[Django] #21271: Django's usage of smtplib.SMTP should have a timeout
Django
-----------------------------+--------------------------
Reporter: edevil | Owner: nobody
Type: Bug | Status: new
Component: Core (Mail) | Version: 1.5
Severity: Normal | Keywords: smtp timeout
Triage Stage: Unreviewed | Has patch: 0
Easy pickings: 0 | UI/UX: 0
-----------------------------+--------------------------
When EmailBackend initializes SMTP objects it does not provide a timeout,
and the default timeout is object() (no timeout). It would be sensible to
provide some configurable timeout.
I've got bitten by this when using the AdminEmailHandler. My database went
down, a lot of exceptions were generated and Django was trying to send
emails. The SMTP server started not responding and the requests started
blocking, until all my workers were used up. By then Django stopped
serving requests. Basically, I was DoSed by my own SMTP server.
--
Ticket URL: <https://code.djangoproject.com/ticket/21271>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
Django
Reporter: edevil | Owner: nobody
Type: Bug | Status: new
Component: Core (Mail) | Version: 1.5
Keywords: smtp timeout | Triage Stage: Unreviewed
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 1 | UI/UX: 0
------------------------------+--------------------------------------
Changes (by edevil):
* needs_docs: => 0
* has_patch: 0 => 1
* needs_tests: => 0
* easy: 0 => 1
* needs_better_patch: => 0
Comment:
Sent pull request https://github.com/django/django/pull/1752.
--
Ticket URL: <https://code.djangoproject.com/ticket/21271#comment:1>
Django
Reporter: edevil | Owner: nobody
Type: Cleanup/optimization | Status: new
Component: Core (Mail) | Version: 1.5
Keywords: smtp timeout | Triage Stage: Accepted
Has patch: 1 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 1 | UI/UX: 0
Changes (by claudep):
* type: Bug => Cleanup/optimization
* stage: Unreviewed => Accepted
--
Ticket URL: <https://code.djangoproject.com/ticket/21271#comment:2>
Django
Reporter: edevil | Owner: nobody
Type: Cleanup/optimization | Status: new
Component: Core (Mail) | Version: 1.5
Keywords: smtp timeout | Triage Stage: Accepted
Has patch: 1 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 1 | UI/UX: 0
--------------------------------------+------------------------------------
Comment (by susan):
This looks like an interesting ticket! The PR is currently missing tests.
So, I'll work on writing up tests in a new PR.
--
Ticket URL: <https://code.djangoproject.com/ticket/21271#comment:3>
Django
Reporter: edevil | Owner: nobody
Type: Cleanup/optimization | Status: new
Component: Core (Mail) | Version: 1.5
Keywords: smtp timeout | Triage Stage: Accepted
Has patch: 1 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 1 | UI/UX: 0
--------------------------------------+------------------------------------
* cc: susan.tan.fleckerl@… (added)
--
Ticket URL: <https://code.djangoproject.com/ticket/21271#comment:4>
Django
Reporter: edevil | Owner: nobody
Type: Cleanup/optimization | Status: new
Component: Core (Mail) | Version: 1.5
Keywords: smtp timeout | Triage Stage: Accepted
Has patch: 1 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 1 | UI/UX: 0
--------------------------------------+------------------------------------
Comment (by edevil):
Can't you use the global_setting in assertEqual(), so that the value isn't
hardcoded?
As for the backend, currently send_messages() already skips close() when
_send() throws an exception. But in the case of timeouts, smtplib
automatically closes the underlying connection.
--
Ticket URL: <https://code.djangoproject.com/ticket/21271#comment:5>
Django
Reporter: edevil | Owner: nobody
Type: Cleanup/optimization | Status: new
Component: Core (Mail) | Version: 1.5
Keywords: smtp timeout | Triage Stage: Accepted
Has patch: 1 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 1 | UI/UX: 0
--------------------------------------+------------------------------------
Comment (by edevil):
Any news on this? There is a patch available with tests.
--
Ticket URL: <https://code.djangoproject.com/ticket/21271#comment:6>
Django
Reporter: edevil | Owner: nobody
Type: Cleanup/optimization | Status: new
Component: Core (Mail) | Version: 1.5
Keywords: smtp timeout | Triage Stage: Accepted
Has patch: 1 | Needs documentation: 0
Easy pickings: 1 | UI/UX: 0
--------------------------------------+------------------------------------
* needs_better_patch: 0 => 1
Comment:
The patch needs improvement per the comments on the pull request.
--
Ticket URL: <https://code.djangoproject.com/ticket/21271#comment:7>
Django
Reporter: edevil | Owner: nobody
Type: Cleanup/optimization | Status: new
Component: Core (Mail) | Version: 1.5
Keywords: smtp timeout | Triage Stage: Accepted
Has patch: 1 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 1
Easy pickings: 1 | UI/UX: 0
--------------------------------------+------------------------------------
Comment (by Claude Paroz <claude@…>):
In [changeset:"3afde36d03e2b3b5ff5a265af39d8fb27afa8959"]:
{{{
#!CommitTicketReference repository=""
revision="3afde36d03e2b3b5ff5a265af39d8fb27afa8959"
Undelete the login() call inadvertantly removed in 4e0a2fe59c
Refs #21271.
}}}
--
Ticket URL: <https://code.djangoproject.com/ticket/21271#comment:8>
Django
Reporter: edevil | Owner: nobody
Type: Cleanup/optimization | Status: closed
Component: Core (Mail) | Version: 1.5
Keywords: smtp timeout | Triage Stage: Accepted
Has patch: 1 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 1
Easy pickings: 1 | UI/UX: 0
--------------------------------------+------------------------------------
* status: new => closed
* resolution: => fixed
Comment:
In 4e0a2fe59c8b9c32c2f3111474354356474128a8:
Fixed #21271 -- Added timeout parameter to SMTP EmailBackend.
Thanks Tobias McNulty and Tim Graham for discussions and code review.
Thanks Andre Cruz the suggestion and initial patch.
--
Ticket URL: <https://code.djangoproject.com/ticket/21271#comment:9>
Django
Reporter: edevil | Owner: nobody
Type: Cleanup/optimization | Status: closed
Component: Core (Mail) | Version: 1.5
Keywords: smtp timeout | Triage Stage: Accepted
Has patch: 1 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 1
Easy pickings: 1 | UI/UX: 0
--------------------------------------+------------------------------------
Comment (by anonymous):
Any chance of this fix landing in 1.6?
--
Ticket URL: <https://code.djangoproject.com/ticket/21271#comment:10>
Django
Reporter: edevil | Owner: nobody
Type: Cleanup/optimization | Status: closed
Component: Core (Mail) | Version: 1.5
Keywords: smtp timeout | Triage Stage: Accepted
Has patch: 1 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 1
Easy pickings: 1 | UI/UX: 0
--------------------------------------+------------------------------------
Comment (by timo):
No, now that 1.6 has been released, it'll only receive critical bug fixes.
See https://docs.djangoproject.com/en/dev/internals/release-process
/#supported-versions for details.
--
Ticket URL: <https://code.djangoproject.com/ticket/21271#comment:11>