On 2024/05/13 09:38:40 +0200, Philipp <[email protected]> wrote: > Hi > > Sorry, this mail was overseen.
Yeah, sorry. > [2022-08-30 13:23] "Tobias Fiebig" <[email protected]> > > I just started to see some DoS issue on my OpenSMTPd with table-mysql as > > the backend. Specifically, my server ran into the user lookup process > > eating a full core and torturing the mysql > > server after some funny brute-force attempts came in. (writeup with graphs > > here: > > https://doing-stupid-things.as59645.net/mail/opensmtpd/mysql/2022/08/30/receiving-an-email.html > > ) > > > > After some amateur debugging on my side, it seems like the issue occurs if > > the mysql table is latin1 (happens if following defaults and table-mysql > > man) and something is shipped to > > opensmtpd which does not cleanly cast to latin1 (i.e., is not plain ascii), > > as opensmtpd speaks UTF8 with mysql (again, my amateur analysis). > > I hope this doesn't sounds to harsh, but this sounds more like a configuration > issue on your MySQL database, ... (seconded) > > The query then fails/mysql kills the connection, and table-mysql retries > > the connection with the same data leading to mysql... you get the idea, and > > this then happens at 350+ queries/s. > > ..., but table-mysql (and table-postgres) should handle this better. completely agree. > > Would it make sense to have the db-table backends return a tempfailure (for > > lookups for domain/forward/deliver we'd probably not want to reject mail > > due to a DB failure) or error > > (auth etc.) if the same query fails like N (5 as default?) times in a row? > > A patch limit it to one retry is attached. I don't think it's necesary to > do more then one retry. At the moment one retry seems the most sensible to me too. (even if I think table_mysql should try to differentiate between failure codes.) philipp: in any case, I've applied your diff and then landed a tweak on top. your diff (except for one case) had an issue where it won't retry the query (reply_times is 1 but gets immediately decremented to zero at the start, so after the first goto retry it becomes -1 and fails) Thanks!
