The known problems with Dan Bernstein's qmail

You've come to this page as a result of a question similar to the following:

What are the known problems with Dan Bernstein's qmail?

This is the Frequently Given Answer to that question.

As of version 1.03, there are various problems with qmail:

None of these problems are security problems. You won't be able to claim a reward by reporting them. qmail may be doing the wrong things, but it isn't exposing a security vulnerability as a result.

The failure to build when using modern versions of GNU's C library

Stock qmail fails to build (with an error at the link stage complaining about an undefined reference to the symbol errno) when using modern versions of GNU's C library. This is because it contains a programming error that was pointed out and described in detail back in July 2001. It assumes something that has never been true for Standard C, even at its inception in 1989. Heretofore, qmail has only built successfully because Unix and Linux C implementations accidentally happen to work the way that it needs them to. But now, they do not.

This programming error is prevalent throughout all of Dan Bernstein's softwares. The same bug occurs in djbdns and in daemontools, for example.

Mate Weirdl has published patches that correct this error for many of Dan Bernstein's softwares, including qmail, on his FTP site.

shantanu has completed the job, and published a set of patches for correcting this error in all of Dan Bernstein's softwares, on his web site.

Some of these patches are incorporated into netqmail 1.04.

The incorrect semantics for the -f option that are provided by the sendmail shim

The sendmail shim that comes as part of qmail does not correctly implement the -f option.

According to the manual page for the sendmail command that is part of the Sendmail package itself, the -f option to that command sets both the envelope sender mailbox and the default content for the From: header (for if none is explicitly supplied).

However, with the sendmail shim that comes as part of qmail, the -f option only sets the envelope sender mailbox. It does not affect the default for the From: header. Using -f causes the shim to invoke qmail-inject with its own (semantically different) -f option, but does not cause the MAILHOST and MAILUSER environment variables to be set as well.

The result is that if one's MUA

then the From: header will be different according to which MTA is being used, Sendmail or qmail. When qmail is the MTA, the From: header will be obtained from environment variables; whereas when Sendmail is the MTA the From: header will be what the MUA specified via the -f option.

David Phillips' patch fixes this problem.

This patch is incorporated into netqmail 1.04.

qmail-local may behave erroneously with certain .qmail files

If a .qmail file contains just the right pattern of whitespace, specifically having its first line be composed entirely of TAB characters, the qmail-local process that is parsing it will end up corrupting its own memory, with arbitrary consequences. This is because of a coding error in a while loop that fails to detect an array bounds violation.

Erik Sjölund's patch fixes this problem.

This patch is incorporated into netqmail 1.04.

qmail-remote and qmail-smtpd do not recognize 0.0.0.0 as a local IP address

qmail-remote and qmail-smtpd do not recognize 0.0.0.0 as a local IP address.

In the case of qmail-smtpd, this means that envelope sender and recipient mailboxes of the form local@[0.0.0.0] are not transformed using control/localiphost.

In the case of qmail-remote, this means that if the following criteria are satisfied:

then outbound mail addressed to mailboxes in the third party domain will loop endlessly, with qmail-remote delivering it back to the SMTP Relay service on the local machine. qmail-remote has code to recognize this possibility and prevent it from occurring if the SMTP Relay server IP address published by the third party is the actual address of one of the network interfaces of the machine. However, that code does not account for the fact that on non-OpenBSD systems, the address 0.0.0.0 will also connect to one of the local machine's network interfaces.

Scott Gifford's patch fixes this problem, by forcing 0.0.0.0 to always be recognized as local.

This patch is incorporated into netqmail 1.04.

Alternatively, you can use his other patch instead, which forces 0.0.0.0 to always be be recognized as local and also adds extra machinery to support explicitly specifying with files in control/ what IP addresses are local to the machine.


© Copyright 2003 Jonathan de Boyne Pollard. "Moral" rights asserted.
Permission is hereby granted to copy and to distribute this web page in its original, unmodified form as long as its last modification datestamp is preserved.