Created attachment 3159 [details]
temporary fix to disable ipv6

(as bugzilla sucks bigtime and won't let me upload attachment: uploading file 
requires to login, and when i login it says i forgot to attach file, and i have 
cookies enabled (otherwise i wouldn't be posting the first attachment), and i 
can't bypass proxy server which is causing all this)

then posting the second patch here:

--- /usr/share/perl5/vendor_perl/Mail/SpamAssassin/DnsResolver.pm~      2005-09-
14 05:07:31.000000000 +0300
+++ /usr/share/perl5/vendor_perl/Mail/SpamAssassin/DnsResolver.pm       2005-10-
05 13:47:21.000000000 +0300
@@ -44,7 +44,8 @@
 use IO::Socket::INET;
 use Errno qw(EINVAL EADDRINUSE);

-use constant HAS_SOCKET_INET6 => eval { require IO::Socket::INET6 };
+#use constant HAS_SOCKET_INET6 => eval { require IO::Socket::INET6 };
+use constant HAS_SOCKET_INET6 => 0;

 our @ISA = qw();

i can't start spamd because of this bug. 
 
 
# grep nameserver /etc/resolv.conf 
nameserver 192.168.2.1 
# /usr/bin/spamd ; echo $? 
[17101] warn: IO::Socket::INET6: Bad hostname '192.168.2.1' 
at /usr/share/perl5/vendor_perl/Mail/SpamAssassin/DnsResolver.pm line 190 
[17101] error: Error creating a DNS resolver socket:  
at /usr/share/perl5/vendor_perl/Mail/SpamAssassin/DnsResolver.pm line 202. 
Error creating a DNS resolver socket:  
at /usr/share/perl5/vendor_perl/Mail/SpamAssassin/DnsResolver.pm line 202. 
255 
 

doh.  stupid IPv6 :(

marking this as critical, since it renders spamd unusable on some platforms.

Elan, do you find that both patches are necessary to allow spamd to work, or are
those two alternative patches? Does everything seem to work ok with those
patches in place?

How about adding a configuration option force_v4, which if set adds
$self->{res}->force_v4(1) to the Net::DNS::Resolver object initialization and
also is tested instead of HAS_SOCKET_INET6 in DnsResolver.pm? It would be set
automatically in DnsResolver->new if HAS_SOCKET_INET6 is false.

Sidney: I think that makes sense.

Thanks, I'm testing a patch now. I'll attach it here before I check it in so
Elan can confirm that it solves the problem when IO::Socket::INET6 is installed
on a system that doesn't support IPv6 in the kernel. I don't have a setup like
that to test it with.

Created attachment 3184 [details]
proposed patch. Elan, please test and let us know if it works ok.

(In reply to comment #5)   
> Elan, do you find that both patches are necessary to allow spamd to work, or   
are   
> those two alternative patches? Does everything seem to work ok with those   
> patches in place?   
   
yes, the fixes i posted fixed my spamd startup.   
   
i think proper fix would be after IO::Socket::INET6 being available, to check 
if ipv6 socket can be created, perhaps just trying to create dummy socket.  

i wonder where i should add the force_ipv4? i tried local.cf, but that didn't 
have intended effect 
 
# grep force /etc/mail/spamassassin/local.cf 
dns_force_ipv4 1 
# service spamassassin restart 
SpamAssassin service is not running. 
 * Starting SpamAssassin service...................................[ FAIL ] 
[10361] warn: force: 0 
z[10361] warn: IO::Socket::INET6: Bad hostname '192.168.2.1' 
at /usr/share/perl5/vendor_perl/Mail/SpamAssassin/DnsResolver.pm line 193 
[10361] error: Error creating a DNS resolver socket:  
at /usr/share/perl5/vendor_perl/Mail/SpamAssassin/DnsResolver.pm line 205. 
Error creating a DNS resolver socket:  
at /usr/share/perl5/vendor_perl/Mail/SpamAssassin/DnsResolver.pm line 205. 
# 
 
 
# grep -n 'warn 
"force' /usr/share/perl5/vendor_perl/Mail/SpamAssassin/DnsResolver.pm 
162:      warn "force: $self->{conf}->{dns_force_ipv4}\n"; 

btw, to reproduce add to /etc/modprobe.conf on your 2.6 linux: 
alias ipv6 ignore 
alias net-pf-10 off 
 
(the file is /etc/modules.conf on 2.4 linux) 
 

> i wonder where i should add the force_ipv4? i tried local.cf,
> but that didn't have intended effect

That should work. Probably a bug in my patch, as I didn't test it properly. Now
that you have told me how to turn off ipv6 in my kernel I can test the whole
thing instead of just asking you to try each change.

I like your idea about trying to make a dummy socket as a more reliable way of
ensuring ipv6 works over and above whether flags say that we think it should
work. I'll add that in.

> alias ipv6 ignore 
> alias net-pf-10 off

Is there a way to switch this without rebooting the machine?

Perl experts -

Is this a correct way to merge the test for AF_INET6 being defined in with the
test for IO::Socket::INET6 in DnsResolver.pm?

use constant HAS_SOCKET_INET6 => eval { require IO::Socket::INET6;
                                        defined AF_INET6 };

and then we would not need the eval block later on that tests for AF_INET6 defined?

I just found that the SpamAssassin::DnsResolver object is create in
Spamassassin.pm before SpamAssassin::Conf reads in the configuration objects.
That, of course, doesn't allow the creation of the DnsResolver to be affected by
any configuration options.

I suppose I can just look for IO::Socket::INET6 and the AF_INET6 macro and if
they are there try to actually make an ipv6 socket, setting the flag to use ipv6
only if that succeeds and not have any configuration option at all.

I think I could use a comment from Justin or anyone else who wants to jump in.

two options:

1. delay the creation of the socket until a point after config has been read,
allowing DnsResolver behaviour to be affected by global configuration settings.

2. control this via a command-line option, which is passed to the
Mail::SpamAssassin constructor (similar to local_tests_only).


both pretty gross... I'd prefer #1, but #2 isn't a big problem.

Created attachment 3190 [details]
Patch that fixes the problem reported in this bug but without a force ipv4 option

Justin, I agree that one of the two approaches you listed may be desirable.
Since I have a working and tested patch that simply leaves out having an option
to force ipv4-only I'm uploading it now to get some eyes and possibly testing
on it.

Elan, see if this one works for you. Remember to go back to the unpatched code
before you apply this one.

I might commit this before adding something to add a force ipv4 option. Does
anyone have any opinions one way or the other about that?

Justin, by the way delaying the creation of the socket has a problem: The config
files are read in the sub init which is called many times to be able to reload
the user preferences. init is careful not to overwrite the preferences that are
global after the first time it is called. The initialization of the DnsResolver
object is a heavyweight operation that involves querying DNS servers and so on.
It isn't something to be done with every message the way reading user preference
files is done, even though it would have the positive side effect of allowing
the use of DNS to adapt to changing circumstances on the network.

What that means is that initializing of DnsResolver would have to be done inside
init after the global preferences have been read in and only on that first call
that does read the global preferences. Either that, or it would have to
duplicate whatever it is that init does to differentiate the first call from
subsequent calls and whatever complication is in the config handling code to
deal with copying from parent into children. I'm not familiar with that code.

The command line option may be the way to go because of how much simpler that
would be.

Subject: Re:  impossible to disable IPv6 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


> The command line option may be the way to go because of how much simpler that
> would be.

yeah, I think so.  I'd go so far as to say, we should default to IPv4 only
unless a "--ipv6" switch is used, or similar.  that's quite similar to how
other apps do it, and it's better than defaulting the other way, since
most people will be fine with IPv4 for the next couple of years at least,
in my opinion ;)

we'd have to add the switch to spamd and spamassassin, at least.

- --j.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Exmh CVS

iD8DBQFDUCGJMJF5cimLx9ARAmidAKC1jPw9oQcWQ9MDvumnxyAl0UHuEQCgoJPG
4f2Cchnrdj6Qrq51XKQu8gY=
=3KaL
-----END PGP SIGNATURE-----

I would prefer a --force_ipv4 switch to a --ipv6 switch for the following reasons:

The code in this patch already detects every situation in which ipv6 is not
available or not to be used, by testing for IO::Socket::INET6 not being
installed, AF_INET6 macro not being defined, creation of an INET6 socket not
working for any unspecified reason, and the nameserver having an ipv4 ip address.

It also allows ipv6 enabled systems to work out of the box with no non-default
switches having to be set.

The only reason for the switch is to prevent breakage in case we missed
something and our tests either fail or themselves cause a breakage. That makes
the situation in which someone has to set a non-default option the most rare
case. It also means that we are more likely to find out about a bug now instead
of some time in the future when ipv6 is more common and we change the default.
And it means we won't have to change the default in the future.

I'm open to hearing arguments the other way, and I won't check in a change until
we have had a chance to discuss this.

I agree with Sidney that SpamAssassin should simply Do The Right Thing, not take
switches.

Subject: Re:  impossible to disable IPv6

On Fri, Oct 14, 2005 at 04:05:20PM -0700, bugzilla-daemon@bugzilla.spamassassin.org wrote:
> I agree with Sidney that SpamAssassin should simply Do The Right Thing, not take
> switches.

I haven't followed this thread super closely, but from quickly reading
through the comments and patches, it sounds like either Net::DNS::Resolver
and/or IO::Socket is doing the wrong thing and not us.  We could
attempt to kluge around it, but what's going to happen for people who,
for instance, disable IPv4 in their kernel and use just IPv6?  Will the
code bomb out when IPv4 isn't available?

I'd rather leave our code alone and have this issue reported to the
Net::DNS folks.  Shouldn't that module notice that IPv6 isn't available
and default force_v4 to true?

It's hard to say what IO::Socket::INET6 _should_ do when ipv6 is not available.
Neither do I know what anything would do with no ipv4 available. I don't have a
system I could test with in that configuration. Does anyone else?

Part of the problem is that Net::DNS::Resolver does not do everything that we
need, so we have a wrapper around it. Because of that we have code that has to
be aware whether ipv6 is available, similar to some code in Net::DNS::Resolver.
We can't just allow Net::DNS::Resolver to figure out if ipv6 is available and
then ask it because it does not provide an API for asking that.

We can request of the maintainer that he add a call, or that he change the
semantics of force_ipv4 slightly to set it when the object determines that ipv6
cannot be used, but we don't have that now. Even if we did that,
Net::DNS::Resolver takes force_ipv4 as an option and we still need a way to make
that an option in SpamAssassin so that it can be set in Net::DNS::Resolver when
it is needed.

I will submit a request to the maintainer that Net::DNS::Resolver create a dummy
socket to test if ipv6 is working and that he add some way to query the object
to find out if it is supporting ipv6. Then those aspects of this patch would
become obsolete and could be removed if we want to require that future version
of Net::DNS. I think we still need it for now. Later, me may prefer to keep it
in rather than require a newer versio of Net::DNS.

That still leaves us needing a force ipv4 option.

As to working with an ipv6-only system, let's create an RFE for that in Bugzilla
and keep it in mind, perhaps determning what IO::Socket::INET and
IO::Socket::INET6 and Net::DNS do with such a sytem, then figuring out what we
need to do.

I think that we need this patch now in order to work on systems that we can
reasonably expect to encounter, and can deal with enhancements to
Net::DNS::Resolver later.

(In reply to comment #13) 
> > alias ipv6 ignore  
> > alias net-pf-10 off 
>  
> Is there a way to switch this without rebooting the machine? 
afaik no, the ipv6 module is loaded to kernel and impossible to unload it. 
 
altho it's not marked as "permanent" in lsmod, so it could work if you take all 
networking down, kill all tcp/udp connections, listening sockets, whatever 
could use ipv6 code in kernel. so it's perhaps just easier to reboot :) 
 
 

(In reply to comment #17) 
> Created an attachment (id=3190) [edit] 
> Patch that fixes the problem reported in this bug but without a force ipv4 
> option 
[...] 
> Elan, see if this one works for you. Remember to go back to the unpatched 
> code before you apply this one. 
 
works great! 

Created attachment 3191 [details]
Fix for this bug that includes a force ipv4 command line option

This patch is the same as the previous one with the addition of command line
options to spamassasin and spamd to allow disabling of the check for IPv6 and
the use of IPv6 for DNS.

Without arguing with Theo's points that we may be kludging around things that
should be done better in IO::Socket::INET6 and/or Net::DNS, and that the code
may not do the right thing if a system has IPv6 and not IPv4 kernel support, I
think that this code is needed for now so that SpamAssassin does the right
thing automatically in the most common cases with existing versions of
IO::Socket and Net::DNS, plus so the user can have a workaround if SpamAssassin
does the wrong thing trying to handle IPv6 on some specific system.

Figuring out what to do in the absence of IPv4 can be left to another bugzilla
ticket.

This patch has been committed as revision 322462.

Committed revision 322462.

sorry, looks like i found another bug. 
 
if i have ipv6 enabled in kernel, but not ipv6 nameserver in /etc/resolv.conf 
then the same error is output. 
 
# service spamassassin restart 
 * Stopping SpamAssassin service...................................[ DONE ] 
 * Starting SpamAssassin service...................................[ FAIL ] 
[15842] warn: IO::Socket::INET6: Bad hostname '192.168.2.1' 
at /usr/share/perl5/vendor_perl/Mail/SpamAssassin/DnsResolver.pm line 206 
[15842] error: Error creating a DNS resolver socket:  
at /usr/share/perl5/vendor_perl/Mail/SpamAssassin/DnsResolver.pm line 218. 
Error creating a DNS resolver socket:  
at /usr/share/perl5/vendor_perl/Mail/SpamAssassin/DnsResolver.pm line 218. 
 
# lsmod|grep ipv6 
ipv6                  234688  6 
 
surely i can now start spamd with --ipv4-only option. but perhaps the checks 
could be improved to "see" this automatically? 
 

Elan,

Having IPv6 in the kernel and not having an IPv6 address for the nameservers is
the usual situation, and usually not a problem. Can you run either spamd or
spamassassin with the -D option and attach the debug log that results here?

I could probably make the test socket use the first nameserver in resolv.conf to
make it a bit more realistic of a test, but I would like to get a bit better of
an idea why it is failing in your case. If IPv6 is enabled in your kernel and
you have IO::Socket::INET6 installed, then why shouldn't you be able to create a
socket using IO::Socket::INET6 and an IPv4 address?

What version of Net::DNS and IO::Socket::INET6 are you running? This should tell
you:

perl -MNet::DNS -e 'print Net::DNS->VERSION . "\n";'
perl -MIO::Socket::INET6 -e 'print IO::Socket::INET6->VERSION . "\n";'

something totally broken here. 
 
# perl -MNet::DNS -e 'print Net::DNS->VERSION . "\n";' 
0.52 
# perl -MIO::Socket::INET6 -e 'print IO::Socket::INET6->VERSION . "\n";' 
Can't locate object method "register_domain" via package "IO::Socket::INET6" 
at /usr/share/perl5/vendor_perl/IO/Socket/INET6.pm line 17. 
Compilation failed in require. 
BEGIN failed--compilation aborted. 
 
otherwise the versions from rpm database: 
# rpm -q perl-Net-DNS perl-IO-Socket-INET6 
perl-Net-DNS-0.52-1 
perl-IO-Socket-INET6-0.01a-6 
 
i'll have look if there's newer IO::Socket::INET6 available and if it fixes 
this. 

Here's what I have:

$ perl -MNet::DNS -e 'print Net::DNS->VERSION . "\n";'
0.53
$ perl -MIO::Socket::INET6 -e 'print IO::Socket::INET6->VERSION . "\n";'
2.51

(In reply to comment #30)  
> something totally broken here.   
[...]  
> # perl -MIO::Socket::INET6 -e 'print IO::Socket::INET6->VERSION . "\n";'   
> Can't locate object method "register_domain" via package "IO::Socket::INET6"   
> at /usr/share/perl5/vendor_perl/IO/Socket/INET6.pm line 17.   
> Compilation failed in require.   
> BEGIN failed--compilation aborted.   
>    
> otherwise the versions from rpm database:   
[...]  
> perl-IO-Socket-INET6-0.01a-6   
>    
> i'll have look if there's newer IO::Socket::INET6 available and if it fixes   
> this.   
  
ok. upgraded to perl-IO-Socket-INET6-2.51  
now both problems are gone!  

Subject: Re:  impossible to disable IPv6

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On (15/10/05 01:45), bugzilla-daemon@bugzilla.spamassassin.org didst pronounce:
> That still leaves us needing a force ipv4 option.
> 
Would setting the Domain for the call to IO::Socket::INET6->new() to
AF_UNSPEC not fix this bug? This would mean the connection would depend
on the PeerAddr family? AF_UNSPEC is the default for Domain if it's
omitted.

So, essentially, if IO::Socket::INET6 is installed, use it to setup the
socket, with Domain => AF_UNSPEC, otherwise use IO::Socket::INET. 

As a quick test, I wrote a perl script that connects to localhost port
10000. One instance uses ::1 ipv6 address, the other uses 127.0.0.1. I
have netcat listening on both for connections. Domain is set to
AF_UNSPEC for both, and both connections succeed.

- -- 
Chat ya later,

John.
- --
BOFH excuse #194: We only support a 1200 bps connection.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iD8DBQFDUpr3QBw+ZtKOvTIRAhgaAJ9fUEGkzSd4lSscAAcF/Hz5oneBbgCfRz9s
3VpOzQLQ+iEcRwR8KEGoico=
=nf+c
-----END PGP SIGNATURE-----

John, we don't use AF_UNSPEC because it fails on some platforms as per bug 4412
comment 24, and the comments in DnsResolver.pm line 167.

Looking at the code in Net::DNS::Resolver::Base.pm, it appears to me that
another way to avoid that bug is to specify LocalAddr as being "::" for ipv6 or
"0.0.0.0" for ipv4 and then we can allow Domain to default to AF_UNSPEC. The
failure happens on some platforms when the LocalAddr and PeerAdddr are of
different families and Domain is AF_UNSPEC.

The resulting code would not be that different. Right now we check PeerAddr to
see if we need to be ipv6 or if it is an ipv4 address. We would still have to do
that. The only difference is instead of setting $family and passing in
Domain=>$family we would pass in a LocalAddr value of "::" or "0.0.0.0". That
may or may not have fixed Elan's problem because that was the result of a old
buggy version of IO::Socket::INET6. We would still want the creation of a dummy
socket to check for the case of IO::Socket::INET6 being broken. Perhaps we
should create two dummy sockets, one with ipv6 and one with ipv4 addresses just
to be sure, as that would let us gracefully handle a hosed version like Elan had.

The advantage of doing it that way is there would no longer be any reason to
refer to AF_INET6 and we could eliminate the tests to avoid referring to the
macro when it isn't defined.

I added in those changes and commited it in revision 325836.

Closing the bug again.

> I added in those changes and commited it in revision 325836. 
> Closing the bug again. 
 
Sorry for coming late for lunch. 
 
> --ipv4only, --ipv4-only, --ipv4    Disable attempted use of ipv6 for DNS 
 
May I suggest different option names, along the precedences 
that I'm familiar with: 
 
ssh: 
    -4  Forces ssh to use IPv4 addresses only. 
    -6  Forces ssh to use IPv6 addresses only. 
 
telnet: 
    -4  Forces telnet to use IPv4 addresses only. 
    -6  Forces telnet to use IPv6 addresses only. 
 
ftp: 
    -4  Forces ftp to only use IPv4 addresses. 
    -6  Forces ftp to only use IPv6 addresses. 
 
rsync: 
    -4, --ipv4  prefer IPv4 
    -6, --ipv6  prefer IPv6 
 
dig: 
    The -4 option forces dig to only use IPv4 query transport. 
    The -6 option forces dig to only use IPv6 query transport. 
 
wget: 
     -4  --inet4-only 
     -6  --inet6-only 
 
curl: 
    -4/--ipv4 
        If libcurl is capable of resolving an address to multiple IP 
        versions (which it is if it is ipv6-capable), this option tells 
        libcurl to resolve names to IPv4 addresses only. 
 
    -6/--ipv6 
        If libcurl is capable of resolving an address to multiple IP 
        versions (which it is if it is ipv6-capable), this option tells 
        libcurl to resolve names to IPv6  addresses  only. 
 
 
By default all these applications use whatever is available, 
with a first choice being IPv6 if available. The choice of 
-4 and -6 seems to be universal, while other option aliases differ. 
 

well, it'd be easy enough to add "-4"/"--ipv4" as the option strings there.

I would like to second adding "-4" to the allowed option strings.  You already
have "--ipv4" in the patch.  I have no opinion on removing the other two that
are in the patch.

I'd prefer just the "-4"/"--ipv4" options.  I think the "only" ones are excessive.

When starting spamd:

error: force_v4: no such method at
/usr/lib/perl5/site_perl/5.8.6/Mail/SpamAssassin/DnsResolver.pm line 126

platform: Linux triscuit 2.4.29 #10 Sun Apr 17 12:02:33 BST 2005 i686 unknown
unknown GNU/Linux
lrwxrwxrwx  1 root root      13 2005-04-10 17:46 /lib/libc.so.6 -> libc-2.3.4.so*

perl version: 5.8.6

Output of spamassassin -D --lint:
[16260] dbg: logger: adding facilities: all
[16260] dbg: logger: logging level is DBG
[16260] dbg: generic: SpamAssassin version 3.2.0-r322462
[16260] dbg: config: score set 0 chosen.
[16260] dbg: util: running in taint mode? yes
[16260] dbg: util: taint mode: deleting unsafe environment variables, resetting PATH
[16260] dbg: util: PATH included '/usr/local/bin', keeping
[16260] dbg: util: PATH included '/usr/bin', keeping
[16260] dbg: util: PATH included '/bin', keeping
[16260] dbg: util: PATH included '/usr/X11R6/bin', keeping
[16260] dbg: util: PATH included '/usr/games', which doesn't exist, dropping
[16260] dbg: util: PATH included '/usr/java/j2sdk1.4.2_06/bin', keeping
[16260] dbg: util: PATH included '/usr/java/jakarta-ant-1.4.1/bin', which
doesn't exist, dropping
[16260] dbg: util: PATH included '/usr/share/texmf/bin', keeping
[16260] dbg: util: PATH included '.', which is not absolute, dropping
[16260] dbg: util: final PATH set to:
/usr/local/bin:/usr/bin:/bin:/usr/X11R6/bin:/usr/java/j2sdk1.4.2_06/bin:/usr/share/texmf/bin
[16260] dbg: dns: no ipv6
[16260] dbg: dns: is Net::DNS::Resolver available? yes
[16260] dbg: dns: Net::DNS version: 0.49
[16260] dbg: dns: name server: 127.0.0.1, LocalAddr: 0.0.0.0
[16260] dbg: diag: perl platform: 5.008006 linux
[16260] dbg: diag: module installed: Digest::SHA1, version 2.10
[16260] dbg: diag: module installed: DB_File, version 1.810
[16260] dbg: diag: module installed: Net::DNS, version 0.49
[16260] dbg: diag: module installed: Net::SMTP, version 2.29
[16260] dbg: diag: module installed: Mail::SPF::Query, version 1.997
[16260] dbg: diag: module installed: IP::Country::Fast, version 309.002
[16260] dbg: diag: module not installed: Razor2::Client::Agent ('require' failed)
[16260] dbg: diag: module not installed: Net::Ident ('require' failed)
[16260] dbg: diag: module not installed: IO::Socket::INET6 ('require' failed)
[16260] dbg: diag: module not installed: IO::Socket::SSL ('require' failed)
[16260] dbg: diag: module installed: Time::HiRes, version 1.65
[16260] dbg: diag: module installed: DBI, version 1.46
[16260] dbg: diag: module installed: Getopt::Long, version 2.34
[16260] dbg: diag: module installed: LWP::UserAgent, version 2.032
[16260] dbg: diag: module installed: HTTP::Date, version 1.46
[16260] dbg: diag: module installed: Archive::Tar, version 1.23
[16260] dbg: diag: module installed: IO::Zlib, version 1.04
[16260] dbg: diag: module installed: MIME::Base64, version 3.05
[16260] dbg: diag: module installed: HTML::Parser, version 3.45
[16260] dbg: ignore: using a test message to lint rules
[16260] dbg: config: using "/etc/mail/spamassassin" for site rules pre files
[16260] dbg: config: read file /etc/mail/spamassassin/init.pre
[16260] dbg: config: read file /etc/mail/spamassassin/v310.pre
[16260] dbg: config: using "/usr/share/spamassassin" for sys rules pre files
[16260] dbg: config: using "/usr/share/spamassassin" for default rules dir
[16260] dbg: config: read file /usr/share/spamassassin/10_default_prefs.cf
[16260] dbg: config: read file /usr/share/spamassassin/20_dnsbl_tests.cf
[16260] dbg: config: read file /usr/share/spamassassin/20_html_tests.cf
[16260] dbg: config: read file /usr/share/spamassassin/20_net_tests.cf
[16260] dbg: config: read file /usr/share/spamassassin/20_soloway.cf
[16260] dbg: config: read file /usr/share/spamassassin/23_bayes.cf
[16260] dbg: config: read file /usr/share/spamassassin/25_accessdb.cf
[16260] dbg: config: read file /usr/share/spamassassin/25_antivirus.cf
[16260] dbg: config: read file /usr/share/spamassassin/25_dcc.cf
[16260] dbg: config: read file /usr/share/spamassassin/25_domainkeys.cf
[16260] dbg: config: read file /usr/share/spamassassin/25_hashcash.cf
[16260] dbg: config: read file /usr/share/spamassassin/25_pyzor.cf
[16260] dbg: config: read file /usr/share/spamassassin/25_razor2.cf
[16260] dbg: config: read file /usr/share/spamassassin/25_spf.cf
[16260] dbg: config: read file /usr/share/spamassassin/25_textcat.cf
[16260] dbg: config: read file /usr/share/spamassassin/25_uribl.cf
[16260] dbg: config: read file /usr/share/spamassassin/60_awl.cf
[16260] dbg: config: read file /usr/share/spamassassin/60_whitelist.cf
[16260] dbg: config: read file /usr/share/spamassassin/60_whitelist_subject.cf
[16260] dbg: config: using "/etc/mail/spamassassin" for site rules dir
[16260] dbg: config: read file /etc/mail/spamassassin/local.cf
[16260] dbg: config: using "/home/henry/.spamassassin" for user state dir
[16260] dbg: config: using "/home/henry/.spamassassin/user_prefs" for user prefs
file
[16260] dbg: config: read file /home/henry/.spamassassin/user_prefs
[16260] dbg: plugin: loading Mail::SpamAssassin::Plugin::URIDNSBL from @INC
[16260] dbg: plugin: registered Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x82e7a0c)
[16260] dbg: plugin: loading Mail::SpamAssassin::Plugin::Hashcash from @INC
[16260] dbg: plugin: registered Mail::SpamAssassin::Plugin::Hashcash=HASH(0x8dc43bc)
[16260] dbg: plugin: loading Mail::SpamAssassin::Plugin::SPF from @INC
[16260] dbg: plugin: registered Mail::SpamAssassin::Plugin::SPF=HASH(0x8e7fb80)
[16260] dbg: plugin: loading Mail::SpamAssassin::Plugin::Pyzor from @INC
[16260] dbg: pyzor: network tests on, attempting Pyzor
[16260] dbg: plugin: registered Mail::SpamAssassin::Plugin::Pyzor=HASH(0x8e95a84)
[16260] dbg: plugin: loading Mail::SpamAssassin::Plugin::SpamCop from @INC
[16260] dbg: reporter: network tests on, attempting SpamCop
[16260] dbg: plugin: registered Mail::SpamAssassin::Plugin::SpamCop=HASH(0x8eaad84)
[16260] dbg: plugin: loading Mail::SpamAssassin::Plugin::AWL from @INC
[16260] dbg: plugin: registered Mail::SpamAssassin::Plugin::AWL=HASH(0x8ec9930)
[16260] dbg: plugin: loading Mail::SpamAssassin::Plugin::AutoLearnThreshold from
@INC
[16260] dbg: plugin: registered
Mail::SpamAssassin::Plugin::AutoLearnThreshold=HASH(0x8ed1e2c)
[16260] dbg: plugin: loading Mail::SpamAssassin::Plugin::WhiteListSubject from @INC
[16260] dbg: plugin: registered
Mail::SpamAssassin::Plugin::WhiteListSubject=HASH(0x8ed9f58)
[16260] dbg: plugin: loading Mail::SpamAssassin::Plugin::MIMEHeader from @INC
[16260] dbg: plugin: registered
Mail::SpamAssassin::Plugin::MIMEHeader=HASH(0x8ee2424)
[16260] dbg: plugin: loading Mail::SpamAssassin::Plugin::ReplaceTags from @INC
[16260] dbg: plugin: registered
Mail::SpamAssassin::Plugin::ReplaceTags=HASH(0x8eeceac)
[16260] dbg: config: allowing user rules!
[16260] dbg: config: adding redirector regex:
m'^http.*?/redirect\.php\?.*(?<=[?&])goto=(.*?)(?:$|[&\#])'i
[16260] dbg: plugin: Mail::SpamAssassin::Plugin::ReplaceTags=HASH(0x8eeceac)
implements 'finish_parsing_end'
[16260] dbg: replacetags: replacing tags
[16260] dbg: replacetags: done replacing tags
[16260] dbg: config: using "/home/henry/.spamassassin" for user state dir
[16260] dbg: bayes: tie-ing to DB file R/O /home/henry/.spamassassin/bayes_toks
[16260] dbg: bayes: tie-ing to DB file R/O /home/henry/.spamassassin/bayes_seen
[16260] dbg: bayes: found bayes db version 3
[16260] dbg: bayes: DB journal sync: last sync: 1130259011
[16260] dbg: config: using "/home/henry/.spamassassin" for user state dir
[16260] dbg: config: score set 3 chosen.
[16260] dbg: message: ---- MIME PARSER START ----
[16260] dbg: message: main message type: text/plain
[16260] dbg: message: parsing normal part
[16260] dbg: message: added part, type: text/plain
[16260] dbg: message: ---- MIME PARSER END ----
[16260] dbg: dns: dns_available set to yes in config file, skipping test
[16260] dbg: metadata: X-Spam-Relays-Trusted:
[16260] dbg: metadata: X-Spam-Relays-Untrusted:
[16260] dbg: message: no encoding detected
[16260] dbg: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x82e7a0c)
implements 'parsed_metadata'
[16260] dbg: uridnsbl: domains to query:
[16260] dbg: dns: checking RBL sbl-xbl.spamhaus.org., set sblxbl-notfirsthop
[16260] dbg: dns: checking RBL dialups.mail-abuse.org., set dialup-notfirsthop
[16260] dbg: dns: checking RBL sa-accredit.habeas.com., set habeas-firsttrusted
[16260] dbg: dns: checking RBL sbl-xbl.spamhaus.org., set sblxbl
[16260] dbg: dns: checking RBL sa-other.bondedsender.org., set bsp-untrusted
[16260] dbg: dns: checking RBL combined.njabl.org., set njabl-notfirsthop
[16260] dbg: dns: checking RBL combined.njabl.org., set njabl
[16260] dbg: dns: checking RBL combined-HIB.dnsiplists.completewhois.com., set whois
[16260] dbg: dns: checking RBL blackholes.mail-abuse.org., set rbl
[16260] dbg: dns: checking RBL list.dsbl.org., set dsbl-notfirsthop
[16260] dbg: dns: checking RBL bl.spamcop.net., set spamcop
[16260] dbg: dns: checking RBL sa-trusted.bondedsender.org., set bsp-firsttrusted
[16260] dbg: dns: checking RBL combined-HIB.dnsiplists.completewhois.com., set
whois-notfirsthop
[16260] dbg: dns: checking RBL relays.mail-abuse.org., set rss
[16260] dbg: dns: checking RBL nonconfirm.mail-abuse.org., set nml
[16260] dbg: dns: checking RBL dnsbl.sorbs.net., set sorbs-notfirsthop
[16260] dbg: dns: checking RBL dnsbl.sorbs.net., set sorbs
[16260] dbg: dns: checking RBL iadb.isipp.com., set iadb-firsttrusted
[16260] dbg: check: running tests for priority: 0
[16260] dbg: rules: running header regexp tests; score so far=0
[16260] dbg: plugin: registering glue method for check_hashcash_value
(Mail::SpamAssassin::Plugin::Hashcash=HASH(0x8dc43bc))
[16260] dbg: plugin: registering glue method for check_for_spf_helo_softfail
(Mail::SpamAssassin::Plugin::SPF=HASH(0x8e7fb80))
[16260] dbg: spf: message was delivered entirely via trusted relays, not required
[16260] dbg: plugin: registering glue method for check_for_spf_softfail
(Mail::SpamAssassin::Plugin::SPF=HASH(0x8e7fb80))
[16260] dbg: spf: message was delivered entirely via trusted relays, not required
[16260] dbg: plugin: registering glue method for check_hashcash_double_spend
(Mail::SpamAssassin::Plugin::Hashcash=HASH(0x8dc43bc))
[16260] dbg: plugin: registering glue method for check_for_spf_helo_pass
(Mail::SpamAssassin::Plugin::SPF=HASH(0x8e7fb80))
[16260] dbg: eval: all '*From' addrs: ignore@compiling.spamassassin.taint.org
[16260] dbg: eval: all '*To' addrs:
[16260] dbg: plugin: registering glue method for check_for_spf_fail
(Mail::SpamAssassin::Plugin::SPF=HASH(0x8e7fb80))
[16260] dbg: plugin: registering glue method for check_subject_in_blacklist
(Mail::SpamAssassin::Plugin::WhiteListSubject=HASH(0x8ed9f58))
[16260] dbg: plugin: registering glue method for check_for_spf_helo_fail
(Mail::SpamAssassin::Plugin::SPF=HASH(0x8e7fb80))
[16260] dbg: plugin: registering glue method for check_for_spf_helo_neutral
(Mail::SpamAssassin::Plugin::SPF=HASH(0x8e7fb80))
[16260] dbg: plugin: registering glue method for check_for_spf_pass
(Mail::SpamAssassin::Plugin::SPF=HASH(0x8e7fb80))
[16260] dbg: plugin: registering glue method for check_subject_in_whitelist
(Mail::SpamAssassin::Plugin::WhiteListSubject=HASH(0x8ed9f58))
[16260] dbg: plugin: registering glue method for check_for_spf_neutral
(Mail::SpamAssassin::Plugin::SPF=HASH(0x8e7fb80))
[16260] dbg: rules: running body-text per-line regexp tests; score so far=0
[16260] dbg: uri: running uri tests; score so far=0
[16260] dbg: plugin: registering glue method for check_uridnsbl
(Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x82e7a0c))
[16260] dbg: bayes: DB journal sync: last sync: 1130259011
[16260] dbg: bayes: corpus size: nspam = 42194, nham = 36935
[16260] dbg: bayes: score = 0.00397869727996919
[16260] dbg: bayes: DB expiry: tokens in DB: 148154, Expiry max size: 150000,
Oldest atime: 1128910193, Newest atime: 1130266285, Last expire: 1129825550,
Current time: 1130266760
[16260] dbg: bayes: DB journal sync: last sync: 1130259011
[16260] dbg: bayes: untie-ing
[16260] dbg: bayes: untie-ing db_toks
[16260] dbg: bayes: untie-ing db_seen
[16260] dbg: rules: ran eval rule BAYES_00 ======> got hit
[16260] dbg: rules: running raw-body-text per-line regexp tests; score so far=-1
[16260] dbg: rules: running full-text regexp tests; score so far=-1
[16260] dbg: plugin: registering glue method for check_pyzor
(Mail::SpamAssassin::Plugin::Pyzor=HASH(0x8e95a84))
[16260] dbg: pyzor: use_pyzor option not enabled, disabling Pyzor
[16260] dbg: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x82e7a0c)
implements 'check_tick'
[16260] dbg: check: running tests for priority: 500
[16260] dbg: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x82e7a0c)
implements 'check_post_dnsbl'
[16260] dbg: rules: running meta tests; score so far=-1
[16260] dbg: rules: running header regexp tests; score so far=-1
[16260] dbg: rules: running body-text per-line regexp tests; score so far=-1
[16260] dbg: uri: running uri tests; score so far=-1
[16260] dbg: rules: running raw-body-text per-line regexp tests; score so far=-1
[16260] dbg: rules: running full-text regexp tests; score so far=-1
[16260] dbg: check: running tests for priority: 1000
[16260] dbg: rules: running meta tests; score so far=-1
[16260] dbg: rules: running header regexp tests; score so far=-1
[16260] dbg: plugin: registering glue method for check_from_in_auto_whitelist
(Mail::SpamAssassin::Plugin::AWL=HASH(0x8ec9930))
[16260] dbg: config: using "/home/henry/.spamassassin" for user state dir
[16260] dbg: locker: safe_lock: created
/home/henry/.spamassassin/auto-whitelist.lock.triscuit.stern.ca.16260
[16260] dbg: locker: safe_lock: trying to get lock on
/home/henry/.spamassassin/auto-whitelist with 0 retries
[16260] dbg: locker: safe_lock: link to
/home/henry/.spamassassin/auto-whitelist.lock: link ok
[16260] dbg: auto-whitelist: tie-ing to DB file of type DB_File R/W in
/home/henry/.spamassassin/auto-whitelist
[16260] dbg: auto-whitelist: db-based
ignore@compiling.spamassassin.taint.org|ip=none scores 0/0
[16260] dbg: auto-whitelist: AWL active, pre-score: -1, autolearn score: -1,
mean: undef, IP: undef
[16260] dbg: auto-whitelist: DB addr list: untie-ing and unlocking
[16260] dbg: auto-whitelist: DB addr list: file locked, breaking lock
[16260] dbg: locker: safe_unlock: unlink
/home/henry/.spamassassin/auto-whitelist.lock
[16260] dbg: auto-whitelist: post auto-whitelist score: -1
[16260] dbg: rules: running body-text per-line regexp tests; score so far=-1
[16260] dbg: uri: running uri tests; score so far=-1
[16260] dbg: rules: running raw-body-text per-line regexp tests; score so far=-1
[16260] dbg: rules: running full-text regexp tests; score so far=-1
[16260] dbg: check: is spam? score=-1 required=5
[16260] dbg: check: tests=BAYES_00
[16260] dbg: check: subtests=
[16260] warn: lint: 1 issues detected, please rerun with debug enabled for more
information

Whoops. ipv6 support, and the force_v4 option that is part of it, were added to
Net::DNS in version 0.50 or so. We have to decide whether to require a newer
version of Net::DNS than we currently require or to skip the ipv6 options if the
version is older than 0.50.

Created attachment 3208 [details]
Patch to allow this to work with older versions of Net::DNS that do not have the force_v4 option

Henry or someone else with Net::DNS version 0.49 or older, please test this
patch to trunk to see if it works ok. I don't have a machine handy right now to
do the test myself. I did confirm that it seems to work with the latest
Net::DNS and that there is no error when I use a different bogus argument to
new().

Once I get confirmaiton that this fixes the problem I'll check it in.

This patch fixes the problem for me.  +1

Committed revision 328495