[
https://issues.apache.org/jira/browse/JAMES-777?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12482677
]
Amichai Rothman commented on JAMES-777:
---------------------------------------
#1 and #2 imply that it is necessary to make this a separate, independent,
configuration option. Anything else will either be bad design (introducing
dependency where it shouldn't be), or an ugly workaround (#1) which cannot
guarantee the server functioning properly, and so is pointless. Having a server
*usually* working well is the mark of an unstable product, and should be
avoided altogether.
So we're left with #3, which is indeed an independent configuration option
which should properly solve the problem. Will this configuration currently
override the other two (I didn't see this in the code)?
> Race condition and randomness in configured hello name
> ------------------------------------------------------
>
> Key: JAMES-777
> URL: https://issues.apache.org/jira/browse/JAMES-777
> Project: James
> Issue Type: Bug
> Components: James Core, Remote Delivery, SMTPServer
> Affects Versions: 2.3.0
> Reporter: Amichai Rothman
>
> The RemoteDelivery mailet suffers from a race condition in determining the
> helo name to use in its SMTP sessions. If the SMTPServer happens to be fully
> initialized before RemoteDelivery is initialized, the helo name, which is set
> by the SMTPServer's initialization code as a mailet context attribute, is
> used correctly.
> However this is not guaranteed by the code, as a race condition can cause
> this attribute to be accessed by RemoteDelivery before SMTPServer initialized
> it. In this case, the default domain attribute is used instead. This
> attribute, in turn, is set randomly to whatever happens to be the first
> element of the iterator on the server names set. This is a HashSet so the
> iterator order is not well defined, and effectively this chooses a random
> entry in the servernames (plus IP addresses if autodetectIP is set to true in
> the configuration).
> To sum it up, the helo name used by RemoteDelivery is randomly selected as
> either the configured SMTP helo name, any of the configured servernames, or
> any of their IP addresses.
> note: the "TODO: CHANGE ME!!!" comment in RemoteDelivery.java appears to have
> predicted part of this problem (though the randomness of the default domain
> attribute may have consequences elsewhere).
> While this by itself may not sound too critical, it unfortunately can cause a
> DNS mismatch between the helo name (or address) and the actual server lookup,
> which many spam mechanisms consider enough for the server to be put it on a
> very popular spam blacklist, resulting in denial of service
> (spam-filter-wise) of the entire mail server.
> recommendation:
> 1. fix the default domain randomness (for example, taking the first form the
> server names list, in the order they appear in configuration, would give a
> consistent and backward compatible solution. The effects of the default
> domain attribute should be documented as well.
> 2. If possible, make a proper wait/notify mechanism for RemoteDelivery to
> start only when SMTPServer is fully initialized.
> 3. Otherwise, skip the race condition and/or heuristics and just give
> RemoteDelivery it's own explicit helo name configuration parameter.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
