[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Mail loss!

On Tue, Feb 01, 2000 at 03:45:56PM -0500, Richard A Nelson wrote:
> Please, when editing files as important as /etc/hosts.(allow,deny), 
> utilize the supplied check routines... in this case: tcpdchk - it
> can save you some of these problems...

Except that tcpdchk always moans about the sendmail line anyway.

BTW here's one of the log lines (I hope these characters are transmitted as
is via email). There are lots of these:

Jan 31 20:25:10 tanja sendmail[893]: warning: /etc/hosts.allow, line 1: bad net/mask expression:

To me this looks like a bug.

> Mail doesn't just disappear...  check /var/log/mail.log, there *will* be a
> log of what sendmail did with it (even if decided to /dev/null the mail).

It said:

Jan 31 20:25:10 tanja sendmail[893]: tcpwrappers (localhost, rejection
Jan 31 20:25:11 tanja sendmail[875]: NOQUEUE: Null connection from localhost []

Note, that I do not say sendmail did nuke my mail but rather like to find
out which of the programs involved. If it was fetchmail then fetchmail has a
rather serious bug IMO.

> If tcpd reported no access to sendmail (as a result of the trailing newline
> being deleted), people would get:
>   550 5.0.0 Access denied 
> on any smtp command beyond the helo/ehlo and you will have something like 

So that means fetchmail got an error message?

> this in /var/log/mail.log:
>   Feb  1 15:25:43 badlands sendmail[5303]: e11KPhb05303: tcpwrappers (valhalla.lexington.ibm.com, rejection

Looks like my entry doesn't it?

> This is a *permanent* rejection, and should not be retried by upstream
> mailers...  fetchmail would be justified in flushing the messages.

I beg to disagree on this one. Justified to bounce the message yes, but not
to nuke it. Why not store it in as file?

> Since it is the connection that is refused, there isn't a bounce message
> generated... your buddies will probably never know their mail didn't arrive.

That's exactly my problem.

> Look, I'm sorry you apparently lost mail, but this is in no way the fault
> of the MTA...  You'll likely have exactly the same problem if the MTA of
> your choice is built with tcpd support.

I see. So I'm angry about fetchmail now. :-)

Richard, this is not about anger about one particular piece of software it
is about a IMO major flaw in one of the software pieces involved.

Michael Meskes                         | Go SF 49ers!
Th.-Heuss-Str. 61, D-41812 Erkelenz    | Go Rhein Fire!
Tel.: (+49) 2431/72651                 | Use Debian GNU/Linux!
Email: Michael@Fam-Meskes.De           | Use PostgreSQL!

Reply to: