Le jeudi 03 février 2011 à 01:31 +0100, Mark Martinec a écrit :
> David,
>
> > On ubuntu 10.10 we encounter now this error since some perl lib updates
>
> Which version or amavisd? Do you happen to know which perl modules
> were updated?
>
> > amavis claim Feb 1 14:37:25 rez14 amavis[29857]: (29857-04) (!)custom
> > checks error: Insecure dependency in connect while running with -T
> > switch at /usr/lib/perl/5.10/IO/Socket.pm line 114
>
> What is that custom hook doing (a method checks() in custom hooks).
>
> > How can we fix it ?
> >
> > in this file we have this
> >
> > # cat -n /usr/lib/perl/5.10/IO/Socket.pm|grep 114
> > 114 if (!connect($sock, $addr)) {
>
> Probably the $addr is tainted. Where does it come from?
> If you know it is safe to use (do some test before, just in case),
> you may untaint it by calling Amavis::Util::untaint, e.g.:
>
> if (!connect($sock, Amavis::Util::untaint($addr))) {
>
>
> Mark
>
> ------------------------------------------------------------------------------
> Special Offer-- Download ArcSight Logger for FREE (a $49 USD value)!
> Finally, a world-class log management solution at an even better price-free!
> Download using promo code Free_Logger_4_Dev2Dev. Offer expires
> February 28th, so secure your free ArcSight Logger TODAY!
> http://p.sf.net/sfu/arcsight-sfd2d
> _______________________________________________
> AMaViS-user mailing list
> AMaViS-user@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/amavis-user
> Please visit http://www.ijs.si/software/amavisd/ regularly
> For administrativa requests please send email to rainer at openantivirus dot
> org
>
Many thanks to answer to my mail Mark
This is the details on the code.
I have created a custom hook that parse the last received server IP and
pass it trough GEOIP
It seems that error is occurred when the scriptt check GeOIP address...
Could help me on this
this custom hook will request GeoIP perl library has follow
sub checks {
my($self,$conn,$msginfo) = @_;
my($client_ip) = $msginfo->client_addr;
my($tempdir) = $msginfo->mail_tempdir;
my $recipient_domain;
my($received)=$msginfo->get_header_field_body('received');
my $last_recived=tests_from_received($received);
($country_name,$region_name,$city)=ScanGeoIP($last_recived);
}
sub tests_from_received($) {
my($received) = @_;
my($fields_ref) = parse_received($received);
my($ip); local($1);
for (grep {defined} (@$fields_ref{qw(from-tcp from from-com)})) {
if (/ \[ (\d{1,3} (?: \. \d{1,3}){3}) (?: \. \d{4,5} )? \] /x) {
$ip = $1; last;
} elsif (/\[ [^\]]* : [^\]]* \]/x && # triage, must contain a colon
/\[ ( (?: IPv6: )? [0-9a-f]{0,4}
(?: : [0-9a-f]{0,4} | \. [0-9]{1,3} ){2,9} ) \]/xi) {
$ip = $1; last;
} elsif (/ (?: ^ | \D ) ( \d{1,3} (?: \. \d{1,3}){3}) (?!
[0-9.] ) /x) {
$ip = $1; last;
}
}
!defined($ip) ? undef : $ip; # undef need not be tainted
return $ip;
}
sub ScanGeoIP($){
my ($last_recived)=@_;
my $country_name="undefined";
my $region_name="undefined";
my $city="undefined";
if(-e "/usr/local/share/GeoIP/GeoLiteCity.dat"){
my $gi = Geo::IP->open("/usr/local/share/GeoIP/GeoLiteCity.dat",
GEOIP_STANDARD);
my $record = $gi->record_by_addr($last_recived);
$country_name=$record->country_name if $record;
$region_name=$record->region_name if $record;
$city=$record->city if $record;
}else{
do_log(0, "%s artica-plugin: GeoIP, unable to
stat /usr/local/share/GeoIP/GeoLiteCity.dat",$message_id);
}
return ($country_name,$region_name,$city);
}
--
------------------------------------------------------------------------------
Special Offer-- Download ArcSight Logger for FREE (a $49 USD value)!
Finally, a world-class log management solution at an even better price-free!
Download using promo code Free_Logger_4_Dev2Dev. Offer expires
February 28th, so secure your free ArcSight Logger TODAY!
http://p.sf.net/sfu/arcsight-sfd2d
_______________________________________________
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
Please visit http://www.ijs.si/software/amavisd/ regularly
For administrativa requests please send email to rainer at openantivirus dot
org
