我使用postfix和courier和mysql进行身份validation。
最近我有一些分段错误,导致sasl deamon崩溃。 看来,这与我的邮件服务器上的字典攻击有关。 在日志文件中,我得到了saslauthd的段错误
segfault at 0 ip 00007fe3107a3d8e sp 00007ffc2b007de8 error 4 in libc-2.19.so 2.1.26.dfsg1-13+deb8u1 2.11.3-1 saslauthd conf:
START=yes DESC="SASL Authentication Daemon" NAME="saslauthd" MECHANISMS="pam" MECH_OPTIONS="" THREADS=5 OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd -r"
后缀main.cf
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU) biff = no append_dot_mydomain = no readme_directory = no smtpd_tls_cert_file = /root/ssl/startssl/server.crt smtpd_tls_CAfile = /root/ssl/startssl/startssl-ca-bundle.pem smtpd_tls_key_file = /root/ssl/startssl/server.key smtpd_use_tls=yes smtpd_tls_received_header = yes smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache smtpd_tls_session_cache_timeout = 3600s smtpd_tls_loglevel = 3 tls_random_source = dev:/dev/urandom myhostname = ... mydestination = localhost, localhost.localdomain alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases myorigin = /etc/mailname relayhost = mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 mailbox_size_limit = 0 recipient_delimiter = + inet_interfaces = all inet_protocols = ipv4 #smtpd smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination smtpd_sasl_authenticated_header = yes smtpd_sasl_auth_enable = yes broken_sasl_auth_clients = yes # virtual virtual_alias_domains = virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, mysql:/etc/postfix/mysql-virtual_email2email.cf virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf virtual_mailbox_base = /home/vmail virtual_uid_maps = static:5000 virtual_gid_maps = static:5000 transport_maps = proxy:mysql:/etc/postfix/mysql-virtual_transports.cf proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps # spam/virus content_filter = amavis:[127.0.0.1]:10024 receive_override_options = no_address_mappings message_size_limit = 52428800 virtual_mailbox_limit = 102400000
任何build议,以阻止saslauthd崩溃?
随意发布有关我的postfix conf文件的其他build议/问题..
当你看到一个segfault进程停止时,debugging它们的最好方法是启用core转储。 然后你可以使用gdb来打印堆栈跟踪,并精确地看到程序崩溃的地方。
由于glibc最近有一个安全漏洞,我将首先升级glibc并重启机器。 请参阅: CVE-2015-7547