SA Bugzilla – Bug 6896
URL parser collects also invalid domain names, resulting in warnings from a DNS resolver
Last modified: 2013-02-04 20:52:01 UTC
Now that the DNS resolver is a bit more picky and chatty about DNS errors, we can see occasional warnings like these in the log: dns: new_dns_packet (host=patch-media-webrtc-trunk-src-modules-audio _device-main-source-linux-latebindingsymboltable_linux.cc. type=ANY class=IN) failed: a label in a domain name is longer than 63 bytes dns: new_dns_packet (domain=sintef..no. type=ANY class=IN) failed: a domain name contains a null label dns: new_dns_packet (domain=scientificadvances..co.in. type=A class=IN) failed: a domain name contains a null label dns: new_dns_packet (host=.appriver.com. type=A class=IN) failed: a domain name contains a null label dns: new_dns_packet (host=Www.masa\276E.COm. type=ANY class=IN) failed: invalid name at /usr/local/lib/perl5/site_perl/5.17.7/mach/Net/DNS/Question.pm line 87. dns: new_dns_packet (host=www.theasian.asia\303\243\302\200\302 \200\303\243\302\200\302\200\303\243\302\200\302\200ar.theasian.asia. type=ANY class=IN) failed: invalid name at /usr/local/lib/perl5/site_perl/5.17.7/mach/Net/DNS/Question.pm line 80. The following are similar, but they come from a SPF plugin, or rather, from its underlying perl module: dns: new_dns_packet (host=. type=SPF class=IN) failed: a domain name contains a null label dns: new_dns_packet (host=. type=TXT class=IN) failed: a domain name contains a null label dns: new_dns_packet (domain=. type=SPF class=IN) failed: a domain name contains a null label dns: new_dns_packet (domain=. type=TXT class=IN) failed: a domain name contains a null label Choices: - demote the resolver warning into an 'info' debug level message and not to bother with the cause; - let the URL parser ignore such invalid domain names, (or perhaps attempt to sanitize them???) - those coming from the SPF plugin seem to find such invalid domain names either in a HELO, or in some published SPF record, and apparently do not bother checking for valid syntax
+1 for - demote the resolver warning into an 'info' debug level message and not to bother with the cause;
(In reply to comment #1) > +1 for > - demote the resolver warning into an 'info' debug level message > and not to bother with the cause; Ok, done. Also dealt with encoding/decoding backslashes as expected by Net::DNS, and decoding queries for sensible and consistent display purposes. Domain names as considered invalid by Net::DNS are still broken, along with the new gratuitous idea of Net::DNS to IDN-encode (or not to encode) such domains based solely on a presence of an IDN module, without giving a caller of choice of explicitly requesting one or the other behavior. Oh well. But that's a subject for some other problem report. trunk: Bug 6896: encode/decode a DNS query according to RFC 1035 zone file format as expected by Net::DNS API (what a terrible idea!), turn warning into info() for unmatching DNS responses Sending lib/Mail/SpamAssassin/AsyncLoop.pm Sending lib/Mail/SpamAssassin/DnsResolver.pm Sending lib/Mail/SpamAssassin/Plugin/AskDNS.pm Sending lib/Mail/SpamAssassin/Util.pm Committed revision 1438670.
trunk: More informative diagnostics in case of a DNS response with no query section Sending lib/Mail/SpamAssassin/DnsResolver.pm Committed revision 1438806. (stated a wrong bug number in the SVN log, sorry)
This should also fix cases like: dns: new_dns_packet (domain=ev\335ndeYAp.coM. type=ANY class=IN) failed: invalid name at /usr/local/lib/perl5/site_perl/5.17.7/mach/Net/DNS/Question.pm line 80. ...with newer versions of Net::DNS when a module Net::LibIDN happens to be installed on the host. trunk: DnsResolver.pm: encode characters above 0200 to prevent Net::DNS 0.68 from interpreting these as an IDN domain name' lib/Mail/SpamAssassin/DnsResolver.pm Sending lib/Mail/SpamAssassin/DnsResolver.pm Committed revision 1439552.
Closing. In summary: - URI and SPF parsers can still produce syntactically invalid domain names, but a warn has been demoted to an info message; - a backslash and high-code characters are now encoded according to RFC 1035 as expected by Net::DNS; - improved logging in case of receiving a DNS reply with no question section.
encode also nonprintables, just in case (Net::DNS feature-proofing) Sending lib/Mail/SpamAssassin/DnsResolver.pm Committed revision 1439884.
Just in case someone decides to tackle the URI parser some day in the indefinite future, here are two more cases of invalid domain names ending up in a DNS query, resulting in the following info() log entries: dns: new_dns_packet (domain= kluba-------------------------------------------------------------www.last-minute.si. type=ANY class=IN) failed: a label in a domain name is longer than 63 bytes dns: new_dns_packet (domain= \134documents and settings\134shenette\134desktop\1342012\134april emailing\134environment\134www.oxfordroundtable.co.uk. type=A class=IN) failed: a label in a domain name is longer than 63 bytes
Here is another case, this time I was able to collect the source text too: dns: new_dns_packet (domain= \134documents and settings\134shenette\134desktop\1342012\134april emailing\134environment\134www.oxfordroundtable.co.uk. type=A class=IN) failed: a label in a domain name is longer than 63 bytes which comes from an QP-encoded HTML: <P style=3D"MARGIN: 0in 0in 0pt" class=3DMsoNormal><SPAN style=3D"FONT-FAMI= LY: 'Times New Roman','serif'; mso-fareast-font-family: 'Times New Roman'; = mso-no-proof: yes; mso-fareast-theme-font: minor-fareast">Web Site:<SPAN st= yle=3D"mso-spacerun: yes"> </SPAN></SPAN><A href=3D"C:\Do= cuments and Settings\Shenette\Desktop\2012\April Emailing\Environment\www.o= xfordroundtable.co.uk"><SPAN style=3D"FONT-FAMILY: 'Times New Roman','serif= '; mso-fareast-font-family: 'Times New Roman'; mso-no-proof: yes; mso-farea= st-theme-font: minor-fareast">www.oxfordroundtable.co.uk</SPAN></A><SPAN st= yle=3D"FONT-FAMILY: 'Times New Roman','serif'; mso-fareast-font-family: 'Ti= mes New Roman'; mso-no-proof: yes; mso-fareast-theme-font: minor-fareast"> = <o:p></o:p></SPAN></P> I wonder what a browser is supposed to do with the link: <A href="C:\Documents and Settings\Shenette\Desktop\2012\April Emailing\Environment\www.oxfordroundtable.co.uk">
(In reply to comment #8) > I wonder what a browser is supposed to do with the link: > > <A href="C:\Documents and Settings\Shenette\Desktop\2012\April > Emailing\Environment\www.oxfordroundtable.co.uk"> That works _great_... on the desktop of the person who is composing the email message... I feel a rule coming on... :)