Qmail-smtpd errors in messages log

kernel: qmail-smtpd[26976]: segfault at 000000010000000b rip 0000000000408ea0 rsp 0000007fbffffb18 error 6

I’m getting the following error in my /var/log/messages at lot. What would cause this to happen? Qmail seems to still be working fine.


It looks like the pbm of large header lines > 2GB

look at http://thedjbway.org/qmail/patches/qmail-1.03.smtpd-blast.patch

but it should be much better to open an interworx support ticket


Thanks Pascal!

I did put a ticket in and have put a link to this thread in my ticket. I guess a fix will be posted here as soon as its offical.

Also, something I found funny in that link Pascal:
“After this patch is applied and installed, qmail-smtpd will then be able to process single header lines of any length without failure.
(So maybe it would be better if qmail-smtpd did crash at some point…)”

So maybe the fix is do nothing :stuck_out_tongue:

I’d like to advertise that it might be others causes. Like smtp-auth module etc…

DO NOT APPLY any PATCH without any interworx staff advises

Also you may use STRACE to trace the smtpd pid job or use GDB


Haha, no worries there, I got my ticket in and I’m not doing anything until I get the offical word :smiley:

Never used strace before, guess its google time!:stuck_out_tongue:

I think Pascal had it right!!!

Doing a lot of looking at Strace and reading google finds I have come to a resolution on this and wanted to share it.

I believe I fall into the problem defined here (thanx Pascal): http://thedjbway.org/qmail/patches/qmail-1.03.smtpd-blast.patch
This is also discussed here: http://www-dt.e-technik.uni-dortmund.de/~ma/qmail-bugs.html

It bascially says that the long header “attack” is a bug in qmail, but if you run qmail in supervise mode with "/usr/local/bin/softlimit -m 2000000 " it prevents a DOS attack of burning through all the servers memory. If qmail-smtpd goes over said softlimit it crashes out. I think the problem can happen with 32 and 64 bit but is more apparent b/c on 64 bit b/c Qmail is written in “classic” C and when compiled with modern day tools the ints are still 32 bit while the pointers are 64 (I read that somewhere).

I am still getting the error but I dont think I want to patch it b/c these long header emails are most likely spam anyway so having the connect drop with a crashed smtp is fine with me. I have one domain on my box that gets spam emails constantly (every 5 mins or less in burst) and 99% of them are to fake address. bob@domain.com, jim@domain.com, etc. I believe it is these emails that are crashing the SMTPD and therefore I just dont care :slight_smile:

Any thoughts?

Well for me you right :slight_smile:

Justec at how much your softlimit is set ?


Old thread, but moved to a new server and using unialert.com (thanks pascal) I noticed my SMTP died for a couple hours in the middle of the night and then recovered.

I’ve also noticed a couple times in NodeWorx it would say its stopped and then would turn itself back on.

My softlimit is now set at 256000000 and wondering if I should lower this or raise it to prevent the SMTP from crashing.

Actually the alert showed this error as why it was down: “Socket timeout after 10 seconds”