[Mimedefang] "Deep recursion on subroutine" in MIME::Parser - how to trace?

[Ole Craig]

On 01/16/04 at 09:44, 'twas brillig and Joseph Brennan scrobe:
> > Royce Williams wrote:
> >
> >> A problem cropped up for me this weekend.  I have slaves consistently
> >> dying
> >> with a "Deep recursion on subroutine" error in MIME::Parser:
> >
> > Silence from the list usually either means "you're clueless, buddy" or
> > "too weird/one-off/complex to bother with".  :)
> 
> 
> I've seen it when we action_bounce something to an address that
> sends it right back with what we bounced as an rfc822 part.  We
> then bounce it again since it still has whatever was objectionable.
> Each round adds another nested layer of rfc822 parts.  After a
> while it hits "Deep recursion".  I'm not sure we want to recurse
> deeper and keep the loop going.  Limits can be our friend.

	We had something similar happen here awhile back -- one of the
research group admins was procmail-looping all his mail from his
group's mailserver through our department mailserver (to get the
benefit of spamtags on mail that hadn't been delivered through us the
first time but had rather gone direct to his machine.) Of course, the
postmaster alias for his machine went to his account, which went to
our server... which was bouncing to postmaster of the relaying
machine. Sobig came in direct to his server, went to us, bounced on
the virus, went back to his server which copied to postmaster... which
went to his account, which procmailed to us, we bounced, his server
copied to postmaster and original sender (mailer-daemon -- him
again)... you get the picture. That fiasco brought his server to a
screaming halt and severely taxed ours.

	As a result, I added the following: 
[...]
  # this RE should match recipients to whom we'll accept content
  # including header-forging viruses.
  $SpecialRecips='postmaster@\w*.cs\.umass\.edu';

  # this RE should match the IP addresses of servers from which we'd
  # accept virus-laden mail to $SpecialRecips. (These two are here
  # essentially to prevent bounce cascades caused by
  # less-than-forethoughtful postmaster forwarding on research group
  # machines...)
  $OurServers='127\.0\.0\.|128\.119\.24[0-7]|128\.119\.40\.';
[...]
  sub filter ($$$$) {
[...]
  if ($VirusName =~ /$BounceVirus/o) {
   if ($RelayAddr =~ /$OurServers/o) {
    foreach $Recip (@Recipients) {
     if ($Recip =~/$SpecialRecips/o) {
      # don't bounce messages from our servers to postmaster.
      action_add_header('X-MIMEDefang-LoopBreaker','$RelayAddr');
      action_notify_administrator("Possible header-forging \
        virus accepted and quarantined from $RelayAddr, addressed \
        to:\n at Recipients\n---\n");
      return action_quarantine_entire_message("A possible \
	header-forging virus was discovered and quarantined 
	for postmaster inspection. Any information from the \
	virus scanner should follow:\n$VirusScannerMessages\n\n");
     }
    }
    # count it as a bounce even though we're not actually bouncing
    md_graphdefang_log('virusbounce',$VirusName, $RelayAddr);
    md_syslog("warning","Dropping virus $VirusName relayed by $RelayAddr");
    return action_discard;
   }
  md_graphdefang_log('virusbounce',$VirusName, $RelayAddr);
  return action_bounce("rejection: found virus $VirusName");;
 }


		Ole
-- 
Ole Craig * UNIX, linux, SMTP-ninja; news, web; SGI martyr * CS Computing
Facility, UMass * <www.cs.umass.edu/~olc/pgppubkey.txt> for public key
[...] Oh, shed thy mercy and thy grace / On those who venture into space.
			(R. A. Heinlein)