MailScanner problem with perl-5.10.1

Mog lists at elasticmind.net
Mon Nov 9 12:53:08 UTC 2009


Hi all,

I need some help with this one please, MailScanner and Perl are really 
starting to tick me off :(

I upgraded MailScanner a little while along with a number of other 
ports, which unfortunately included a micro update to Perl. On FreeBSD 
it went from perl-5.10.0 to perl-5.10.1, and judging by the error 
messages in the maillog, it seems that the old taint mode problem has 
resurfaced. Basically these errors are shown in the maillog and 
MailScanner cannot run properly:

Could not use Custom Function code 
/usr/local/lib/MailScanner/MailScanner/CustomFunctions/SpamWhitelist.pm, 
it could not be "require"d. Make sure the last line is "1;" and the 
module is correct with perl -wc (Error: Insecure dependency in require 
while running with -T switch at 
/usr/local/lib/MailScanner/MailScanner/Config.pm line 754.

I'm seeing this same error message being shown for these files as well: 
MyExample.pm, DavidHooton.pm, LastSpam.pm, GenericSpamScanner.pm, 
CustomAction.pm, Ruleset-from-Function.pm and ZMRouterDirHash.pm.


 From what I understand, FreeBSD runs perl programs with the -T option 
(taint mode), which is basically some additional security check. If I'm 
reading this right, the additional security check (for some reason) 
seems to have a problem with 'eval { require $fullfile; };', the code 
used to require the CustomFunction modules MailScanner uses:

   $fullfile = "$dir/$filename";
   next unless -f $fullfile and -s $fullfile;
   eval { require $fullfile; };
   if ($@) {
     MailScanner::Log::WarnLog("Could not use Custom Function code %s, " .
                               "it could not be \"require\"d. Make sure " .
                               "the last line is \"1;\" and the module " .
                               "is correct with perl -wc (Error: %s)",
                               $fullfile, $@);
   }


I don't believe other OSs are having this problem, so it seems to be 
something FreeBSD specific. This has happened before following a Perl 
upgrade (I believe it was when we went from 5.8.8 to 5.8.9), but the 
solution to it at the time was to upgrade to 5.10.0, which made the 
problem go away.

Unfortunately, as we can see, upgrading from 5.10.0 to 5.10.1 has made 
the issue manifest itself again and I can't figure out what the hell is 
going wrong.

Does this make sense to anyone? Naturally I've reported this problem to 
the MailScanner people as well; but I think due to time constraints and 
because this isn't affecting other OSs, they don't seem to be able to 
offer much help at the moment.

Some people have said they have been able to get it to upgrade 
successfully using 5.10.1, but still a large number of people haven't 
(despite following the exact same upgrade procedure they did). Even when 
doing a fresh FreeBSD 7.2 install completely from scratch, it seems this 
problem still occurs - it just doesn't make sense.

Thank you in advance for your time and consideration.

Regards,
mog



More information about the freebsd-ports mailing list