SA Bugzilla – Bug 4619
impossible to disable IPv6
Last modified: 2005-10-25 16:36:44 UTC
i have system where Perl IO::Socket::INET6 package is installed but the ipv6 itself is not available in kernel. errors when starting spamd: [10250] warn: IO::Socket::INET6: Bad hostname '192.168.5.81' at /usr/share/ perl5/vendor_perl/Mail/SpamAssassin/DnsResolver.pm line 190 [10250] error: Error creating a DNS resolver socket: at /usr/share/perl5/ vendor_perl/Mail/SpamAssassin/DnsResolver.pm line 202. Error creating a DNS resolver socket: at /usr/share/perl5/vendor_perl/Mail/ SpamAssassin/DnsResolver.pm line 202 192.168.5.81 is my dns server from /etc/resolv.conf and the other one: spamd[11753]: IO::Socket::INET6: Address family not supported by protocol at /usr/share/perl5/vendor_perl/Net/DNS/Resolver/Base.pm line 759
Created attachment 3159 [details] temporary fix to disable ipv6
(as bugzilla sucks bigtime and won't let me upload attachment: uploading file requires to login, and when i login it says i forgot to attach file, and i have cookies enabled (otherwise i wouldn't be posting the first attachment), and i can't bypass proxy server which is causing all this) then posting the second patch here: --- /usr/share/perl5/vendor_perl/Mail/SpamAssassin/DnsResolver.pm~ 2005-09- 14 05:07:31.000000000 +0300 +++ /usr/share/perl5/vendor_perl/Mail/SpamAssassin/DnsResolver.pm 2005-10- 05 13:47:21.000000000 +0300 @@ -44,7 +44,8 @@ use IO::Socket::INET; use Errno qw(EINVAL EADDRINUSE); -use constant HAS_SOCKET_INET6 => eval { require IO::Socket::INET6 }; +#use constant HAS_SOCKET_INET6 => eval { require IO::Socket::INET6 }; +use constant HAS_SOCKET_INET6 => 0; our @ISA = qw();
i can't start spamd because of this bug. # grep nameserver /etc/resolv.conf nameserver 192.168.2.1 # /usr/bin/spamd ; echo $? [17101] warn: IO::Socket::INET6: Bad hostname '192.168.2.1' at /usr/share/perl5/vendor_perl/Mail/SpamAssassin/DnsResolver.pm line 190 [17101] error: Error creating a DNS resolver socket: at /usr/share/perl5/vendor_perl/Mail/SpamAssassin/DnsResolver.pm line 202. Error creating a DNS resolver socket: at /usr/share/perl5/vendor_perl/Mail/SpamAssassin/DnsResolver.pm line 202. 255
doh. stupid IPv6 :( marking this as critical, since it renders spamd unusable on some platforms.
Elan, do you find that both patches are necessary to allow spamd to work, or are those two alternative patches? Does everything seem to work ok with those patches in place?
How about adding a configuration option force_v4, which if set adds $self->{res}->force_v4(1) to the Net::DNS::Resolver object initialization and also is tested instead of HAS_SOCKET_INET6 in DnsResolver.pm? It would be set automatically in DnsResolver->new if HAS_SOCKET_INET6 is false.
Sidney: I think that makes sense.
Thanks, I'm testing a patch now. I'll attach it here before I check it in so Elan can confirm that it solves the problem when IO::Socket::INET6 is installed on a system that doesn't support IPv6 in the kernel. I don't have a setup like that to test it with.
Created attachment 3184 [details] proposed patch. Elan, please test and let us know if it works ok.
(In reply to comment #5) > Elan, do you find that both patches are necessary to allow spamd to work, or are > those two alternative patches? Does everything seem to work ok with those > patches in place? yes, the fixes i posted fixed my spamd startup. i think proper fix would be after IO::Socket::INET6 being available, to check if ipv6 socket can be created, perhaps just trying to create dummy socket.
i wonder where i should add the force_ipv4? i tried local.cf, but that didn't have intended effect # grep force /etc/mail/spamassassin/local.cf dns_force_ipv4 1 # service spamassassin restart SpamAssassin service is not running. * Starting SpamAssassin service...................................[ FAIL ] [10361] warn: force: 0 z[10361] warn: IO::Socket::INET6: Bad hostname '192.168.2.1' at /usr/share/perl5/vendor_perl/Mail/SpamAssassin/DnsResolver.pm line 193 [10361] error: Error creating a DNS resolver socket: at /usr/share/perl5/vendor_perl/Mail/SpamAssassin/DnsResolver.pm line 205. Error creating a DNS resolver socket: at /usr/share/perl5/vendor_perl/Mail/SpamAssassin/DnsResolver.pm line 205. # # grep -n 'warn "force' /usr/share/perl5/vendor_perl/Mail/SpamAssassin/DnsResolver.pm 162: warn "force: $self->{conf}->{dns_force_ipv4}\n";
btw, to reproduce add to /etc/modprobe.conf on your 2.6 linux: alias ipv6 ignore alias net-pf-10 off (the file is /etc/modules.conf on 2.4 linux)
> i wonder where i should add the force_ipv4? i tried local.cf, > but that didn't have intended effect That should work. Probably a bug in my patch, as I didn't test it properly. Now that you have told me how to turn off ipv6 in my kernel I can test the whole thing instead of just asking you to try each change. I like your idea about trying to make a dummy socket as a more reliable way of ensuring ipv6 works over and above whether flags say that we think it should work. I'll add that in. > alias ipv6 ignore > alias net-pf-10 off Is there a way to switch this without rebooting the machine?
Perl experts - Is this a correct way to merge the test for AF_INET6 being defined in with the test for IO::Socket::INET6 in DnsResolver.pm? use constant HAS_SOCKET_INET6 => eval { require IO::Socket::INET6; defined AF_INET6 }; and then we would not need the eval block later on that tests for AF_INET6 defined?
I just found that the SpamAssassin::DnsResolver object is create in Spamassassin.pm before SpamAssassin::Conf reads in the configuration objects. That, of course, doesn't allow the creation of the DnsResolver to be affected by any configuration options. I suppose I can just look for IO::Socket::INET6 and the AF_INET6 macro and if they are there try to actually make an ipv6 socket, setting the flag to use ipv6 only if that succeeds and not have any configuration option at all. I think I could use a comment from Justin or anyone else who wants to jump in.
two options: 1. delay the creation of the socket until a point after config has been read, allowing DnsResolver behaviour to be affected by global configuration settings. 2. control this via a command-line option, which is passed to the Mail::SpamAssassin constructor (similar to local_tests_only). both pretty gross... I'd prefer #1, but #2 isn't a big problem.
Created attachment 3190 [details] Patch that fixes the problem reported in this bug but without a force ipv4 option Justin, I agree that one of the two approaches you listed may be desirable. Since I have a working and tested patch that simply leaves out having an option to force ipv4-only I'm uploading it now to get some eyes and possibly testing on it. Elan, see if this one works for you. Remember to go back to the unpatched code before you apply this one. I might commit this before adding something to add a force ipv4 option. Does anyone have any opinions one way or the other about that?
Justin, by the way delaying the creation of the socket has a problem: The config files are read in the sub init which is called many times to be able to reload the user preferences. init is careful not to overwrite the preferences that are global after the first time it is called. The initialization of the DnsResolver object is a heavyweight operation that involves querying DNS servers and so on. It isn't something to be done with every message the way reading user preference files is done, even though it would have the positive side effect of allowing the use of DNS to adapt to changing circumstances on the network. What that means is that initializing of DnsResolver would have to be done inside init after the global preferences have been read in and only on that first call that does read the global preferences. Either that, or it would have to duplicate whatever it is that init does to differentiate the first call from subsequent calls and whatever complication is in the config handling code to deal with copying from parent into children. I'm not familiar with that code. The command line option may be the way to go because of how much simpler that would be.
Subject: Re: impossible to disable IPv6 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 > The command line option may be the way to go because of how much simpler that > would be. yeah, I think so. I'd go so far as to say, we should default to IPv4 only unless a "--ipv6" switch is used, or similar. that's quite similar to how other apps do it, and it's better than defaulting the other way, since most people will be fine with IPv4 for the next couple of years at least, in my opinion ;) we'd have to add the switch to spamd and spamassassin, at least. - --j. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) Comment: Exmh CVS iD8DBQFDUCGJMJF5cimLx9ARAmidAKC1jPw9oQcWQ9MDvumnxyAl0UHuEQCgoJPG 4f2Cchnrdj6Qrq51XKQu8gY= =3KaL -----END PGP SIGNATURE-----
I would prefer a --force_ipv4 switch to a --ipv6 switch for the following reasons: The code in this patch already detects every situation in which ipv6 is not available or not to be used, by testing for IO::Socket::INET6 not being installed, AF_INET6 macro not being defined, creation of an INET6 socket not working for any unspecified reason, and the nameserver having an ipv4 ip address. It also allows ipv6 enabled systems to work out of the box with no non-default switches having to be set. The only reason for the switch is to prevent breakage in case we missed something and our tests either fail or themselves cause a breakage. That makes the situation in which someone has to set a non-default option the most rare case. It also means that we are more likely to find out about a bug now instead of some time in the future when ipv6 is more common and we change the default. And it means we won't have to change the default in the future. I'm open to hearing arguments the other way, and I won't check in a change until we have had a chance to discuss this.
I agree with Sidney that SpamAssassin should simply Do The Right Thing, not take switches.
Subject: Re: impossible to disable IPv6 On Fri, Oct 14, 2005 at 04:05:20PM -0700, bugzilla-daemon@bugzilla.spamassassin.org wrote: > I agree with Sidney that SpamAssassin should simply Do The Right Thing, not take > switches. I haven't followed this thread super closely, but from quickly reading through the comments and patches, it sounds like either Net::DNS::Resolver and/or IO::Socket is doing the wrong thing and not us. We could attempt to kluge around it, but what's going to happen for people who, for instance, disable IPv4 in their kernel and use just IPv6? Will the code bomb out when IPv4 isn't available? I'd rather leave our code alone and have this issue reported to the Net::DNS folks. Shouldn't that module notice that IPv6 isn't available and default force_v4 to true?
It's hard to say what IO::Socket::INET6 _should_ do when ipv6 is not available. Neither do I know what anything would do with no ipv4 available. I don't have a system I could test with in that configuration. Does anyone else? Part of the problem is that Net::DNS::Resolver does not do everything that we need, so we have a wrapper around it. Because of that we have code that has to be aware whether ipv6 is available, similar to some code in Net::DNS::Resolver. We can't just allow Net::DNS::Resolver to figure out if ipv6 is available and then ask it because it does not provide an API for asking that. We can request of the maintainer that he add a call, or that he change the semantics of force_ipv4 slightly to set it when the object determines that ipv6 cannot be used, but we don't have that now. Even if we did that, Net::DNS::Resolver takes force_ipv4 as an option and we still need a way to make that an option in SpamAssassin so that it can be set in Net::DNS::Resolver when it is needed. I will submit a request to the maintainer that Net::DNS::Resolver create a dummy socket to test if ipv6 is working and that he add some way to query the object to find out if it is supporting ipv6. Then those aspects of this patch would become obsolete and could be removed if we want to require that future version of Net::DNS. I think we still need it for now. Later, me may prefer to keep it in rather than require a newer versio of Net::DNS. That still leaves us needing a force ipv4 option. As to working with an ipv6-only system, let's create an RFE for that in Bugzilla and keep it in mind, perhaps determning what IO::Socket::INET and IO::Socket::INET6 and Net::DNS do with such a sytem, then figuring out what we need to do. I think that we need this patch now in order to work on systems that we can reasonably expect to encounter, and can deal with enhancements to Net::DNS::Resolver later.
(In reply to comment #13) > > alias ipv6 ignore > > alias net-pf-10 off > > Is there a way to switch this without rebooting the machine? afaik no, the ipv6 module is loaded to kernel and impossible to unload it. altho it's not marked as "permanent" in lsmod, so it could work if you take all networking down, kill all tcp/udp connections, listening sockets, whatever could use ipv6 code in kernel. so it's perhaps just easier to reboot :)
(In reply to comment #17) > Created an attachment (id=3190) [edit] > Patch that fixes the problem reported in this bug but without a force ipv4 > option [...] > Elan, see if this one works for you. Remember to go back to the unpatched > code before you apply this one. works great!
Created attachment 3191 [details] Fix for this bug that includes a force ipv4 command line option This patch is the same as the previous one with the addition of command line options to spamassasin and spamd to allow disabling of the check for IPv6 and the use of IPv6 for DNS. Without arguing with Theo's points that we may be kludging around things that should be done better in IO::Socket::INET6 and/or Net::DNS, and that the code may not do the right thing if a system has IPv6 and not IPv4 kernel support, I think that this code is needed for now so that SpamAssassin does the right thing automatically in the most common cases with existing versions of IO::Socket and Net::DNS, plus so the user can have a workaround if SpamAssassin does the wrong thing trying to handle IPv6 on some specific system. Figuring out what to do in the absence of IPv4 can be left to another bugzilla ticket. This patch has been committed as revision 322462.
Committed revision 322462.
sorry, looks like i found another bug. if i have ipv6 enabled in kernel, but not ipv6 nameserver in /etc/resolv.conf then the same error is output. # service spamassassin restart * Stopping SpamAssassin service...................................[ DONE ] * Starting SpamAssassin service...................................[ FAIL ] [15842] warn: IO::Socket::INET6: Bad hostname '192.168.2.1' at /usr/share/perl5/vendor_perl/Mail/SpamAssassin/DnsResolver.pm line 206 [15842] error: Error creating a DNS resolver socket: at /usr/share/perl5/vendor_perl/Mail/SpamAssassin/DnsResolver.pm line 218. Error creating a DNS resolver socket: at /usr/share/perl5/vendor_perl/Mail/SpamAssassin/DnsResolver.pm line 218. # lsmod|grep ipv6 ipv6 234688 6 surely i can now start spamd with --ipv4-only option. but perhaps the checks could be improved to "see" this automatically?
Elan, Having IPv6 in the kernel and not having an IPv6 address for the nameservers is the usual situation, and usually not a problem. Can you run either spamd or spamassassin with the -D option and attach the debug log that results here? I could probably make the test socket use the first nameserver in resolv.conf to make it a bit more realistic of a test, but I would like to get a bit better of an idea why it is failing in your case. If IPv6 is enabled in your kernel and you have IO::Socket::INET6 installed, then why shouldn't you be able to create a socket using IO::Socket::INET6 and an IPv4 address? What version of Net::DNS and IO::Socket::INET6 are you running? This should tell you: perl -MNet::DNS -e 'print Net::DNS->VERSION . "\n";' perl -MIO::Socket::INET6 -e 'print IO::Socket::INET6->VERSION . "\n";'
something totally broken here. # perl -MNet::DNS -e 'print Net::DNS->VERSION . "\n";' 0.52 # perl -MIO::Socket::INET6 -e 'print IO::Socket::INET6->VERSION . "\n";' Can't locate object method "register_domain" via package "IO::Socket::INET6" at /usr/share/perl5/vendor_perl/IO/Socket/INET6.pm line 17. Compilation failed in require. BEGIN failed--compilation aborted. otherwise the versions from rpm database: # rpm -q perl-Net-DNS perl-IO-Socket-INET6 perl-Net-DNS-0.52-1 perl-IO-Socket-INET6-0.01a-6 i'll have look if there's newer IO::Socket::INET6 available and if it fixes this.
Here's what I have: $ perl -MNet::DNS -e 'print Net::DNS->VERSION . "\n";' 0.53 $ perl -MIO::Socket::INET6 -e 'print IO::Socket::INET6->VERSION . "\n";' 2.51
(In reply to comment #30) > something totally broken here. [...] > # perl -MIO::Socket::INET6 -e 'print IO::Socket::INET6->VERSION . "\n";' > Can't locate object method "register_domain" via package "IO::Socket::INET6" > at /usr/share/perl5/vendor_perl/IO/Socket/INET6.pm line 17. > Compilation failed in require. > BEGIN failed--compilation aborted. > > otherwise the versions from rpm database: [...] > perl-IO-Socket-INET6-0.01a-6 > > i'll have look if there's newer IO::Socket::INET6 available and if it fixes > this. ok. upgraded to perl-IO-Socket-INET6-2.51 now both problems are gone!
Subject: Re: impossible to disable IPv6 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On (15/10/05 01:45), bugzilla-daemon@bugzilla.spamassassin.org didst pronounce: > That still leaves us needing a force ipv4 option. > Would setting the Domain for the call to IO::Socket::INET6->new() to AF_UNSPEC not fix this bug? This would mean the connection would depend on the PeerAddr family? AF_UNSPEC is the default for Domain if it's omitted. So, essentially, if IO::Socket::INET6 is installed, use it to setup the socket, with Domain => AF_UNSPEC, otherwise use IO::Socket::INET. As a quick test, I wrote a perl script that connects to localhost port 10000. One instance uses ::1 ipv6 address, the other uses 127.0.0.1. I have netcat listening on both for connections. Domain is set to AF_UNSPEC for both, and both connections succeed. - -- Chat ya later, John. - -- BOFH excuse #194: We only support a 1200 bps connection. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFDUpr3QBw+ZtKOvTIRAhgaAJ9fUEGkzSd4lSscAAcF/Hz5oneBbgCfRz9s 3VpOzQLQ+iEcRwR8KEGoico= =nf+c -----END PGP SIGNATURE-----
John, we don't use AF_UNSPEC because it fails on some platforms as per bug 4412 comment 24, and the comments in DnsResolver.pm line 167. Looking at the code in Net::DNS::Resolver::Base.pm, it appears to me that another way to avoid that bug is to specify LocalAddr as being "::" for ipv6 or "0.0.0.0" for ipv4 and then we can allow Domain to default to AF_UNSPEC. The failure happens on some platforms when the LocalAddr and PeerAdddr are of different families and Domain is AF_UNSPEC. The resulting code would not be that different. Right now we check PeerAddr to see if we need to be ipv6 or if it is an ipv4 address. We would still have to do that. The only difference is instead of setting $family and passing in Domain=>$family we would pass in a LocalAddr value of "::" or "0.0.0.0". That may or may not have fixed Elan's problem because that was the result of a old buggy version of IO::Socket::INET6. We would still want the creation of a dummy socket to check for the case of IO::Socket::INET6 being broken. Perhaps we should create two dummy sockets, one with ipv6 and one with ipv4 addresses just to be sure, as that would let us gracefully handle a hosed version like Elan had. The advantage of doing it that way is there would no longer be any reason to refer to AF_INET6 and we could eliminate the tests to avoid referring to the macro when it isn't defined.
I added in those changes and commited it in revision 325836. Closing the bug again.
> I added in those changes and commited it in revision 325836. > Closing the bug again. Sorry for coming late for lunch. > --ipv4only, --ipv4-only, --ipv4 Disable attempted use of ipv6 for DNS May I suggest different option names, along the precedences that I'm familiar with: ssh: -4 Forces ssh to use IPv4 addresses only. -6 Forces ssh to use IPv6 addresses only. telnet: -4 Forces telnet to use IPv4 addresses only. -6 Forces telnet to use IPv6 addresses only. ftp: -4 Forces ftp to only use IPv4 addresses. -6 Forces ftp to only use IPv6 addresses. rsync: -4, --ipv4 prefer IPv4 -6, --ipv6 prefer IPv6 dig: The -4 option forces dig to only use IPv4 query transport. The -6 option forces dig to only use IPv6 query transport. wget: -4 --inet4-only -6 --inet6-only curl: -4/--ipv4 If libcurl is capable of resolving an address to multiple IP versions (which it is if it is ipv6-capable), this option tells libcurl to resolve names to IPv4 addresses only. -6/--ipv6 If libcurl is capable of resolving an address to multiple IP versions (which it is if it is ipv6-capable), this option tells libcurl to resolve names to IPv6 addresses only. By default all these applications use whatever is available, with a first choice being IPv6 if available. The choice of -4 and -6 seems to be universal, while other option aliases differ.
well, it'd be easy enough to add "-4"/"--ipv4" as the option strings there.
I would like to second adding "-4" to the allowed option strings. You already have "--ipv4" in the patch. I have no opinion on removing the other two that are in the patch.
I'd prefer just the "-4"/"--ipv4" options. I think the "only" ones are excessive.
When starting spamd: error: force_v4: no such method at /usr/lib/perl5/site_perl/5.8.6/Mail/SpamAssassin/DnsResolver.pm line 126 platform: Linux triscuit 2.4.29 #10 Sun Apr 17 12:02:33 BST 2005 i686 unknown unknown GNU/Linux lrwxrwxrwx 1 root root 13 2005-04-10 17:46 /lib/libc.so.6 -> libc-2.3.4.so* perl version: 5.8.6 Output of spamassassin -D --lint: [16260] dbg: logger: adding facilities: all [16260] dbg: logger: logging level is DBG [16260] dbg: generic: SpamAssassin version 3.2.0-r322462 [16260] dbg: config: score set 0 chosen. [16260] dbg: util: running in taint mode? yes [16260] dbg: util: taint mode: deleting unsafe environment variables, resetting PATH [16260] dbg: util: PATH included '/usr/local/bin', keeping [16260] dbg: util: PATH included '/usr/bin', keeping [16260] dbg: util: PATH included '/bin', keeping [16260] dbg: util: PATH included '/usr/X11R6/bin', keeping [16260] dbg: util: PATH included '/usr/games', which doesn't exist, dropping [16260] dbg: util: PATH included '/usr/java/j2sdk1.4.2_06/bin', keeping [16260] dbg: util: PATH included '/usr/java/jakarta-ant-1.4.1/bin', which doesn't exist, dropping [16260] dbg: util: PATH included '/usr/share/texmf/bin', keeping [16260] dbg: util: PATH included '.', which is not absolute, dropping [16260] dbg: util: final PATH set to: /usr/local/bin:/usr/bin:/bin:/usr/X11R6/bin:/usr/java/j2sdk1.4.2_06/bin:/usr/share/texmf/bin [16260] dbg: dns: no ipv6 [16260] dbg: dns: is Net::DNS::Resolver available? yes [16260] dbg: dns: Net::DNS version: 0.49 [16260] dbg: dns: name server: 127.0.0.1, LocalAddr: 0.0.0.0 [16260] dbg: diag: perl platform: 5.008006 linux [16260] dbg: diag: module installed: Digest::SHA1, version 2.10 [16260] dbg: diag: module installed: DB_File, version 1.810 [16260] dbg: diag: module installed: Net::DNS, version 0.49 [16260] dbg: diag: module installed: Net::SMTP, version 2.29 [16260] dbg: diag: module installed: Mail::SPF::Query, version 1.997 [16260] dbg: diag: module installed: IP::Country::Fast, version 309.002 [16260] dbg: diag: module not installed: Razor2::Client::Agent ('require' failed) [16260] dbg: diag: module not installed: Net::Ident ('require' failed) [16260] dbg: diag: module not installed: IO::Socket::INET6 ('require' failed) [16260] dbg: diag: module not installed: IO::Socket::SSL ('require' failed) [16260] dbg: diag: module installed: Time::HiRes, version 1.65 [16260] dbg: diag: module installed: DBI, version 1.46 [16260] dbg: diag: module installed: Getopt::Long, version 2.34 [16260] dbg: diag: module installed: LWP::UserAgent, version 2.032 [16260] dbg: diag: module installed: HTTP::Date, version 1.46 [16260] dbg: diag: module installed: Archive::Tar, version 1.23 [16260] dbg: diag: module installed: IO::Zlib, version 1.04 [16260] dbg: diag: module installed: MIME::Base64, version 3.05 [16260] dbg: diag: module installed: HTML::Parser, version 3.45 [16260] dbg: ignore: using a test message to lint rules [16260] dbg: config: using "/etc/mail/spamassassin" for site rules pre files [16260] dbg: config: read file /etc/mail/spamassassin/init.pre [16260] dbg: config: read file /etc/mail/spamassassin/v310.pre [16260] dbg: config: using "/usr/share/spamassassin" for sys rules pre files [16260] dbg: config: using "/usr/share/spamassassin" for default rules dir [16260] dbg: config: read file /usr/share/spamassassin/10_default_prefs.cf [16260] dbg: config: read file /usr/share/spamassassin/20_dnsbl_tests.cf [16260] dbg: config: read file /usr/share/spamassassin/20_html_tests.cf [16260] dbg: config: read file /usr/share/spamassassin/20_net_tests.cf [16260] dbg: config: read file /usr/share/spamassassin/20_soloway.cf [16260] dbg: config: read file /usr/share/spamassassin/23_bayes.cf [16260] dbg: config: read file /usr/share/spamassassin/25_accessdb.cf [16260] dbg: config: read file /usr/share/spamassassin/25_antivirus.cf [16260] dbg: config: read file /usr/share/spamassassin/25_dcc.cf [16260] dbg: config: read file /usr/share/spamassassin/25_domainkeys.cf [16260] dbg: config: read file /usr/share/spamassassin/25_hashcash.cf [16260] dbg: config: read file /usr/share/spamassassin/25_pyzor.cf [16260] dbg: config: read file /usr/share/spamassassin/25_razor2.cf [16260] dbg: config: read file /usr/share/spamassassin/25_spf.cf [16260] dbg: config: read file /usr/share/spamassassin/25_textcat.cf [16260] dbg: config: read file /usr/share/spamassassin/25_uribl.cf [16260] dbg: config: read file /usr/share/spamassassin/60_awl.cf [16260] dbg: config: read file /usr/share/spamassassin/60_whitelist.cf [16260] dbg: config: read file /usr/share/spamassassin/60_whitelist_subject.cf [16260] dbg: config: using "/etc/mail/spamassassin" for site rules dir [16260] dbg: config: read file /etc/mail/spamassassin/local.cf [16260] dbg: config: using "/home/henry/.spamassassin" for user state dir [16260] dbg: config: using "/home/henry/.spamassassin/user_prefs" for user prefs file [16260] dbg: config: read file /home/henry/.spamassassin/user_prefs [16260] dbg: plugin: loading Mail::SpamAssassin::Plugin::URIDNSBL from @INC [16260] dbg: plugin: registered Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x82e7a0c) [16260] dbg: plugin: loading Mail::SpamAssassin::Plugin::Hashcash from @INC [16260] dbg: plugin: registered Mail::SpamAssassin::Plugin::Hashcash=HASH(0x8dc43bc) [16260] dbg: plugin: loading Mail::SpamAssassin::Plugin::SPF from @INC [16260] dbg: plugin: registered Mail::SpamAssassin::Plugin::SPF=HASH(0x8e7fb80) [16260] dbg: plugin: loading Mail::SpamAssassin::Plugin::Pyzor from @INC [16260] dbg: pyzor: network tests on, attempting Pyzor [16260] dbg: plugin: registered Mail::SpamAssassin::Plugin::Pyzor=HASH(0x8e95a84) [16260] dbg: plugin: loading Mail::SpamAssassin::Plugin::SpamCop from @INC [16260] dbg: reporter: network tests on, attempting SpamCop [16260] dbg: plugin: registered Mail::SpamAssassin::Plugin::SpamCop=HASH(0x8eaad84) [16260] dbg: plugin: loading Mail::SpamAssassin::Plugin::AWL from @INC [16260] dbg: plugin: registered Mail::SpamAssassin::Plugin::AWL=HASH(0x8ec9930) [16260] dbg: plugin: loading Mail::SpamAssassin::Plugin::AutoLearnThreshold from @INC [16260] dbg: plugin: registered Mail::SpamAssassin::Plugin::AutoLearnThreshold=HASH(0x8ed1e2c) [16260] dbg: plugin: loading Mail::SpamAssassin::Plugin::WhiteListSubject from @INC [16260] dbg: plugin: registered Mail::SpamAssassin::Plugin::WhiteListSubject=HASH(0x8ed9f58) [16260] dbg: plugin: loading Mail::SpamAssassin::Plugin::MIMEHeader from @INC [16260] dbg: plugin: registered Mail::SpamAssassin::Plugin::MIMEHeader=HASH(0x8ee2424) [16260] dbg: plugin: loading Mail::SpamAssassin::Plugin::ReplaceTags from @INC [16260] dbg: plugin: registered Mail::SpamAssassin::Plugin::ReplaceTags=HASH(0x8eeceac) [16260] dbg: config: allowing user rules! [16260] dbg: config: adding redirector regex: m'^http.*?/redirect\.php\?.*(?<=[?&])goto=(.*?)(?:$|[&\#])'i [16260] dbg: plugin: Mail::SpamAssassin::Plugin::ReplaceTags=HASH(0x8eeceac) implements 'finish_parsing_end' [16260] dbg: replacetags: replacing tags [16260] dbg: replacetags: done replacing tags [16260] dbg: config: using "/home/henry/.spamassassin" for user state dir [16260] dbg: bayes: tie-ing to DB file R/O /home/henry/.spamassassin/bayes_toks [16260] dbg: bayes: tie-ing to DB file R/O /home/henry/.spamassassin/bayes_seen [16260] dbg: bayes: found bayes db version 3 [16260] dbg: bayes: DB journal sync: last sync: 1130259011 [16260] dbg: config: using "/home/henry/.spamassassin" for user state dir [16260] dbg: config: score set 3 chosen. [16260] dbg: message: ---- MIME PARSER START ---- [16260] dbg: message: main message type: text/plain [16260] dbg: message: parsing normal part [16260] dbg: message: added part, type: text/plain [16260] dbg: message: ---- MIME PARSER END ---- [16260] dbg: dns: dns_available set to yes in config file, skipping test [16260] dbg: metadata: X-Spam-Relays-Trusted: [16260] dbg: metadata: X-Spam-Relays-Untrusted: [16260] dbg: message: no encoding detected [16260] dbg: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x82e7a0c) implements 'parsed_metadata' [16260] dbg: uridnsbl: domains to query: [16260] dbg: dns: checking RBL sbl-xbl.spamhaus.org., set sblxbl-notfirsthop [16260] dbg: dns: checking RBL dialups.mail-abuse.org., set dialup-notfirsthop [16260] dbg: dns: checking RBL sa-accredit.habeas.com., set habeas-firsttrusted [16260] dbg: dns: checking RBL sbl-xbl.spamhaus.org., set sblxbl [16260] dbg: dns: checking RBL sa-other.bondedsender.org., set bsp-untrusted [16260] dbg: dns: checking RBL combined.njabl.org., set njabl-notfirsthop [16260] dbg: dns: checking RBL combined.njabl.org., set njabl [16260] dbg: dns: checking RBL combined-HIB.dnsiplists.completewhois.com., set whois [16260] dbg: dns: checking RBL blackholes.mail-abuse.org., set rbl [16260] dbg: dns: checking RBL list.dsbl.org., set dsbl-notfirsthop [16260] dbg: dns: checking RBL bl.spamcop.net., set spamcop [16260] dbg: dns: checking RBL sa-trusted.bondedsender.org., set bsp-firsttrusted [16260] dbg: dns: checking RBL combined-HIB.dnsiplists.completewhois.com., set whois-notfirsthop [16260] dbg: dns: checking RBL relays.mail-abuse.org., set rss [16260] dbg: dns: checking RBL nonconfirm.mail-abuse.org., set nml [16260] dbg: dns: checking RBL dnsbl.sorbs.net., set sorbs-notfirsthop [16260] dbg: dns: checking RBL dnsbl.sorbs.net., set sorbs [16260] dbg: dns: checking RBL iadb.isipp.com., set iadb-firsttrusted [16260] dbg: check: running tests for priority: 0 [16260] dbg: rules: running header regexp tests; score so far=0 [16260] dbg: plugin: registering glue method for check_hashcash_value (Mail::SpamAssassin::Plugin::Hashcash=HASH(0x8dc43bc)) [16260] dbg: plugin: registering glue method for check_for_spf_helo_softfail (Mail::SpamAssassin::Plugin::SPF=HASH(0x8e7fb80)) [16260] dbg: spf: message was delivered entirely via trusted relays, not required [16260] dbg: plugin: registering glue method for check_for_spf_softfail (Mail::SpamAssassin::Plugin::SPF=HASH(0x8e7fb80)) [16260] dbg: spf: message was delivered entirely via trusted relays, not required [16260] dbg: plugin: registering glue method for check_hashcash_double_spend (Mail::SpamAssassin::Plugin::Hashcash=HASH(0x8dc43bc)) [16260] dbg: plugin: registering glue method for check_for_spf_helo_pass (Mail::SpamAssassin::Plugin::SPF=HASH(0x8e7fb80)) [16260] dbg: eval: all '*From' addrs: ignore@compiling.spamassassin.taint.org [16260] dbg: eval: all '*To' addrs: [16260] dbg: plugin: registering glue method for check_for_spf_fail (Mail::SpamAssassin::Plugin::SPF=HASH(0x8e7fb80)) [16260] dbg: plugin: registering glue method for check_subject_in_blacklist (Mail::SpamAssassin::Plugin::WhiteListSubject=HASH(0x8ed9f58)) [16260] dbg: plugin: registering glue method for check_for_spf_helo_fail (Mail::SpamAssassin::Plugin::SPF=HASH(0x8e7fb80)) [16260] dbg: plugin: registering glue method for check_for_spf_helo_neutral (Mail::SpamAssassin::Plugin::SPF=HASH(0x8e7fb80)) [16260] dbg: plugin: registering glue method for check_for_spf_pass (Mail::SpamAssassin::Plugin::SPF=HASH(0x8e7fb80)) [16260] dbg: plugin: registering glue method for check_subject_in_whitelist (Mail::SpamAssassin::Plugin::WhiteListSubject=HASH(0x8ed9f58)) [16260] dbg: plugin: registering glue method for check_for_spf_neutral (Mail::SpamAssassin::Plugin::SPF=HASH(0x8e7fb80)) [16260] dbg: rules: running body-text per-line regexp tests; score so far=0 [16260] dbg: uri: running uri tests; score so far=0 [16260] dbg: plugin: registering glue method for check_uridnsbl (Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x82e7a0c)) [16260] dbg: bayes: DB journal sync: last sync: 1130259011 [16260] dbg: bayes: corpus size: nspam = 42194, nham = 36935 [16260] dbg: bayes: score = 0.00397869727996919 [16260] dbg: bayes: DB expiry: tokens in DB: 148154, Expiry max size: 150000, Oldest atime: 1128910193, Newest atime: 1130266285, Last expire: 1129825550, Current time: 1130266760 [16260] dbg: bayes: DB journal sync: last sync: 1130259011 [16260] dbg: bayes: untie-ing [16260] dbg: bayes: untie-ing db_toks [16260] dbg: bayes: untie-ing db_seen [16260] dbg: rules: ran eval rule BAYES_00 ======> got hit [16260] dbg: rules: running raw-body-text per-line regexp tests; score so far=-1 [16260] dbg: rules: running full-text regexp tests; score so far=-1 [16260] dbg: plugin: registering glue method for check_pyzor (Mail::SpamAssassin::Plugin::Pyzor=HASH(0x8e95a84)) [16260] dbg: pyzor: use_pyzor option not enabled, disabling Pyzor [16260] dbg: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x82e7a0c) implements 'check_tick' [16260] dbg: check: running tests for priority: 500 [16260] dbg: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x82e7a0c) implements 'check_post_dnsbl' [16260] dbg: rules: running meta tests; score so far=-1 [16260] dbg: rules: running header regexp tests; score so far=-1 [16260] dbg: rules: running body-text per-line regexp tests; score so far=-1 [16260] dbg: uri: running uri tests; score so far=-1 [16260] dbg: rules: running raw-body-text per-line regexp tests; score so far=-1 [16260] dbg: rules: running full-text regexp tests; score so far=-1 [16260] dbg: check: running tests for priority: 1000 [16260] dbg: rules: running meta tests; score so far=-1 [16260] dbg: rules: running header regexp tests; score so far=-1 [16260] dbg: plugin: registering glue method for check_from_in_auto_whitelist (Mail::SpamAssassin::Plugin::AWL=HASH(0x8ec9930)) [16260] dbg: config: using "/home/henry/.spamassassin" for user state dir [16260] dbg: locker: safe_lock: created /home/henry/.spamassassin/auto-whitelist.lock.triscuit.stern.ca.16260 [16260] dbg: locker: safe_lock: trying to get lock on /home/henry/.spamassassin/auto-whitelist with 0 retries [16260] dbg: locker: safe_lock: link to /home/henry/.spamassassin/auto-whitelist.lock: link ok [16260] dbg: auto-whitelist: tie-ing to DB file of type DB_File R/W in /home/henry/.spamassassin/auto-whitelist [16260] dbg: auto-whitelist: db-based ignore@compiling.spamassassin.taint.org|ip=none scores 0/0 [16260] dbg: auto-whitelist: AWL active, pre-score: -1, autolearn score: -1, mean: undef, IP: undef [16260] dbg: auto-whitelist: DB addr list: untie-ing and unlocking [16260] dbg: auto-whitelist: DB addr list: file locked, breaking lock [16260] dbg: locker: safe_unlock: unlink /home/henry/.spamassassin/auto-whitelist.lock [16260] dbg: auto-whitelist: post auto-whitelist score: -1 [16260] dbg: rules: running body-text per-line regexp tests; score so far=-1 [16260] dbg: uri: running uri tests; score so far=-1 [16260] dbg: rules: running raw-body-text per-line regexp tests; score so far=-1 [16260] dbg: rules: running full-text regexp tests; score so far=-1 [16260] dbg: check: is spam? score=-1 required=5 [16260] dbg: check: tests=BAYES_00 [16260] dbg: check: subtests= [16260] warn: lint: 1 issues detected, please rerun with debug enabled for more information
Whoops. ipv6 support, and the force_v4 option that is part of it, were added to Net::DNS in version 0.50 or so. We have to decide whether to require a newer version of Net::DNS than we currently require or to skip the ipv6 options if the version is older than 0.50.
Created attachment 3208 [details] Patch to allow this to work with older versions of Net::DNS that do not have the force_v4 option Henry or someone else with Net::DNS version 0.49 or older, please test this patch to trunk to see if it works ok. I don't have a machine handy right now to do the test myself. I did confirm that it seems to work with the latest Net::DNS and that there is no error when I use a different bogus argument to new(). Once I get confirmaiton that this fixes the problem I'll check it in.
This patch fixes the problem for me. +1
Committed revision 328495