Package: ucspi-tcp
Version: 0.88-9
Severity: important
Tags: patch
I rate this bug as Important, but if Paul does set a wildcard on
maps.vix.com as discussed then it could quickly escalate.
Paul Vix writes in http://www.merit.edu/mail.archives/nanog/msg04505.html,
"maps.vix.com has been gone since 1999 or so. mail-abuse.org is the
new thing. i've tried just about everything to get traffic toward the
old domain name to stop... right now there's a DNAME but it made no real
difference ...
"once upon a time, someone more insane than myself wanted to
close an RBL and did so by replacing it with a wildcard entry. we all
hated that since it caused a lot of mail to bounce. (all mail that
would otherwise have been received by that RBL's subscribers, in fact.)
it did however have the effect of causing the subscribers to reconfigure
their mailers to stop querying the now-dead RBL in question. ..."
Stock rblsmtpd from ucspi-tcp uses maps.vix.com if the user doesn't
specify any other RBLs. It's not clear to me how many people that
actually affects, but it seems quite a serious drawback in the package.
URL for Charles Cabazon's patch for this issue is
http://pyropus.ca/software/misc/rblsmtpd-nodefaultrbl.patch
which applies OK to the Debian package with a small fuzz. I'll attach
it to the bug anyway.
If we apply this fix, nobody will notice any change regardless of what
Paul does, since maps.vix.com has probably been dead for longer than
some of its users have been online.
If we don't, some Debian users could lose email when Paul runs out of
other options, as I expect he will do quite soon. After the last couple
of years, you won't catch me publishing an RBL under a domain I still
want to use myself :-/
Nick
-- System Information:
Debian Release: 4.0
APT prefers testing
APT policy: (800, 'testing'), (60, 'stable'), (3, 'unstable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18.20070119.0-k7-njl
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Versions of packages ucspi-tcp depends on:
ii libc6 2.3.6.ds1-10 GNU C Library: Shared libraries
ucspi-tcp recommends no packages.
-- no debconf information
diff -ur ucspi-tcp-0.88.orig/rblsmtpd.c ucspi-tcp-0.88/rblsmtpd.c
--- ucspi-tcp-0.88.orig/rblsmtpd.c Thu Jan 16 14:33:56 2003
+++ ucspi-tcp-0.88/rblsmtpd.c Thu Jan 16 14:38:17 2003
@@ -155,7 +155,6 @@
main(int argc,char **argv,char **envp)
{
- int flagwantdefaultrbl = 1;
char *x;
int opt;
@@ -182,7 +181,7 @@
case 'c': flagfailclosed = 1; break;
case 'C': flagfailclosed = 0; break;
case 't': scan_ulong(optarg,&timeout); break;
- case 'r': rbl(optarg); flagwantdefaultrbl = 0; break;
+ case 'r': rbl(optarg); break;
case 'a': antirbl(optarg); break;
default: usage();
}
@@ -190,7 +189,6 @@
argv += optind;
if (!*argv) usage();
- if (flagwantdefaultrbl) rbl("rbl.maps.vix.com");
if (decision >= 2) rblsmtpd();
pathexec_run(*argv,argv,envp);
