LDA input validation

Stéphane Cottin stephane.cottin at vixns.com
Sat Jan 24 11:07:35 UTC 2015 

Hello,

> Le 23 janv. 2015 à 16:14, Steffen Kaiser <skdovecot at smail.inf.fh-brs.de> a écrit :
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> On Fri, 23 Jan 2015, Stéphane Cottin wrote:
> 
>> I'm using qmail + dspam + dovecot-lda.
>> 
>> A typical .qmail file :
>> 
>> | /usr/bin/dspam --client --deliver=stdout --user "$EXT@$USER" | /usr/bin/preline -f /usr/lib/dovecot/dovecot-lda -d "$EXT@$USER" -a "$EXT@$USER" -m "$EXT2"
>> 
>> When dspam segfault or is killed, preline receive an empty content and only pass to dovecot-lda two headers ( Return-Path and Delivered-To ).
> 
> Those two lines are generated by dovecot-lda or preline.

preline

> 
>> Then dovecot-lda delivers successfully and the original message contents are lost.
>> 
>> Should dovecot-lda returns an error in such conditions ( invalid contents ) ? Qmail will keep it in the queue and retry delivery later.
> 
> That's the problem of the used Unix pipe and broken by design. The right member of the pipe (preline) runs independendly of dspam and recieves no content via pipe. Why should preline or dovecot-lda believe there is an error?


You're right about my mistake using pipes, but there may be some cases where validating input make sense.

Anyway, many thanks for your wrapper, I've improved it to fail safely on dspam errors.

====
#!/bin/sh

tmpf="/var/tmp/wrapper.$$.log"
trap 'rc=$?; rm -f $tmpf; exit $rc' EXIT

/usr/bin/dspam --client --deliver=stdout --user "$1" >$tmpf

if [ $? -eq 0 ] ; then
        test -s $tmpf && /usr/bin/preline -f \
        /usr/lib/dovecot/dovecot-lda -d "$1" -a "$1" -m "$2" <$tmpf
else
	rm -f $tmpf
        exit 75
fi
====

Stéphane

> 
> If preline does not have no nifty option to prevent this, replace the pipe by a shell script:
> 
> | /usr/local/bin/dspam-lda-wrapper.sh "$EXT@$USER" "$EXT2"
> 
> ===== /usr/local/bin/dspam-lda-wrapper.sh
> #!/bin/bash
> 
> tmpf="/tmp/wrapper.$$.log"
> trap 'rc=$?; rm -f $tmpf; exit $rc' EXIT
> 
> if /usr/bin/dspam --client --deliver=stdout --user "$1" >$tmpf; then
> 	test -s $tmpf && /usr/bin/preline -f \
> 	/usr/lib/dovecot/dovecot-lda -d "$1" -a "$1" -m "$2" <$tmpf
> fi
> ======
> 
> - -- Steffen Kaiser
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1
> 
> iQEVAwUBVMJlQnz1H7kL/d9rAQK90Af9Fs+uZ6P0VxQL0r8PpR30hYt1MnExozpz
> QXbhKMCrXv5fZwAZ6paAbQQ999Emjj0fyBEBKodgYoi3rQm5claJwb1/NzSotgxx
> Kayc0WpPP2cPMR1QZBA1FmR6+XPyEQO1h8B6aYxNNVNELCMxzotQ5hBPsqrR8ajO
> 86TL7FYaz6EM5nqW7w/VwwqsPDiM3mlkgckQudMzxeupP/jGZiRAkWODznSRg4Wr
> yHx257i8jWj3mV2vcew16tyBuwmc3g1renPSwjaUZoLsb2A9vyJjnr0qmBdfrkDz
> LE6WICAJcZuxQtyy8naTExEGKyQUhBc0nOLVljZ6ZnVC15b8gHWYRw==
> =WdEr
> -----END PGP SIGNATURE-----

More information about the dovecot mailing list