[Mailman-Users] mail from GioMBG fresh installation of mailman but Internal Server Error (only on edit some users) remain!

2007-06-26 Thread Gio MBG Canepa root 
Hi  Mark!
---| Here the apache error Log: |---
[Tue Jun 26 17:03:00 2007] [error] [client 127.0.0.1] ModSecurity: Access 
denied with code 500 (phase 1). Pattern match .(?:c(?:o(?:nf(?:ig)?|m)|
s(?:proj|r)?|dx|er|fg|md)|p(?:rinter|ass|db|ol|wd)|v(?:b(?:proj|s)?|sdisco)|
a(?:s(?:ax?|cx)|xd)|s(?:html?|ql|tm|ys)|d(?:bf?|at|ll|os)|i(?:d[acq]|n[ci])|
ba(?:[kt]|ckup)|res(?:ources|x)|l(?:icx|nk|og)|w{,5}~|webinfo|ht[rw]|
xs ... at REQUEST_BASENAME. [id 960035] [msg URL file extension is 
restricted by policy] [severity CRITICAL] [hostname home.9records.com] 
[uri /mailman/options/mailman/alexkenji--at--alexkenji.com] 
[unique_id bOj5IH8AAAEAAA6QRT4B]
---| end httpd error log |---
These logs are generated in /var/log/httpd/error_log by trying access here:
http://home.9records.com/mailman/options/mailman/alexkenji--at--alexkenji.com

PLUS I can write that I've removed all mailman and after I have reinstalled 
but...
I HAVE THE SAME PROBLEM! Very strangerous!
i have succesfull added the users and (for example) like in the old mailman 
installation If I go here:
http://home.9records.com/mailman/options/mailman/alkemy--at--mbg.it
I can edit the user alkemy AT mbg.it
but if I go here:
http://home.9records.com/mailman/options/mailman/alexkenji--at--alexkenji.com
I receive an INTERNAL SERVER ERROR!

See on the start of this message to see the httpd error_log

is possible that depend from cgi?
if yes what I can control?
waht I can do?
many Thanks
GioMBG

Gio MBG Canepa root wrote:
I have a strange error only when I attempt to modify some configurations on 
some mailman users... I can explane better:
If I go here:
http://home.9records.com/mailman/options/mailman/alkemy--at--mbg.it
I can edit the user alkemy AT mbg.it
but if I go here:
http://home.9records.com/mailman/options/mailman/alexkenji--at--alexkenji.com
I receive an INTERNAL SERVER ERROR!
NB] The alkexkenji user esist and is active like the first user alkemy!
I have this error when I click on the link of the user and at the same the 
user have the same kind of error when attemp to modify Yours mailman 
configuration by self... 

There is some corrupt data or other problem associated with the
alexkenji--at--alexkenji.com user.

I still think this is correct, but

There will be detailed error information in Mailman's 'error' log for
these errors. This is the information we need to diagnose this problem.

I misunderstood the error (I was thinking it was Mailman's 'we hit a
bug' message, but it's not). There may or may not be anything in
Mailman's error log about this. I still think it's likely, but not
guaranteed.

There will also probably be something in the apache error_log. It may
or may not be more informative than premature end of script headers.
-- 
Mark Sapiro msapiro at value.net   The highway is for gamblers,
San Francisco Bay Area, Californiabetter use your sense - B. Dylan
--
Mailman-Users mailing list
Mailman-Users@python.org
http://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
http://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Security Policy: 
http://www.python.org/cgi-bin/faqw-mm.py?req=showamp;file=faq01.027.htp

Re: [Mailman-Users] mail from GioMBG fresh installation of mailman but Internal Server Error (only on edit some users) remain!

2007-06-26 Thread Jeffrey Goldberg 

[mailed and posted]

On Jun 26, 2007, at 10:10 AM, Gio MBG Canepa root wrote:


Hi  Mark!
---| Here the apache error Log: |---
[Tue Jun 26 17:03:00 2007] [error] [client 127.0.0.1] ModSecurity:  
Access
denied with code 500 (phase 1). Pattern match .(?:c(?:o(?:nf 
(?:ig)?|m)|
s(?:proj|r)?|dx|er|fg|md)|p(?:rinter|ass|db|ol|wd)|v(?:b(?:proj|s)?| 
sdisco)|
a(?:s(?:ax?|cx)|xd)|s(?:html?|ql|tm|ys)|d(?:bf?|at|ll|os)|i(?:d 
[acq]|n[ci])|
ba(?:[kt]|ckup)|res(?:ources|x)|l(?:icx|nk|og)|w{,5}~|webinfo|ht 
[rw]|

xs ... at REQUEST_BASENAME. [id 960035] [msg URL file extension is
restricted by policy] [severity CRITICAL] [hostname home. 
9records.com]

[uri /mailman/options/mailman/alexkenji--at--alexkenji.com]


That answers the question.  Your apache add-on of mod_security is not  
allowing access to any URI ending with .com.


You may wish to disable mod_security for the mailman directory.  I  
don't know how to do that, having never used mod_security (which  
isn't part of the normal apache distribution).


Looking at the documentation at

  http://www.modsecurity.org/documentation/modsecurity-apache/2.1.0/ 
html-multipage/03-configuration-directives.html


it looks like setting

  SecRuleEngine off

within the appropriate Location or VirtualHost  of your apache
configuration should solve the problem.

But keep in mind that this is the first time I've ever looked at  
mod_security, so don't put a great deal of trust in my suggestion.


-j



--
Jeffrey Goldberghttp://www.goldmark.org/jeff/

--
Mailman-Users mailing list
Mailman-Users@python.org
http://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
http://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Security Policy: 
http://www.python.org/cgi-bin/faqw-mm.py?req=showamp;file=faq01.027.htp