duplicate subject lines causing yahoo mail rejection
Kevin Miller
kevin.miller at juneau.org
Wed Nov 4 18:09:47 UTC 2015
What’s an “efa”?
I was having the same issue earlier this year. I don’t know if it was due to spaces in the subject, but we were getting rejects from yahoo due to multiple subjects injected by MailScanner.
The workaround (I hesitate to call it a solution) was posted by Scott Anderson on 2/23, subject “RE: DKIM and MailScanner Watermarking”:
Multiple Headers = append
Place New Headers At Top Of Message = yes
...Kevin
--
Kevin Miller
Network/email Administrator, CBJ MIS Dept.
155 South Seward Street
Juneau, Alaska 99801
Phone: (907) 586-0242, Fax: (907) 586-4500 Registered Linux User No: 307357
From: MailScanner [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Shawn Iverson
Sent: Wednesday, November 04, 2015 12:54 AM
To: MailScanner Discussion
Subject: Re: duplicate subject lines causing yahoo mail rejection
Since this is on an efa, I am going to test this against the latest mailscanner code and report back the results, just to confirm.
On Wed, Nov 4, 2015 at 2:35 AM, Paul D. Walker <pauldwalker at gmail.com<mailto:pauldwalker at gmail.com>> wrote:
I've found a bug in mailscanner I believe.
One of the users was having his mail rejected from yahoo with the following error
#5.0.0 smtp; 554 Message not allowed - Headers are not RFC compliant[291]> #SMTP#
I had to "solve" the problem by routing the mail directly, rather than through the efa server.
Digging deeper, I discovered that if your subject line as a space at the end, the mailscanner will duplicate the subject line without the trailing space.
Example: (you'll see the first duplicate subject between the X-SendingOrg-MailScanner-EFA-Watermark and X-SendingOrg-MailScanner-EFA-From headers)
CODE: SELECT ALL<https://forum.efa-project.org/viewtopic.php?f=13&t=1294>
Return-path: <pdwalker at sending_domain.com<mailto:pdwalker at sending_domain.com>>
Envelope-to: pdwalker at receiving_domain.com<mailto:pdwalker at receiving_domain.com>
Delivery-date: Wed, 04 Nov 2015 07:05:36 +0000
Received: from mailx.sending_domain.com<http://mailx.sending_domain.com> ([112.120.80.132])
by linode.receiving_domain.com<http://linode.receiving_domain.com> with esmtp (Exim 4.63)
(envelope-from <pdwalker at sending_domain.com<mailto:pdwalker at sending_domain.com>>)
id 1Zts8U-0008Rk-MC
for pdwalker at receiving_domain.com<mailto:pdwalker at receiving_domain.com>; Wed, 04 Nov 2015 07:05:36 +0000
X-Spam-Status: No
X-SendingOrg-MailScanner-EFA-Watermark: 1447225334.7874 at +F3UH5veY3iYSrMhwplUJw<mailto:1447225334.7874 at +F3UH5veY3iYSrMhwplUJw>
Subject: subject with a space at the end
X-SendingOrg-MailScanner-EFA-From: pdwalker at sending_domain.com<mailto:pdwalker at sending_domain.com>
X-SendingOrg-MailScanner-EFA-SpamCheck: not spam (whitelisted),
SpamAssassin (not cached, score=-9.999, required 4,
autolearn=not spam, ALL_TRUSTED -8.00, BAYES_00 -1.90,
DKIM_SIGNED 0.10, DKIM_VALID -0.10, DKIM_VALID_AU -0.10,
HTML_MESSAGE 0.00)
X-SendingOrg-MailScanner-EFA: Found to be clean
X-SendingOrg-MailScanner-EFA-ID: 96785180061.A1ACE
X-SendingOrg-MailScanner-EFA-Information: Please contact itsupport at sending_domain.com<mailto:itsupport at sending_domain.com> for more information
Received: from mailx.sending_domain.com<http://mailx.sending_domain.com> (csnwex003 [10.10.1.12])
(using TLSv1 with cipher RC4-MD5 (128/128 bits))
(No client certificate requested)
by mailx.sending_domain.com<http://mailx.sending_domain.com> (Postfix) with ESMTPS id 96785180061
for <pdwalker at receiving_domain.com<mailto:pdwalker at receiving_domain.com>>; Wed, 4 Nov 2015 15:02:13 +0800 (HKT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=sending_domain.com<http://sending_domain.com>;
s=default; t=1446620533;
bh=rZAo4KkiyZoz6WmTr617gCT5XCHpgJttbzJISCaSoHU=;
h=From:To:Date:Subject;
b=KmZ9nL0LgR6thtTQx1siLG6TJ8dBiIGXgO1caSLziC8OD4jR+9og+WTQ+g+oX5/SB
rf9ObNhJgOfWl4Xnw8qAZbRCwn80iT2NCd3JVt+OGdiXw9p1C+OU7DIOYbylNR+xXy
dudzWjqw5w/VFLsZaKbUnzX6fM+gOR566ngUaBDY=
Received: from CSNWEX003.sending_domain.local ([10.10.1.12]) by
CSNWEX003.sending_domain.local ([10.10.1.12]) with mapi; Wed, 4 Nov 2015
15:00:42 +0800
From: "Paul D. Walker" <pdwalker at sending_domain.com<mailto:pdwalker at sending_domain.com>>
To: "pdwalker at receiving_domain.com<mailto:pdwalker at receiving_domain.com>" <pdwalker at receiving_domain.com<mailto:pdwalker at receiving_domain.com>>
Date: Wed, 4 Nov 2015 15:02:10 +0800
Subject: subject with a space at the end
Thread-Topic: subject with a space at the end
Thread-Index: AdEWzoTrviBuMoqDR2+PoISGliMMww==
Message-ID: <D25FCE72.4CA02%pdwalker at sending_domain.com<mailto:D25FCE72.4CA02%25pdwalker at sending_domain.com>>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/14.5.7.151005
acceptlanguage: en-US
Content-Type: multipart/alternative;
boundary="_000_D25FCE724CA02pdwalkersending_domaincom_"
MIME-Version: 1.0
X-Spam-Score: -2.0 (--)
X-Spam-Report: Spam detection software, running on the system "linode.receiving_domain.com<http://linode.receiving_domain.com>", has
identified this incoming email as possible spam. The original message
has been attached to this so you can view it (if it isn't spam) or label
similar future email. If you have any questions, see
the administrator of that system for details.
Content preview: asdf sdfsd asdf sdfsd [...]
Content analysis details: (-2.0 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked.
See
http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block
for more information.
[URIs: sending_domain.com<http://sending_domain.com>]
-0.0 T_RP_MATCHES_RCVD Envelope sender domain matches handover relay
domain
-0.0 SPF_PASS SPF: sender matches SPF record
-1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1%
[score: 0.0000]
0.0 HTML_MESSAGE BODY: HTML included in message
-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's
domain
0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid
-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
--_000_D25FCE724CA02pdwalkersending_domaincom_
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
asdf sdfsd
--_000_D25FCE724CA02pdwalkersending_domaincom_
Content-Type: text/html; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
<html><head></head><body style=3D"word-wrap: break-word; -webkit-nbsp-mode:=
space; -webkit-line-break: after-white-space; color: rgb(0, 0, 0); font-si=
ze: 14px; font-family: Georgia, sans-serif;"><div>asdf sdfsd</div></body></=
html>
--_000_D25FCE724CA02pdwalkersending_domaincom_--
as opposed to this one (subject - no spaces at the end)
CODE: SELECT ALL<https://forum.efa-project.org/viewtopic.php?f=13&t=1294>
Return-path: <pdwalker at sending_domain.com<mailto:pdwalker at sending_domain.com>>
Envelope-to: pdwalker at receiving_domain.com<mailto:pdwalker at receiving_domain.com>
Delivery-date: Wed, 04 Nov 2015 07:21:06 +0000
Received: from mailz.forscientia.com<http://mailz.forscientia.com> ([223.255.133.202] helo=mailx.sending_domain.com<http://mailx.sending_domain.com>)
by linode.receiving_domain.com<http://linode.receiving_domain.com> with esmtp (Exim 4.63)
(envelope-from <pdwalker at sending_domain.com<mailto:pdwalker at sending_domain.com>>)
id 1ZtsNU-0008S0-AN
for pdwalker at receiving_domain.com<mailto:pdwalker at receiving_domain.com>; Wed, 04 Nov 2015 07:21:06 +0000
X-Spam-Status: No
X-SendingOrg-MailScanner-EFA-Watermark: 1447226265.54661 at f2Rtd1DFrwSsagFkybqXtg<mailto:1447226265.54661 at f2Rtd1DFrwSsagFkybqXtg>
X-SendingOrg-MailScanner-EFA-From: pdwalker at sending_domain.com<mailto:pdwalker at sending_domain.com>
X-SendingOrg-MailScanner-EFA-SpamCheck: not spam (whitelisted),
SpamAssassin (not cached, score=-7.133, required 4,
ALL_TRUSTED -8.00, BAYES_00 -1.90, DKIM_SIGNED 0.10,
DKIM_VALID -0.10, DKIM_VALID_AU -0.10, FSL_BULK_SIG 1.47,
HTML_MESSAGE 0.00, PYZOR_CHECK 1.39)
X-SendingOrg-MailScanner-EFA: Found to be clean
X-SendingOrg-MailScanner-EFA-ID: 1C6AE180061.A1B27
X-SendingOrg-MailScanner-EFA-Information: Please contact itsupport at sending_domain.com<mailto:itsupport at sending_domain.com> for more information
Received: from mailx.sending_domain.com<http://mailx.sending_domain.com> (csnwex003 [10.10.1.12])
(using TLSv1 with cipher RC4-MD5 (128/128 bits))
(No client certificate requested)
by mailx.sending_domain.com<http://mailx.sending_domain.com> (Postfix) with ESMTPS id 1C6AE180061
for <pdwalker at receiving_domain.com<mailto:pdwalker at receiving_domain.com>>; Wed, 4 Nov 2015 15:17:45 +0800 (HKT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=sending_domain.com<http://sending_domain.com>;
s=default; t=1446621465;
bh=ktlUCNmPPnUJzxghfWa5jBleOBUjJTy4TdfFySc0MRg=;
h=From:To:Date:Subject;
b=cLwIBLbizpCxexxc5B5zF97idtFt0yy8pxhH6SHfGJHHLdyu6jX6oEjV2bHxZlqTG
F67kksRjVZ2cPMEE44GUJxO7trMYdCxVGpSP3a1hHfqMthZhAsyxxDocImMGn4PoVZ
UcNpLJ0mcm0Fwjsry84HkqZF9ujsgz95IwUYnK/A=
Received: from CSNWEX003.sending_domain.local ([10.10.1.12]) by
CSNWEX003.sending_domain.local ([10.10.1.12]) with mapi; Wed, 4 Nov 2015
15:16:14 +0800
From: "Paul D. Walker" <pdwalker at sending_domain.com<mailto:pdwalker at sending_domain.com>>
To: "pdwalker at receiving_domain.com<mailto:pdwalker at receiving_domain.com>" <pdwalker at receiving_domain.com<mailto:pdwalker at receiving_domain.com>>
Date: Wed, 4 Nov 2015 15:17:42 +0800
Subject: no spaces at the end of the subject
Thread-Topic: no spaces at the end of the subject
Thread-Index: AdEW0LChkEXIm5NjTZeQCNbu4X6Szg==
Message-ID: <D25FD216.4CA05%pdwalker at sending_domain.com<mailto:D25FD216.4CA05%25pdwalker at sending_domain.com>>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/14.5.7.151005
acceptlanguage: en-US
Content-Type: multipart/alternative;
boundary="_000_D25FD2164CA05pdwalkersending_domaincom_"
MIME-Version: 1.0
X-Spam-Score: -2.0 (--)
X-Spam-Report: Spam detection software, running on the system "linode.receiving_domain.com<http://linode.receiving_domain.com>", has
identified this incoming email as possible spam. The original message
has been attached to this so you can view it (if it isn't spam) or label
similar future email. If you have any questions, see
the administrator of that system for details.
Content preview: test test [...]
Content analysis details: (-2.0 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
-0.0 SPF_PASS SPF: sender matches SPF record
0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked.
See
http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block
for more information.
[URIs: sending_domain.com<http://sending_domain.com>]
-1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1%
[score: 0.0000]
0.0 HTML_MESSAGE BODY: HTML included in message
-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's
domain
0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid
-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
--_000_D25FD2164CA05pdwalkersending_domaincom_
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
test
--_000_D25FD2164CA05pdwalkersending_domaincom_
Content-Type: text/html; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
<html><head></head><body style=3D"word-wrap: break-word; -webkit-nbsp-mode:=
space; -webkit-line-break: after-white-space; color: rgb(0, 0, 0); font-si=
ze: 14px; font-family: Georgia, sans-serif;"><div>test</div></body></html>
--_000_D25FD2164CA05pdwalkersending_domaincom_--
Any suggestions for solving this problem other than telling users never to add spaces at the end of the subject, or routing yahoo.com<http://yahoo.com> mail away from the mailscanner appliance?
:wq!
--
MailScanner mailing list
mailscanner at lists.mailscanner.info<mailto:mailscanner at lists.mailscanner.info>
http://lists.mailscanner.info/listinfo/mailscanner
--
Shawn Iverson
Director of Technology
Rush County Schools
765-932-3901 x271
iversons at rushville.k12.in.us<mailto:iversons at rushville.k12.in.us>
[https://docs.google.com/uc?export=download&id=0Bw5iD0ToYvs_UFV2VFdmNG1SaVE&revid=0Bw5iD0ToYvs_U3VaVlpuTFBtak9QZXVRL3FmRUd2d0laTkZRPQ]
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.mailscanner.info/pipermail/mailscanner/attachments/20151104/dbc5d27a/attachment.html>
More information about the MailScanner
mailing list