auto-dbm mail storm filter?
Dale S. Johnson
Mon Mar 20 23:06:28 CET 1995
Help! We've been having an auto-dbm mail storm... We got a modification to a maintainer object (bizarre; below) which contained an upd-to: line specifying a non-existant address. The object was rejected for fairly mundane reasons; then the fun began. Sendmail attempted to send notification of the rejection to everyone on the upd-to list, but one of the recipients did not exist. Sendmail therefore could not deliver the notification message. Because it failed in delivering a message for user "auto-dbm" to the non-existant address, Sendmail tried to send a "auto-dbm" a message about this problem to user "auto-dbm". "auto-dbm" noticed the embedded maintainer object, and noticed that "<MAILER-DAEMON>" was not authorized to submit changes for that maintainer object, so it tried to notify all the addresses on the upd-to list, but one of them didn't exist, and so on and so on... until Cengiz noticed that the machine was acting slow and Laurent noticed that his mailbox was filling up with mail forwarded from postmaster at radb.ra.net, and Brian Renaud jumped in to fix it: > agrep '^Mar' errlog | grep 'email failure' | cut -c30-200 | sort | uniq -c | sort -rn > 8329 ilure "Mail Delivery Subsystem <MAILER-DAEMON>" !~ "kdugan at ibm.net" > 8329 ilure "Mail Delivery Subsystem <MAILER-DAEMON>" !~ "kdugan at cwi.net" > 8329 ilure "Mail Delivery Subsystem <MAILER-DAEMON>" !~ "joliveto at cwi.net" > 8329 ilure "Mail Delivery Subsystem <MAILER-DAEMON>" !~ "dnguyen at cwi.net" > 1618 ilure "sob at ns.sesqui.net" !~ "jian at rice.edu" > 1618 ilure "sob at ns.sesqui.net" !~ "cathyf at rice.edu" Question: RIPE software has been active a long time; it must have a solution to this bad-email-address causing loop problem. What is this solution? Is sendmail on ns.ripe.net configured to do something with error messages other than return them to the mailing ID's (such as auto-dbm)? Or is there some configuration in dbupdate somewhere that catches this kind of mail loop that we need to tweak? Has anyone solved this before? (Does anyone have instrumentation in place that would have alerted someone of this kind of problem?) --Dale ========================= > >>> MAIL ACK <<< > > To: Mail Delivery Subsystem <MAILER-DAEMON> > From: NSF Routing Arbiter Database Management <rradmin at ra.net> > Subject: Re: Returned mail: User unknown > Reply-To: rradmin at ra.net > Precedence: bulk > > Your e-mail: > > > From: Mail Delivery Subsystem <MAILER-DAEMON> > > Subject: Returned mail: User unknown > > Date: Mon, 20 Mar 1995 15:01:38 -0500 > > Msg-Id: <199503202001.PAA28941 at radb.ra.net> > > has been processed by the automatic update procedure at the NSF Routing > Arbiter. > Diagnostic output follows: > > ------------------------------------------------------------------------ > Update FAILED: [] > > content-type: message/rfc822 > *ERROR*: Unknown object type > > Update FAILED: [] > > received: (from auto-dbm at localhost) by radb.ra.net (8.6.10/8.6.9) id > PAA28939; Mon, 20 Mar 1995 15:01:37 -0500 > message-id: <199503202001.PAA28939 at radb.ra.net> > subject: Requested NSF Routing Arbiter database object changes > to: net-sec at dcb01a.cwi.net > reply-to: rradmin at radb.ra.net > from: NSF Routing Arbiter Database Maintainer Forwarding > <rradmin at radb.ra.net> > date: Mon, 20 Mar 1995 15:01:37 -0500 > return-path: auto-dbm > *ERROR*: Unknown object type > > Update FAILED: [mntner] MAINT-AS4445 > > mntner: MAINT-AS4445 > descr: Cable & Wireless, Inc. > descr: Internet Services > descr: People authorized to make changes for AS4445 > admin-c: JO106 > tech-c: KD84 > upd-to: kdugan at cwi.net > upd-to: dnguyen at cwi.net > upd-to: mds-noc at cwi.net > upd-to: net-sec at cwi.net > mnt-nfy: kdugan at cwi.net > mnt-nfy: dnguyen at cwi.net > auth: MAIL-FROM kdugan at cwi.net > auth: MAIL-FROM dnguyen at cwi.net > auth: MAIL-FROM joliveto at cwi.net > auth: MAIL-FROM kdugan at ibm.net > remarks: I desperately need to add autonomous system # 701 as the > priority > remarks: 1 routing AS for AS4445. The following route entry was created > remarks: by SprintLink on our behalf but does not take into account our > remarks: connectivity to UUNet via AS701. > remarks: Host: whois.ra.net Looking up 205.136.0 > remarks: route: 205.136.0.0/18 > remarks: descr: Cable & Wireless, Inc > remarks: descr: 8219 Leesburg Pike > remarks: descr: Vienna > remarks: descr: VA 22182, USA > remarks: origin: AS4445 > remarks: comm-list: COMM_NSFNET > remarks: advisory: AS690 1:1239(128) 2:1800 3:1239(144) > remarks: mnt-by: MAINT-AS4445 > remarks: changed: nsfnet-admin at merit.edu 950308 > remarks: source: PRDB > remarks: Could you please add AS 701 to the advisory list of 205.136.0/18 > remarks: in addition to adding this maintainer entry. I understand that > remarks: I should really be sending an additional form to effect this, > but > remarks: I don't believe that I can do this until this maintainer entry > is > remarks: in place and then waiting for another update cycle. I can be > remarks: reached at kdugan at ibm.net and at 703-760-3623. I've listed my > remarks: mail address at ibm.net because without SprintLink being fully > up > remarks: and without the change to the advisory list to include AS 701 I > remarks: can't be reached at cwi.net. I am the technical manager for > remarks: the Internet Services division of Cable & Wireless and my nic > handle > remarks: is KD84. Thanks. > notify: kdugan at cwi.net > notify: dnguyen at cwi.net > mnt-by: MAINT-AS4445 > changed: kdugan at ibm.net 950316 > source: RADB > *ERROR*: authorisation failed, request forwarded to maintainer > > Update FAILED: [mntner] MAINT-AS4445 > > mntner: MAINT-AS4445 > descr: Cable & Wireless, Inc. > descr: Internet Services > descr: People authorized to make changes for AS4445 > admin-c: JO106 > tech-c: KD84 > upd-to: kdugan at cwi.net > upd-to: dnguyen at cwi.net > upd-to: mds-noc at cwi.net > upd-to: net-sec at cwi.net > mnt-nfy: kdugan at cwi.net > mnt-nfy: dnguyen at cwi.net > auth: MAIL-FROM kdugan at cwi.net > auth: MAIL-FROM dnguyen at cwi.net > auth: MAIL-FROM joliveto at cwi.net > auth: MAIL-FROM kdugan at ibm.net > notify: kdugan at cwi.net > notify: dnguyen at cwi.net > mnt-by: MAINT-AS4445 > changed: kdugan at ibm.net 950316 > source: RADB > *ERROR*: authorisation failed, request forwarded to maintainer > > Update FAILED: [mntner] MAINT-AS4445 > > mntner: MAINT-AS4445 > descr: Cable & Wireless, Inc. > descr: Internet Services > descr: People authorized to make changes for AS4445 > admin-c: JO106 > tech-c: KD84 > upd-to: kdugan at cwi.net > upd-to: dnguyen at cwi.net > upd-to: mds-noc at cwi.net > upd-to: net-sec at cwi.net > mnt-nfy: kdugan at cwi.net > mnt-nfy: dnguyen at cwi.net > auth: MAIL-FROM kdugan at cwi.net > auth: MAIL-FROM dnguyen at cwi.net > auth: MAIL-FROM joliveto at cwi.net > auth: MAIL-FROM kdugan at ibm.net > remarks: I desperately need to add autonomous system # 701 as the > priority > remarks: 1 routing AS for AS4445. The following route entry was created > remarks: by SprintLink on our behalf but does not take into account our > remarks: connectivity to UUNet via AS701. > remarks: Host: whois.ra.net Looking up 205.136.0 > remarks: route: 205.136.0.0/18 > remarks: descr: Cable & Wireless, Inc > remarks: descr: 8219 Leesburg Pike > remarks: descr: Vienna > remarks: descr: VA 22182, USA > remarks: origin: AS4445 > remarks: comm-list: COMM_NSFNET > remarks: advisory: AS690 1:1239(128) 2:1800 3:1239(144) > remarks: mnt-by: MAINT-AS4445 > remarks: changed: nsfnet-admin at merit.edu 950308 > remarks: source: PRDB > remarks: Could you please add AS 701 to the advisory list of 205.136.0/18 > remarks: in addition to adding this maintainer entry. I understand that > remarks: I should really be sending an additional form to effect this, > but > remarks: I don't believe that I can do this until this maintainer entry > is > remarks: in place and then waiting for another update cycle. I can be > remarks: reached at kdugan at ibm.net and at 703-760-3623. I've listed my > remarks: mail address at ibm.net because without SprintLink being fully > up > remarks: and without the change to the advisory list to include AS 701 I > remarks: can't be reached at cwi.net. I am the technical manager for > remarks: the Internet Services division of Cable & Wireless and my nic > handle > remarks: is KD84. Thanks. > notify: kdugan at cwi.net > notify: dnguyen at cwi.net > mnt-by: MAINT-AS4445 > changed: kdugan at ibm.net 950316 > source: RADB > *ERROR*: authorisation failed, request forwarded to maintainer > > Update FAILED: [mntner] MAINT-AS4445 > > mntner: MAINT-AS4445 > descr: Cable & Wireless, Inc. > descr: Internet Services > descr: People authorized to make changes for AS4445 > admin-c: JO106 > tech-c: KD84 > upd-to: kdugan at cwi.net > upd-to: dnguyen at cwi.net > upd-to: mds-noc at cwi.net > upd-to: net-sec at cwi.net > mnt-nfy: kdugan at cwi.net > mnt-nfy: dnguyen at cwi.net > auth: MAIL-FROM kdugan at cwi.net > auth: MAIL-FROM dnguyen at cwi.net > auth: MAIL-FROM joliveto at cwi.net > auth: MAIL-FROM kdugan at ibm.net > notify: kdugan at cwi.net > notify: dnguyen at cwi.net > mnt-by: MAINT-AS4445 > changed: kdugan at ibm.net 950316 > source: RADB > *ERROR*: authorisation failed, request forwarded to maintainer > > > Objects that just generated a WARNING have been updated as shown. > > Objects that generated an *ERROR* have NOT been updated as requested. > Please re-submit corrected objects. > ------------------------------------------------------------------------ > If you have any question about an error or warning message, please > contact <rradmin at ra.net>. > > Sincerely Yours, > > -------- Logged at Mon Mar 20 23:57:26 MET 1995 ---------
[ rr-impl Archive ]