Ubuntu
pypolicyd-spf package

policyd-spf crashing with IndexError

Bug #455991 reported by Erik de Castro Lopo
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
pypolicyd-spf
Fix Released
Undecided
Unassigned
pypolicyd-spf (Ubuntu)
Fix Released
High
Scott Kitterman

Bug Description

The following from my /var/log/mail.info file:

Oct 20 13:00:24 xxxxxxx postfix/smtpd[13361]: connect from mx03.myitml.com[91.208.47.34]
Oct 20 13:00:25 xxxxxxx postfix/smtpd[13875]: disconnect from unknown[212.25.14.162]
Oct 20 13:00:25 xxxxxxx policyd-spf[13876]: Read line: "request=smtpd_access_policy"
Oct 20 13:00:25 xxxxxxx policyd-spf[13876]: Read line: "protocol_state=RCPT"
Oct 20 13:00:25 xxxxxxx policyd-spf[13876]: Read line: "protocol_name=ESMTP"
Oct 20 13:00:25 xxxxxxx policyd-spf[13876]: Read line: "client_address=91.208.47.34"
Oct 20 13:00:25 xxxxxxx policyd-spf[13876]: Read line: "client_name=mx03.myitml.com"
Oct 20 13:00:25 xxxxxxx policyd-spf[13876]: Read line: "reverse_client_name=mx03.myitml.com"
Oct 20 13:00:25 xxxxxxx policyd-spf[13876]: Read line: "helo_name=mx03.myitml.com"
Oct 20 13:00:25 xxxxxxx policyd-spf[13876]: Read line: "sender=MAILER-DAEMON"
Oct 20 13:00:25 xxxxxxx policyd-spf[13876]: Read line: "<email address hidden>"
Oct 20 13:00:25 xxxxxxx policyd-spf[13876]: Read line: "recipient_count=0"
Oct 20 13:00:25 xxxxxxx policyd-spf[13876]: Read line: "queue_id="
Oct 20 13:00:25 xxxxxxx policyd-spf[13876]: Read line: "instance=3431.4add19b9.a63db.0"
Oct 20 13:00:25 xxxxxxx policyd-spf[13876]: Read line: "size=4427"
Oct 20 13:00:25 xxxxxxx policyd-spf[13876]: Read line: "etrn_domain="
Oct 20 13:00:25 xxxxxxx policyd-spf[13876]: Read line: "stress="
Oct 20 13:00:25 xxxxxxx policyd-spf[13876]: Read line: "sasl_method="
Oct 20 13:00:25 xxxxxxx policyd-spf[13876]: Read line: "sasl_username="
Oct 20 13:00:25 xxxxxxx policyd-spf[13876]: Read line: "sasl_sender="
Oct 20 13:00:25 xxxxxxx policyd-spf[13876]: Read line: "ccert_subject="
Oct 20 13:00:25 xxxxxxx policyd-spf[13876]: Read line: "ccert_issuer="
Oct 20 13:00:25 xxxxxxx policyd-spf[13876]: Read line: "ccert_fingerprint="
Oct 20 13:00:25 xxxxxxx policyd-spf[13876]: Read line: "encryption_protocol="
Oct 20 13:00:25 xxxxxxx policyd-spf[13876]: Read line: "encryption_cipher="
Oct 20 13:00:25 xxxxxxx policyd-spf[13876]: Read line: "encryption_keysize=0"
Oct 20 13:00:25 xxxxxxx policyd-spf[13876]: Read line: ""
Oct 20 13:00:25 xxxxxxx policyd-spf[13876]: Found the end of entry
Oct 20 13:00:25 xxxxxxx policyd-spf[13876]: Config: {'Mail_From_reject': 'Fail', 'PermError_reject': 'False', 'HELO_reject': 'SPF_Not_Pass', 'defaultSeedOnly': 1, 'debugLevel': 4, 'skip_addresses': '127.0.0.0/8,::ffff:127.0.0.0//104,::1//128', 'TempError_Defer': 'False'}
Oct 20 13:00:26 xxxxxxx policyd-spf[13876]: spfcheck: pyspf result: "['None', '', 'helo']"
Oct 20 13:00:26 xxxxxxx policyd-spf[13876]: None; identity=helo; client-ip=91.208.47.34; helo=mx03.myitml.com; envelope-from=mailer-daemon; <email address hidden>
Oct 20 13:00:26 xxxxxxx policyd-spf[13876]: Traceback (most recent call last):
Oct 20 13:00:26 xxxxxxx policyd-spf[13876]: File "/usr/bin/policyd-spf", line 420, in <module>
Oct 20 13:00:26 xxxxxxx policyd-spf[13876]: instance_dict, configData)
Oct 20 13:00:26 xxxxxxx policyd-spf[13876]: File "/usr/bin/policyd-spf", line 343, in spfcheck
Oct 20 13:00:26 xxxxxxx policyd-spf[13876]: mfrom_resultpolicy, local = get_resultcodes(configData, 'mfrom')
Oct 20 13:00:26 xxxxxxx policyd-spf[13876]: File "/usr/bin/policyd-spf", line 122, in get_resultcodes
Oct 20 13:00:26 xxxxxxx policyd-spf[13876]: if spf.domainmatch(reject_domain_list, sender_domain[1]):
Oct 20 13:00:26 xxxxxxx policyd-spf[13876]: IndexError: list index out of range
Oct 20 13:00:26 xxxxxxx postfix/spawn[13484]: warning: command /usr/bin/python exit status 1
Oct 20 13:00:26 xxxxxxx postfix/smtpd[13361]: warning: premature end-of-input on private/spfpolicy while reading input attribute name

ProblemType: Bug
Architecture: amd64
DistroRelease: Ubuntu 9.04
Package: postfix-policyd-spf-python 0.7.1-1
PackageArchitecture: all
ProcEnviron:
 SHELL=/bin/bash
 PATH=(custom, user)
 LANG=en_AU.UTF-8
SourcePackage: pypolicyd-spf
Uname: Linux 2.6.28-15-generic x86_64

Revision history for this message
Erik de Castro Lopo (erikd) wrote :
Revision history for this message
Erik de Castro Lopo (erikd) wrote :

The problem is This code:

    sender_domain = string.split(sender, '@', 1)
    if spf.domainmatch(reject_domain_list, sender_domain[1]):

If sender has no '@' character, sender_domain ends up as a single element list and trying to index it by [1] results in an IndexError exception.

A robust solution to this (available for python >= 2.5) is:

    sender_domain = sender.partition ('@')[2]
    if spf.domainmatch(reject_domain_list, sender_domain):

The parition method applied to the sender string is guaranteed to return a 3 element tuple of which the [2] indexing grabs the last element.

I've hacked the policy-spf script on my incoming mail gateway as above and its been running for 20 plus hours without a hitch.

Revision history for this message
Scott Kitterman (kitterman) wrote :

Oct 20 13:00:25 xxxxxxx policyd-spf[13876]: Read line: "sender=MAILER-DAEMON" is not a case I had considered. Thanks. I'm going to patch this for Karmic and then do a new upstream release with some other stuff shortly.

Changed in pypolicyd-spf (Ubuntu):
importance: Undecided → High
status: New → In Progress
assignee: nobody → Scott Kitterman (kitterman)
Revision history for this message
Scott Kitterman (kitterman) wrote :

Fix uploaded to Karmic. Thanks. Fixing the test suite took longer than everything else (not fun).

Changed in pypolicyd-spf (Ubuntu):
status: In Progress → Fix Committed
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package pypolicyd-spf - 0.7.1-1ubuntu1

---------------
pypolicyd-spf (0.7.1-1ubuntu1) karmic; urgency=low

  * Add debian/patches/mailerdaemon-crash-fix.patch to fix crash when "@" is
    missing from the Mail From address (LP: #455991)
    - Patch thanks to Erik de Castro Lopo
  * Version python-dev depends to 2.5 and later since the patch uses a Python
    2.5 function

 -- Scott Kitterman <email address hidden> Wed, 21 Oct 2009 22:01:05 -0400

Changed in pypolicyd-spf (Ubuntu):
status: Fix Committed → Fix Released
Scott Kitterman (kitterman)
Changed in pypolicyd-spf:
status: New → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.