Tokio Kikuchi wrote: > ToDigest.send_digests() can block regular delivery. We put the > send_digests() calling part in a try/except clause and leave a message > in the error log if something happened in send_digests(). Daily call of > cron/senddigests will provide more detail to the site administrator.
I noticed this may lead to yet another DoS for digest delivery. The malicious (non-compliant MIME) message may cause other digest deliveries to stop as long as the malicious message remains in the digest.mbox file. I created a patch for this situation and uploaded in the patch area of SF: http://sourceforge.net/tracker/index.php?func=detail&aid=1556858&group_id=103&atid=300103 I think I will commit in the Release-2.1-maint branch and include in the 2.1.9 final release. I appreciate anyone can review the patch. At this point of writing, I should note 2.1.9(rc1) has no known vulnerablities by which this patch is required. -- Tokio Kikuchi tkikuchi@ is.kochi-u.ac.jp http://weather.is.kochi-u.ac.jp/ _______________________________________________ Mailman-Developers mailing list Mailman-Developers@python.org http://mail.python.org/mailman/listinfo/mailman-developers Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py Searchable Archives: http://www.mail-archive.com/mailman-developers%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-developers/archive%40jab.org Security Policy: http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp
