failure
Jul 24 02:29:37 [postfix/smtpd] disconnect from
venus.ultranet.hu[193.142.214.16]
Jul 24 02:29:37 [postfix/qmgr] 840B93A09:
to=<postmaster>, orig_to=<postmaster>, relay=none,
delay=0.09, delays=0.07/0.02/0/0, dsn=4.3.0, st
atus=deferred (address resolver failure)
Jul 24 02:29:37 [postfix/qmgr] 870313A0D:
from=<double-bounce>, size=1041, nrcpt=1 (queue active)
Jul 24 02:29:37 [postfix/qmgr] 870313A0D:
to=<postmaster>, orig_to=<postmaster>, relay=none,
delay=0.11, delays=0.09/0.02/0/0, dsn=4.3.0, st
atus=deferred (address resolver failure)
Jul 24 02:29:49 [postfix/smtpd] connect from
cpe-065-191-143-099.nc.res.rr.com[65.191.143.99]
Jul 24 02:29:49 [postfix/trivial-rewrite] warning: transport_maps lookup
failure
Like if PF cached the error and skipped a few look-ups. I am looking for
a fix, if any of you have a solution please share with me. This is PF
2.3.6 and mysql 4.1.
with best regards,
Robert HORVATH
| Prev-Msg | Prev-Thread | Postfix-users | Jul-2007 | Next-Thread | Next-Msg |