Hi all,
2013-07-29
fixed in assp 2.3.4 build 13210:
- the 'BEAST' attack mitigation was not working for the WEB ports, even if
the SSL config was right
- This version tries to solve (workaround) the old problem, where multiple
equal connections or mails processed by different
threads on different CPU cores at the same time using MySQL database
tables for the main hashes and lists
causing a hard death exception in Perl.
ASSP now uses a short time shared cache to prevent such conditions.
There is a new hidden config variable
our $DBCacheMaxAge = 3; # (number > 0) database maximum
cache age in seconds
There is a small but (IMHO) acceptable disadvantage using this caching
methode. If the MySQL database is synchronized
or shared between multiple assp installations and the same 'equal
conditions' are related to different installations
(primary + secondary MX for example), it could be possible, that the
database records are not synchron for a short
time. For example, the PBBlack value could be too less on one
installation.
- it was possible that a DoS attack against the SSL WEB-port or the SSL
SMTP-listener caused stucking workers,
hanging assp or 100% CPU usage
- disable and enable 'useDB4IntCache' again caused a unwanted reset of the
STATS values
- the Griplist is no longer tied using the old 'orderedtie' mechanism
(which is too slow) if 'useDB4griplist'
is disabled - instead the Giplist is shared in memory
- the Lingua::Stem::Snowball module caused exceptions 'realloc(): invalid
old size: 0x0000000014ca1a10 ***' on
some 64Bit Perl installations
- if a local domain was defined in 'whitelistedDomains', mails were
unwanted whitelisted - in case such a configuration is
not supported, assp now writes an error message to the log, if such a
condition is detected and whitelisting is prevented
Thomas
DISCLAIMER:
*******************************************************
This email and any files transmitted with it may be confidential, legally
privileged and protected in law and are intended solely for the use of the
individual to whom it is addressed.
This email was multiple times scanned for viruses. There should be no
known virus in this email!
*******************************************************
------------------------------------------------------------------------------
Get your SQL database under version control now!
Version control is standard for application code, but databases havent
caught up. So what steps can you take to put your SQL databases under
version control? Why should you start doing it? Read more to find out.
http://pubads.g.doubleclick.net/gampad/clk?id=49501711&iu=/4140/ostg.clktrk
_______________________________________________
Assp-test mailing list
Assp-test@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-test
