Details

    • Type: Bug Bug
    • Status: Resolved
    • Priority: Critical Critical
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 3.0.0
    • Component/s: SMTPServer
    • Labels:
      None
    • Environment:
      James Trunk

      Description

      With each MAIL/RCPT without @Domain... the DomainList grow, grow, grow,... without limit... and log grows and grows still more...

        Activity

        Hide
        Norman Maurer added a comment -

        You was right. When using the XMLDomainList the List growed everytime when getDomainList() was called. I fixed it by returning a new ArrayList everytime the getDomainList() is called.

        Show
        Norman Maurer added a comment - You was right. When using the XMLDomainList the List growed everytime when getDomainList() was called. I fixed it by returning a new ArrayList everytime the getDomainList() is called.
        Hide
        Danny Angus added a comment -

        I agree that this cures the initial symptom of log flooding, but I don't think it resolves the DoS because the collection will grow in the background.

        Is the root cause not that the AbstractDomainList.getDomains will repeatedly add all of the local domains every time?

        Look at this stripped out method (below) there's no condition to make sure the auto-detect only runs once.
        It might be implied by an assumption that getDomains is only called in certain lifecycle start-up methods, but if so its use in MailFilterCmdHandler.java & RcptFilterCmdHandler.java proves that this is a fragile assumption which isn't documented or enforced.

        If you agree, I'm happy to fix it, so you can assign this to me.

        public List getDomains() {
        ...
        if (domains != null) {
        ...
        if (autoDetectIP == true)

        { domains.addAll(DomainListUtil.getDomainsIP(domains,dns,getLogger())); }

        return domains;
        }

        }

        Show
        Danny Angus added a comment - I agree that this cures the initial symptom of log flooding, but I don't think it resolves the DoS because the collection will grow in the background. Is the root cause not that the AbstractDomainList.getDomains will repeatedly add all of the local domains every time? Look at this stripped out method (below) there's no condition to make sure the auto-detect only runs once. It might be implied by an assumption that getDomains is only called in certain lifecycle start-up methods, but if so its use in MailFilterCmdHandler.java & RcptFilterCmdHandler.java proves that this is a fragile assumption which isn't documented or enforced. If you agree, I'm happy to fix it, so you can assign this to me. public List getDomains() { ... if (domains != null) { ... if (autoDetectIP == true) { domains.addAll(DomainListUtil.getDomainsIP(domains,dns,getLogger())); } return domains; } }
        Hide
        Norman Maurer added a comment -

        Change loglevel to debug.. Now it should be fixed. Thx for reporting

        Show
        Norman Maurer added a comment - Change loglevel to debug.. Now it should be fixed. Thx for reporting
        Hide
        Norman Maurer added a comment -

        I will take care...

        Show
        Norman Maurer added a comment - I will take care...
        Hide
        Guillermo Grandes added a comment -

        I have added this parameters and... all is right!

        <James>
        <defaultDomain>localhost</defaultDomain>
        <helloName autodetect="false">localhost</helloName>
        [.....]
        </James>

        :-O

        Show
        Guillermo Grandes added a comment - I have added this parameters and... all is right! <James> <defaultDomain>localhost</defaultDomain> <helloName autodetect="false">localhost</helloName> [.....] </James> :-O
        Hide
        Guillermo Grandes added a comment -

        How-To Reproduce:

        Telnet localhost 25

        HELO x
        MAIL FROM: <x>
        RCPT TO: <n1>
        RCPT TO: <n2>
        RCPT TO: <n...10>

        In the 10th RCPT the domainlist it has grown up to 40 elements, and log have 220 lines (4 of first RCPT+8 of second+12 of third+16+...+40)
        In number 50th it generates more than 5100 lines of logs, in 100th... 20200 lines, little DoS in only seconds.

        See log of [domainlist] like this...

        2007-01-22 01:33:54,280 INFO [domainlist] Local host is: 10.1.xxx.87
        2007-01-22 01:33:54,280 ERROR [domainlist] Cannot get IP address(es) for localhost
        2007-01-22 01:33:54,282 INFO [domainlist] Handling mail for: localhost
        ----------------- this block will be repeated NNNN times -----------------
        2007-01-22 01:33:54,283 INFO [domainlist] Handling mail for: 127.0.0.1
        2007-01-22 01:33:54,283 INFO [domainlist] Handling mail for: 1xx.xxx.59.200
        2007-01-22 01:33:54,283 INFO [domainlist] Handling mail for: 2xx.xxx.231.132
        2007-01-22 01:33:54,283 INFO [domainlist] Handling mail for: 10.1.xxx.87
        — repeated —
        2007-01-22 01:33:54,283 INFO [domainlist] Handling mail for: 127.0.0.1
        2007-01-22 01:33:54,283 INFO [domainlist] Handling mail for: 1xx.xxx.59.200
        2007-01-22 01:33:54,283 INFO [domainlist] Handling mail for: 2xx.xxx.231.132
        2007-01-22 01:33:54,283 INFO [domainlist] Handling mail for: 10.1.xxx.87
        ----------------- this block will be repeated NNNN times -----------------

        My config.xml is like this:

        <domainnames>
        <domainname>localhost</domainname>
        <domainname>127.0.0.1</domainname>
        <domainname>1xx.xxx.59.200</domainname>
        <domainname>2xx.xxx.231.132</domainname>
        </domainnames>
        <autodetect>false</autodetect>
        <autodetectIP>false</autodetectIP>

        <!-- DEPRECATED: servernames should be configured in the DomainList instance. See the domainlist -->
        <!-- block configuration -->
        <!--
        <servernames autodetect="true" autodetectIP="true">
        <servername>localhost</servername>
        </servernames>
        -->

        Extracted fom /james/server/trunk/src/java/org/apache/james/smtpserver/core/filter/
        > MailFilterCmdHandler.java & RcptFilterCmdHandler.java

        if (sender.indexOf("@") < 0)

        { sender = sender + "@" + session.getConfigurationData().getMailServer().getDefaultDomain(); }

        I suppose that the problem must walk this way...

        As workarround... I have changed config.xml

        <servernames autodetect="false" autodetectIP="false">
        <servername>localhost</servername>
        </servernames>

        And DomainList don't grow, but with each MAIL/RCPT it appears in the Log the following lines:

        2007-01-22 02:14:30,985 INFO [domainlist] Local host is: 10.1.xxx.87
        2007-01-22 02:14:30,986 INFO [domainlist] Handling mail for: localhost
        2007-01-22 02:14:30,986 INFO [domainlist] Handling mail for: 127.0.0.1
        2007-01-22 02:14:30,986 INFO [domainlist] Handling mail for: 1xx.xxx.59.200
        2007-01-22 02:14:30,987 INFO [domainlist] Handling mail for: 2xx.xxx.231.132

        Show
        Guillermo Grandes added a comment - How-To Reproduce: Telnet localhost 25 HELO x MAIL FROM: <x> RCPT TO: <n1> RCPT TO: <n2> RCPT TO: <n...10> In the 10th RCPT the domainlist it has grown up to 40 elements, and log have 220 lines (4 of first RCPT+8 of second+12 of third+16+...+40) In number 50th it generates more than 5100 lines of logs, in 100th... 20200 lines, little DoS in only seconds. See log of [domainlist] like this... 2007-01-22 01:33:54,280 INFO [domainlist] Local host is: 10.1.xxx.87 2007-01-22 01:33:54,280 ERROR [domainlist] Cannot get IP address(es) for localhost 2007-01-22 01:33:54,282 INFO [domainlist] Handling mail for: localhost ----------------- this block will be repeated NNNN times ----------------- 2007-01-22 01:33:54,283 INFO [domainlist] Handling mail for: 127.0.0.1 2007-01-22 01:33:54,283 INFO [domainlist] Handling mail for: 1xx.xxx.59.200 2007-01-22 01:33:54,283 INFO [domainlist] Handling mail for: 2xx.xxx.231.132 2007-01-22 01:33:54,283 INFO [domainlist] Handling mail for: 10.1.xxx.87 — repeated — 2007-01-22 01:33:54,283 INFO [domainlist] Handling mail for: 127.0.0.1 2007-01-22 01:33:54,283 INFO [domainlist] Handling mail for: 1xx.xxx.59.200 2007-01-22 01:33:54,283 INFO [domainlist] Handling mail for: 2xx.xxx.231.132 2007-01-22 01:33:54,283 INFO [domainlist] Handling mail for: 10.1.xxx.87 ----------------- this block will be repeated NNNN times ----------------- My config.xml is like this: <domainnames> <domainname>localhost</domainname> <domainname>127.0.0.1</domainname> <domainname>1xx.xxx.59.200</domainname> <domainname>2xx.xxx.231.132</domainname> </domainnames> <autodetect>false</autodetect> <autodetectIP>false</autodetectIP> <!-- DEPRECATED: servernames should be configured in the DomainList instance. See the domainlist --> <!-- block configuration --> <!-- <servernames autodetect="true" autodetectIP="true"> <servername>localhost</servername> </servernames> --> Extracted fom /james/server/trunk/src/java/org/apache/james/smtpserver/core/filter/ > MailFilterCmdHandler.java & RcptFilterCmdHandler.java if (sender.indexOf("@") < 0) { sender = sender + "@" + session.getConfigurationData().getMailServer().getDefaultDomain(); } I suppose that the problem must walk this way... As workarround... I have changed config.xml <servernames autodetect="false" autodetectIP="false"> <servername>localhost</servername> </servernames> And DomainList don't grow, but with each MAIL/RCPT it appears in the Log the following lines: 2007-01-22 02:14:30,985 INFO [domainlist] Local host is: 10.1.xxx.87 2007-01-22 02:14:30,986 INFO [domainlist] Handling mail for: localhost 2007-01-22 02:14:30,986 INFO [domainlist] Handling mail for: 127.0.0.1 2007-01-22 02:14:30,986 INFO [domainlist] Handling mail for: 1xx.xxx.59.200 2007-01-22 02:14:30,987 INFO [domainlist] Handling mail for: 2xx.xxx.231.132

          People

          • Assignee:
            Norman Maurer
            Reporter:
            Guillermo Grandes
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development