Exim
使用 AUTH LOGIN 的 Exim4 段錯誤
每當我使用 AUTH LOGIN 身份驗證時,我的 exim4 vis 在發送電子郵件時都會導致段錯誤。但是,使用 AUTH PLAIN 發送電子郵件就像一個魅力。兩種身份驗證方法都連接到 Dovecot 身份驗證器。
Exim4 資訊:
Exim version 4.92 #3 built 09-Sep-2021 16:25:33 Copyright (c) University of Cambridge, 1995 - 2018 (c) The Exim Maintainers and contributors in ACKNOWLEDGMENTS file, 2007 - 2018 Berkeley DB: Berkeley DB 5.3.28: (September 9, 2013) Support for: crypteq iconv() IPv6 PAM Perl Expand_dlfunc GnuTLS move_frozen_messages Content_Scanning DANE DKIM DNSSEC Event OCSP PRDR PROXY SOCKS SPF TCP_Fast_Open Experimental_ARC Experimental_DCC Experimental_DMARC Experimental_DSN_info Lookups (built-in): lsearch wildlsearch nwildlsearch iplsearch cdb dbm dbmjz dbmnz dnsdb dsearch ldap ldapdn ldapm mysql nis nis0 passwd pgsql sqlite Authenticators: cram_md5 cyrus_sasl dovecot plaintext spa tls Routers: accept dnslookup ipliteral iplookup manualroute queryprogram redirect Transports: appendfile/maildir/mailstore/mbx autoreply lmtp pipe smtp Malware: f-protd f-prot6d drweb fsecure sophie clamd avast sock cmdline Fixed never_users: 0 Configure owner: 0:0 Size of off_t: 8 Configuration file search path is /etc/exim4/exim4.conf:/var/lib/exim4/config.autogenerated Configuration file is /var/lib/exim4/config.autogenerated這是段錯誤消息:
Sep 13 12:57:36 tornavacas kernel: exim4[12679]: segfault at 0 ip 00007fdd2d854206 sp 00007ffe23909ac8 error 4 in libc-2.28.so[7fdd2d7de000+148000] Sep 13 12:57:36 tornavacas kernel: Code: 0f 1f 40 00 66 0f ef c0 66 0f ef c9 66 0f ef d2 66 0f ef db 48 89 f8 48 89 f9 48 81 e1 ff 0f 00 00 48 81 f9 cf 0f 00 00 77 6a <f3> 0f 6f 20 66 0f 74 e0 66 0f d7 d4 85 d2 74 04 0f bc c2 c3 48 83這是 strace 輸出的最後幾行:
[pid 16595] munmap(0x7f5e7f800000, 2097152) = 0 [pid 16595] munmap(0x7f5e7df65000, 331776) = 0 [pid 16595] munmap(0x7f5e7fb1a000, 135168) = 0 [pid 16595] exit_group(1) = ? [pid 16595] +++ exited with 1 +++ [pid 16592] <... wait4 resumed> [{WIFEXITED(s) && WEXITSTATUS(s) == 1}], 0, NULL) = 16595 [pid 16592] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=16595, si_uid=106, si_status=1, si_utime=2, si_stime=1} --- [pid 16592] alarm(0) = 30 [pid 16592] rt_sigaction(SIGCHLD, {sa_handler=SIG_IGN, sa_mask=[CHLD], sa_flags=SA_RESTORER|SA_RESTART, sa_restorer=0x7f5c6ba6b840}, {sa_handler=SIG_DFL, sa_mask=[CHLD], sa_flags=SA_RESTORER|SA_RESTART, sa_restorer=0x7f5c6ba6b840}, 8) = 0 [pid 16592] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} --- [pid 16592] +++ killed by SIGSEGV +++ <... select resumed> ) = ? ERESTARTNOHAND (To be restarted if no handler) --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=16592, si_uid=106, si_status=SIGSEGV, si_utime=0, si_stime=1} --- rt_sigaction(SIGCHLD, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f5c6bc07730}, NULL, 8) = 0 rt_sigreturn({mask=[]}) = -1 EINTR (Interrupted system call) wait4(-1, [{WIFSIGNALED(s) && WTERMSIG(s) == SIGSEGV}], WNOHANG, NULL) = 16592 wait4(-1, 0x7fff60755674, WNOHANG, NULL) = -1 ECHILD (No child processes) rt_sigaction(SIGCHLD, {sa_handler=0x55cf02123500, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f5c6bc07730}, NULL, 8) = 0 select(11, [3 4 5 6 7 8 9 10], NULL, NULL, NULL這是我重現問題的方式:
#!/usr/bin/expect set timeout 30 proc abort {} { exit 2 } spawn nc tornavacas.domain.com 587 expect default abort "220 " send "EHLO mypc\r" expect default abort "\n250 " send "AUTH LOGIN\r" expect default abort "\n334 " send "ZGlzZ3Vpc2VkQGRvbWFpbi5jb20=\r" expect default abort "\n334 " send "cGFzc3dvcmQ=\r" send "MAIL FROM:disguised@domain.com\r" expect default abort "\n250 " send "RCPT TO:disguised@domain.com\r" expect default abort "\n250 " send "DATA\r" expect default abort "\n354 " send "Subject: Mensaje de prueba de Microsoft Outlook\r" send "\r" send "This is a multipart message in MIME format.\r" send ".\r" expect default abort "\n250 " send "QUIT\r"執行此腳本時,我得到以下輸出:
../.. DATA 354 Enter message, ending with "." on a line by itself Subject: Mensaje de prueba de Microsoft Outlook This is a multipart message in MIME format. .儘管如此,如果我使用 AUTH PLAIN 發送相同的消息,它會起作用:
#!/usr/bin/expect set timeout 30 proc abort {} { exit 2 } spawn nc tornavacas.domain.com 587 expect default abort "220 " send "EHLO mypc\r" expect default abort "\n250 " send "AUTH PLAIN AGRpc2d1aXNlZEBkb21haW4uY29tAHBhc3N3b3Jk\r" expect default abort "\n235 " send "MAIL FROM:disguised@domain.com\r" expect default abort "\n250 " send "RCPT TO:disguised@domain.com\r" expect default abort "\n250 " send "DATA\r" expect default abort "\n354 " send "Subject: Mensaje de prueba de Microsoft Outlook\r" send "\r" send "This is a multipart message in MIME format.\r" send ".\r" expect default abort "\n250 " send "QUIT\r"上述命令的輸出是這樣的:
DATA 354 Enter message, ending with "." on a line by itself Subject: Mensaje de prueba de Microsoft Outlook This is a multipart message in MIME format. . 250 OK id=1mPk9v-0004O2-Bp如您所見,現在電子郵件伺服器使用 250 程式碼回复,而之前它完全沒有回复,因為它死了。
問題是身份驗證在這兩種情況下都有效,但是當使用者使用 LOGIN 方法而不是 PLAIN 方法對自己進行身份驗證時,情況會發生變化。
我想支持這兩種方法。您對使用 AUTH LOGIN 後可能導致段錯誤的原因有任何想法嗎?
更新
我一直在調查更多,我發現問題的原因在 check_data ACL 中,特別是在以下程式碼段中:
warn add_header = :at_start: ${authresults {$primary_hostname}}從理論上講,該行應該只在電子郵件中添加帶有 authresults 擴展項的標題。但是,在註釋掉它時,段錯誤並沒有發生,而如果警告指令處於活動狀態,它就會發生。
溫暖的問候,
我發現問題的原因在 check_data ACL 中,特別是在以下程式碼段中:
警告 add_header = :at_start: ${authresults {$primary_hostname}}
從理論上講,該行應該只在電子郵件中添加帶有 authresults 擴展項的標題。但是,在註釋掉它時,段錯誤並沒有發生,而如果警告指令處於活動狀態,它就會發生。