Red Hat Bugzilla – Bug 894185
Logwatch does not handle "improper command pipelining after (NOOP|RSET)"
Last modified: 2014-01-30 04:21:24 EST
Description of problem: Logwatch does not handle "improper command pipelining after (NOOP|RSET)" as it is shipped right now with RHEL 6. Reproducing is easily possible, simply add "reject_unauth_pipelining" to "smtpd_recipient_restrictions" in main.cf and get a dumb spammer who didn't learn to behave according to SMTP RFCs. Version-Release number of selected component (if applicable): logwatch-7.3.6-49.el6.noarch How reproducible: Everytime, see above and below. Actual results: Logwatch does not handle "improper command pipelining after (NOOP|RSET)" Expected results: Logwatch should handle "improper command pipelining after (NOOP|RSET)" Additional info: According to logwatch upstream there seems to be a patch for this already: http://sourceforge.net/mailarchive/forum.php?forum_name=logwatch-devel&max_rows=25&style=nested&viewmonth=201009
Actually, we see NOOP/RSET/HELO in the wild currently, the patch covers them all - which is likely the best. Cross-filed case 00775789 in the Red Hat customer portal.
Created attachment 678237 [details] [Patch] handle "improper command pipelining" message correctly
Testing package: http://people.redhat.com/jsynacek/logwatch/logwatch-7.3.6-50.el6.noarch.rpm
Applying this package removes the patch from bug #799987 - which unfortunately still did not make it into any stable release yet.
The testing RPM fixes the initially described issue for me, however comment #5 applies for that testing package.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHBA-2013-1247.html