Race condition and randomness in configured hello name
------------------------------------------------------
Key: JAMES-777
URL: https://issues.apache.org/jira/browse/JAMES-777
Project: James
Issue Type: Bug
Components: James Core, Remote Delivery, SMTPServer
Affects Versions: 2.3.0
Reporter: Amichai Rothman
The RemoteDelivery mailet suffers from a race condition in determining the helo
name to use in its SMTP sessions. If the SMTPServer happens to be fully
initialized before RemoteDelivery is initialized, the helo name, which is set
by the SMTPServer's initialization code as a mailet context attribute, is used
correctly.
However this is not guaranteed by the code, as a race condition can cause this
attribute to be accessed by RemoteDelivery before SMTPServer initialized it. In
this case, the default domain attribute is used instead. This attribute, in
turn, is set randomly to whatever happens to be the first element of the
iterator on the server names set. This is a HashSet so the iterator order is
not well defined, and effectively this chooses a random entry in the
servernames (plus IP addresses if autodetectIP is set to true in the
configuration).
To sum it up, the helo name used by RemoteDelivery is randomly selected as
either the configured SMTP helo name, any of the configured servernames, or any
of their IP addresses.
note: the "TODO: CHANGE ME!!!" comment in RemoteDelivery.java appears to have
predicted part of this problem (though the randomness of the default domain
attribute may have consequences elsewhere).
While this by itself may not sound too critical, it unfortunately can cause a
DNS mismatch between the helo name (or address) and the actual server lookup,
which many spam mechanisms consider enough for the server to be put it on a
very popular spam blacklist, resulting in denial of service (spam-filter-wise)
of the entire mail server.
recommendation:
1. fix the default domain randomness (for example, taking the first form the
server names list, in the order they appear in configuration, would give a
consistent and backward compatible solution. The effects of the default domain
attribute should be documented as well.
2. If possible, make a proper wait/notify mechanism for RemoteDelivery to start
only when SMTPServer is fully initialized.
3. Otherwise, skip the race condition and/or heuristics and just give
RemoteDelivery it's own explicit helo name configuration parameter.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
