Systems Engineer Sr – Automation – Opsware SAS / HP SA Next Step Systems US-TX-Houston Post A Job | Post A Resume

SAUCE (paranoid anti-spam mailserver) 0.7.15, 0.8.1 BETA

Introduction

I am pleased to announce a new public BETA release of GNU SAUCE, version 0.8.1. This contains new features, bugfixes, and some changes to the default settings and policies (to cope with new spam patterns).

However, I also regret to inform you that there is moderately serious time-dependent bug in GNU SAUCE before 0.7.16. All users are encouraged to upgrade, either to the bugfix release 0.7.16, or to the newer version 0.8.1, or to apply the immediate remedy below. Please read the information below about the time-dependent bug.

0.7.16 and 0.8.1 are not currently available via ftp ftp.gnu.org, but they are available via my own server at http://www.chiark.greenend.org.uk/~ian/sauce/ http://www.chiark.greenend.org.uk/~ian/sauce/ftp/ along with more information about SAUCE, including details of the mailing lists, CVS repository, and of course the distribution files.

Debian users should be able to acquire the current version of SAUCE (0.8.1) from the Debian unstable distribution shortly, and can use usual Debian support channels.

Changes in 0.8.1

Bugfixes:

• site-annoy database expires properly (NB you must clean it when you upgrade!)
• Fix descriptor leak in ic msg_checkeof.
• More sensible debug.log entries for firewall commands.
• Display ipchains/iptables commands in debug.log.

New features:

• Support Linux 2.4 iptables.
• Sobig.F shibboleth implemented (taboo_virus_hack, default=off).
• New X-SAUCE-Notice header informs receiving user of anger towards sending site.
• busyfury_firewall has new value `immed' meaning firewall for every `421 too busy' or `421 excessive concurrency', not just when maximally furious.
• New `errok-' policy option for stopping SAUCE from getting too upset with .forward-upstreams and mailing list hosts. Untested yet.
• Stalling pure-teergrube server for over-aggressive callers.
• Reinvoking thread_typedefine made safe: doesn't reset id counter. (Means you can patch the running SAUCE more easily.)

Changes to autoblacklisting:

• blmessage.text split into blmessage-site.text and -addr.text.
• blmessage.text updated from chiark (no unblacklist policy).
• Update blacklist timeouts. (2mth/2mth -> 7d/12mth)

MD5 checksums

Time-dependent bug

SAUCE maintains a database known as `site-annoy', in which it records its current `opinion' about calling IP addresses. This information is used for various purposes, including capacity reservation and teergrube. Each site's entry is supposed to be kept for a certain length of time and then to expire.

All previous versions of SAUCE have had a bug which means that the expiry time was calculated incorrectly. The expiry time is converted from an elapsed interval in seconds to an absolute time as a time_t, by adding the current time - however, buggy versions of SAUCE perform this calculation twice.

This has two effects:

Firstly, entries created before some time around the 10th of January 2004 (or all entries on 64-bit machines) have a ridiculously large expiry time. This is a performance and disk space problem (the site-annoy decay algorithm means that the very old data is not acted on erroneously).

Secondly, entries created (on 32-bit machines) after approximately the 10th of January 2004 expire immediately (since on the 10th of January time_t reached 0x40000000, so that 2*time_t overflows a signed integer). This effectively lobotomises SAUCE, so that it forgets which sites are `friendly' and which `hostile'.

I recommend correcting the bug, and I also recommend cleaning the site-annoy database to remove the overly-persistent entries. Depending on your circumstances, the following routes may be followed for a fix:

1. Debian users: Download the replacement 0.7.16 .deb package (or 0.8.1) and install it with dpkg -i. (Alternatively, Debian users can take one of the approaches below.) The package (or a derivative) may go into the next update of Debian stable, but this is not certain.
2. Install new version:
   1. Download the 0.7.16 or 0.8.1 source, or fetch and apply the 0.7.14-0.7.16 patch.
   2. Build the new version (`make').
   3. Stop SAUCE.
   4. make install
   5. Either run /usr/local/share/sauce/clean-site-annoy, or delete /var/lib/sauce/db-site.annoy.* [1]
   6. Restart SAUCE.
3. Minimal fix by hand:
   1. Stop SAUCE.
   2. Apply the patch below to the installed /usr/local/share/sauce/smtp.
   3. Delete /var/lib/sauce/db-site.annoy.* [1]
   4. Restart SAUCE.

[1] Cleaning the site-annoy database can be postponed. You can either

run the supplied cleaning script, which deletes only entries with implausible expiry times, or you can delete the whole database (which is fairly harmless, and in any case no worse than the effects of the bug). But, you must not mess with the site-annoy database while SAUCE is running, or it will probably undo your changes.

Patch

The following patch fixes the actual problem, and can be applied to the source code smtp.tcl, or to the installed file (usually /usr/local/share/sauce/smtp).

 diff -u -u -r1.14 -r1.14.2.1

  smtp.tcl   15 Jun 2003 15:46:40 -0000      1.14
 +++ smtp.tcl   14 Jan 2004 22:56:33 -0000      1.14.2.1
 @@ -274,7 +274,7 @@

      if {$cv < -$annoy_love_max} { set cv -$annoy_love_max }
      ds_set site-annoy $ra 

             [string map {{ } a - m} [list $now $cv]] 

    [expr {$now + 3*$annoy_halflife}]
 +          [expr {3*$annoy_halflife}]

      if {$cv <= -$annoy_love_max/2 && $cv <= -($annoy_grumpy+$annoy_actout_max)} {

         set irritamt Ecstatic
      } elseif {$cv <= 0} {

This is not the complete diff between 0.7.14 and 0.7.16. 0.7.16 also contains the clean-site-annoy script, Debian packaging to invoke it, plus of course new-release administrivia.