Bug 208262 - contrib/dma unusable on freebsd.org cluster due to non-canonification of local addresses
Summary: contrib/dma unusable on freebsd.org cluster due to non-canonification of loca...
Status: New
Alias: None
Product: Base System
Classification: Unclassified
Component: bin (show other bugs)
Version: CURRENT
Hardware: Any Any
: --- Affects Some People
Assignee: Baptiste Daroussin
URL: https://github.com/corecode/dma/commi...
Keywords:
Depends on:
Blocks: 208263
  Show dependency treegraph
 
Reported: 2016-03-24 18:04 UTC by Peter Wemm
Modified: 2018-09-05 20:44 UTC (History)
2 users (show)

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Peter Wemm freebsd_committer freebsd_triage 2016-03-24 18:04:20 UTC
We have encountered show-stopper bugs in the freebsd.org cluster when trying to use dma as a drop-in sendmail replacement.

When cron generates email and feeds it to /usr/sbin/sendmail, sendmail qualifies the addresses according to the configured hostname/domainname/masquerade.    Instead, DMA leaks this onto the internet:

Received: from mx1.freebsd.org (mx1.FreeBSD.org [8.8.178.115])
	by hub.freebsd.org (Postfix) with ESMTP id 99157E1E
	for <clusteradm@freebsd.org>; Mon,  7 Jan 2013 15:40:10 +0000 (UTC)
	(envelope-from root@freebsd.org)
Received: from halo.freebsd.org (halo.freebsd.org [IPv6:2001:1900:2254:2064::16:7])
	by mx1.freebsd.org (Postfix) with ESMTP id 758A719D
	for <clusteradm@freebsd.org>; Mon,  7 Jan 2013 15:40:10 +0000 (UTC)
Received: from root (uid 0)
	(envelope-from root@freebsd.org)
	id 4b
	by halo.freebsd.org (DragonFly Mail Agent v0.7);
	Mon, 07 Jan 2013 15:40:10 +0000
From: root (Cron Daemon)
^^^^^^^^^^^^^^^^^
To: clusteradm@freebsd.org
Subject: Cron <root@halo> /usr/bin/lockf -s -t 0 /var/run/clusteradm.lock /etc/clusteradm/update.sh
X-Cron-Env: <MAILTO=clusteradm@freebsd.org>
X-Cron-Env: <SHELL=/bin/sh>
X-Cron-Env: <HOME=/root>
X-Cron-Env: <PATH=/usr/bin:/bin>
X-Cron-Env: <LOGNAME=root>
X-Cron-Env: <USER=root>
Date: Mon, 07 Jan 2013 15:40:10 +0000
Message-Id: <50eaec5a.4b.55f5d33f@halo.freebsd.org>

As per RFC 2822:

RFC2822:

from            =       "From:" mailbox-list CRLF
mailbox-list    =       (mailbox *("," mailbox)) / obs-mbox-list
mailbox         =       name-addr / addr-spec
addr-spec       =       local-part "@" domain
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Or there's the angle focus route via name-addr:
name-addr       =       [display-name] angle-addr
angle-addr      =       [CFWS] "<" addr-spec ">" [CFWS] / obs-angle-addr

Either way, "From: root" shouldn't be leaking onto the internet without canonification.  "From:" grammar always terminates in 'local-part "@" domain'.  

It's more than just cron that depends on this qualification behavior but that's the one we hit first on the freebsd.org cluster that aborted the experiment.  There was another base system tool (my memory says "mail(1)" but I don't think that is correct) and a bunch of user scripts that execed sendmail directly.

The interface to /usr/sbin/sendmail is traditionally special.  /usr/sbin/sendmail was a generic message router, anything from UUCP to RFC822 internet.  Canonification rules varied by context. eg: UUCP had "host!user" as canonical, vs RFC822's "user@domain".  /usr/sbin/sendmail is the source of truth for how a local name should be qualified/canonified before leaving the machine and dma isn't doing it.

Without this, dma isn't a sufficient drop-in replacement for /usr/sbin/sendmail.
Comment 1 Mark Felder freebsd_committer 2016-03-24 20:21:02 UTC
This upstream bug may be relevant

https://github.com/corecode/dma/issues/21
Comment 2 Ed Maste freebsd_committer 2016-10-20 19:20:51 UTC
as bapt@ reports, presumably fixed by https://github.com/corecode/dma/commit/0ecb0ebe635681a9cf97591af89f8a8ffb367fee
Comment 3 Ed Maste freebsd_committer 2018-09-05 20:44:31 UTC
bapt this is done now?