Hi Alexandre, first of all - thanks for your bug report :) I've checked the described problem, here are some comments on the issue:
> 0. libnet-dns-perl does not install libio-socket-inet6-perl as a dependency. > ============================================================================ > > This is not really related to policyd-weight, but that took me some time to > understand that policyd-weight would not work on an IPv6-only setup, even > bugfree, because of libio-socket-inet6-perl being not installed as dependency > of libnet-dns-perl. - libnet-dns-perl depends on libio-socket-inet6-perl in/since testing. > 1. infinite loop (100% cpu used) with default configuration > =========================================================== > > Reproduces step: > * configure system resolver(s) to be IPv6 addresses, > * launch policyd-weight with default configuration (with $DEBUG=1 for more > logging), > * test the dnsbl checks, for example by telneting the port and giving this > data, terminated with an empty line: > > request=smtpd_access_policy > protocol_state=RCPT > protocol_name=SMTP > helo_name=hello.example.com > client_address=1.3.4.5 > reverse_client_name=hello.example.com > sender=t...@domain.com > > Observed behaviour: > * the process never answers, and use 100% CPU per child ; > * the following logs are shown: > > postfix/policyd-weight[16203]: child: spawned > postfix/policyd-weight[16203]: cache_query: ask 1.3.4.5 t...@domain.com > domain.com > postfix/policyd-weight[16203]: cache_query: "ask1.3.4.5t...@domain.com 0" vs > "ask1.3.4.5t...@domain.com " > postfix/policyd-weight[16203]: rbl_lookup: sending: 5.4.3.1.pbl.spamhaus.org, > 62308 > postfix/policyd-weight[16203]: warning: child: err: send: Cannot determine > peer address at /usr/sbin/policyd-weight line 3551#012 > postfix/policyd-weight[16203]: warning: rbl_lookup: timeout sending: > 5.4.3.1.pbl.spamhaus.org > postfix/policyd-weight[16203]: rbl_lookup: sending: 5.4.3.1.pbl.spamhaus.org, > 62308 > (last logs repeating... infinite loop...) > > Expected behaviour: > * the process answers the action to take for this data, or at least fails > with understandable error. To reproduce this behaviour I've installed a local pdns-recursor listining on ::1 only and configured the system to use it as dns. Indeed, it runs into an infinite loop: 21:32:19 info: rbl_lookup: sending: 5.4.3.1.pbl.spamhaus.org, 13440 21:32:19 warning: rbl_lookup: timeout sending: 5.4.3.1.pbl.spamhaus.org 21:32:19 info: rbl_lookup: sending: 5.4.3.1.pbl.spamhaus.org, 13440 21:32:19 warning: rbl_lookup: timeout sending: 5.4.3.1.pbl.spamhaus.org 21:32:19 info: rbl_lookup: sending: 5.4.3.1.pbl.spamhaus.org, 13440 ... So, I can confirm your reported behaviour. > 2. with $USE_NET_DNS = 1; in conf: resolves fail each time. > =========================================================== > > The aim of setting this option was to avoid passing through the code that did > infinite loop. > > Reproduces step: > * configure system resolver(s) to be IPv6 addresses, > * launch policyd-weight with $DEBUG=1 and $USE_NET_DNS=1 > * test the dnsbl checks, for example by telneting the port and giving this > data, terminated with an empty line: > > request=smtpd_access_policy > protocol_state=RCPT > protocol_name=SMTP > helo_name=hello.example.com > client_address=1.3.4.5 > reverse_client_name=hello.example.com > sender=t...@domain.com > > Observed behaviour: > * the process answers: > action=PREPEND X-policyd-weight: passed - too many local DNS-errors in > bl.spamcop.net lookups > * the following logs are shown: > postfix/policyd-weight[16644]: child: spawned > postfix/policyd-weight[16644]: cache_query: ask 1.3.4.5 t...@domain.com > domain.com > postfix/policyd-weight[16644]: cache_query: "ask1.3.4.5t...@domain.com 0" vs > "ask1.3.4.5t...@domain.com " > postfix/policyd-weight[16644]: decided action=PREPEND X-policyd-weight: > passed - too many local DNS-errors in bl.spamcop.net lookups; <instance=> > <client=[1.3.4.5]> <helo=hello.example.com> <from=t...@domain.com> <to=>; > delay: 0s This behaviour is also up to the usage of the $res->force_v4(1) call. I've created a little patch to fix the mentioned problems due to the usage of NET::DNS and force_v4() and uploaded the package on mentors[1]. Could you please install the package and test if the problem is persists? Furthermore I've added libio-socket-inet6-perl to the recommends of policyd-weight. To make things easy I've uploaded the new .deb to my webserver: wget http://www.werner-detter.de/policyd-weight_0.1.15.2-6_all.deb Thank you, Werner Detter [1] http://mentors.debian.net/debian/pool/main/p/policyd-weight/policyd-weight_0.1.15.2-6.dsc -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
