6003 – whitelist_from_rcvd propagates to other users

Bug 6003 - whitelist_from_rcvd propagates to other users

Summary: whitelist_from_rcvd propagates to other users

Status:	RESOLVED FIXED

Alias:	None

Product:	Spamassassin
Classification:	Unclassified
Component:	spamc/spamd (show other bugs)
Version:	3.2.5
Hardware:	Other All

Importance:	P2 normal
Target Milestone:	3.3.0
Assignee:	SpamAssassin Developer Mailing List

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2008-10-24 13:56 UTC by William Taylor
Modified:	2009-09-15 15:06 UTC (History)
CC List:	2 users (show)

Attachment	Type	Modified	Status	Actions	Submitter/CLA Status
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description William Taylor 2008-10-24 13:56:44 UTC

This looks to be along the same lines as bug # 4179

We are seeing whitelist_from_rcvd rules propagating to other users in the same spamd thread.
Im not sure what sort of information if any you would need to help track this down.

Comment 1 Justin Mason 2008-10-27 15:01:36 UTC

hi William -- if you can come up with a test case that demos the bug, that'd be great...

Comment 2 William Taylor 2008-10-29 09:50:30 UTC

Here is what I do to replicate it:
user josh prefs:
mysql> select * from userpref where preference='whitelist_from_rcvd' and username='josh';
+----------+---------------------+-----------------------+---------+
| username | preference          | value                 | prefid  |
+----------+---------------------+-----------------------+---------+
| josh     | whitelist_from_rcvd | * localdomain         | 1182755 |
| josh     | whitelist_from_rcvd | * localhost           | 1182772 |
| josh     | whitelist_from_rcvd | *.sonic.net sonic.net | 1233361 |
| josh     | whitelist_from_rcvd | *@sonic.net sonic.net | 1957930 |
+----------+---------------------+-----------------------+---------+

user dms prefs:
mysql> select * from userpref where preference='whitelist_from_rcvd' and username='dms';
Empty set (0.00 sec)


cat  foo.msg  | /bin/spamc -u josh -t 180 -H -f -d a.ourspamserver.net -p 784

on a.ourspamserver I look for the pid from the message of user josh.
I then grep for that pid and start sending these:
cat  foo.msg  | /bin/spamc -u dms -t 180 -H -f -d a.ourspamserver.net -p 784
Until I catch the child that user josh used.

I then see this from some debugging code I put into WLBLEval.pm in  'sub _check_whitelist_rcvd'
HERE:
          if ($rdns =~ /(?:^|\.)\Q${domain}\E$/i) { 
            log_message("info", "FOOBEE: rules: address $addr matches (def_)whitelist_from_rcvd $list->{$white_addr}{re} ${domain}");
            dbg("rules: address $addr matches (def_)whitelist_from_rcvd $list->{$white_addr}{re} ${domain}");
            return 1;
          }


from message processed as user dms:
Oct 29 09:39:51 c spamd[11329]: FOOBEE: rules: address prog-status-bounces+dms=corp.sonic.net@listman.sonic.net matches (def_)whitelist_from_rcvd ^.*\.sonic\.net$ sonic.net


If you need more info please let me know.

Comment 3 William Taylor 2008-12-10 11:58:48 UTC

Justin,

 Any luck at reproducing this ?

Comment 4 Justin Mason 2008-12-15 15:02:42 UTC

(In reply to comment #3)
> Justin,
> 
>  Any luck at reproducing this ?

hi William -- unfortunately I haven't had the time to look into this :(

Comment 5 William Taylor 2009-05-08 10:41:40 UTC

bump... Had anytime to revist this yet ?

Comment 6 Justin Mason 2009-06-30 02:52:11 UTC

actually, I want to look at this after the alpha.

Comment 7 Justin Mason 2009-09-15 15:06:48 UTC

and fixed:

: 288...; svn commit -m "bug 6003: fix leakage of 'whitelist_from_rcvd' entries between spamd users" 
Sending        lib/Mail/SpamAssassin/Conf.pm
Sending        t/spamd_user_rules_leak.t
Adding         t/spamd_whitelist_leak.t
Transmitting file data ...
Committed revision 815516.