|
List Info
Thread: BAD-HEADER even though whitelisted
|
|
| BAD-HEADER even though whitelisted |
|
2006-12-07 14:56:06 |
Hi Guys and Gals,
We have a client who has an automated program sending out a
mailshot to
which they themselves receive a copy.
It would appear that the program is sending out a bad header
(they have
been using it for years) and thus being stopped by Maia.
They (and we) thought that if they added the sender address
to their
whitelist then it would stop maia from blocking it but it
didn't, it
instead just disappeared.
I have watched the logs while they send one and it shows the
following
output, but the mail does not show up in the Bad Header
section within
Maia, if they remove the whitelist entry it does!
Dec 7 14:29:46 mailscan sqlgrey: grey: from awl match:
updating
213.130.33(213.130.33.21),
shawfo shawforms.co.uk(shawfoshawforms.co.uk)
Dec 7 14:29:46 mailscan postfix/qmgr[22973]: 86DF543A75:
from=<shawfoshawforms.co.uk>, size=1429, nrcpt=1
(queue active)
Dec 7 14:29:46 mailscan amavis[10175]: (10175-06)
ESMTP::10024
/var/spool/amavis/tmp/amavis-20061207T142515-10175:
<shawfoshawforms.co.uk> -> <booksshaws.co.uk> Received: SIZE=1429 from
mailscan.host100.co.uk ([127.0.0.1]) by localhost
(mailscan.host100.co.uk [127.0.0.1]) (amavisd-new, port
10024) with
ESMTP id 10175-06 for <booksshaws.co.uk>; Thu, 7
Dec 2006 14:29:46
+0000 (GMT)
Dec 7 14:29:46 mailscan amavis[10175]: (10175-06) Checking:
<shawfoshawforms.co.uk> -> <booksshaws.co.uk>
Dec 7 14:29:46 mailscan amavis[10175]: (10175-06) wbl:
whitelisted
sender <shawfoshawforms.co.uk>
Dec 7 14:29:46 mailscan amavis[10175]: (10175-06) BAD
HEADER from
<shawfoshawforms.co.uk>: Non-encoded 8-bit data (char A3
hex) in
message header 'Subject': Subject: Book of the Month - Flood
Defence,
\24330.00\n
Dec 7 14:29:46 mailscan amavis[10175]: (10175-06) Blocked
BAD-HEADER,
[82.112.119.130] <shawfoshawforms.co.uk> ->
<booksshaws.co.uk>,
Message-ID: <200612071429.kB7ETiJO058616shawforms.co.uk>, Hits: -, 136
ms
Aside from turning off the Bad Header quarantine, how can we
let this
misbehaving programs email through?
Kind Regards
Mark Donne
Index eBusiness - Empowering business by providing IT
Solutions
T: 01276 673830
F: 01276 673849
E: mdonneindexeb.co.uk
W: www.indexeb.co.uk
This message has been scanned by the Trend Scanmail Service,
powered by
Index eBusiness.
For more information please visit http://www.indexeb.co.uk.
_______________________________________________
Maia-users mailing list
Maia-usersrenaissoft.com
http://www.renaissoft.com/mailman/listinfo/maia-users
|
|
| BAD-HEADER even though whitelisted |
|
2006-12-07 15:46:02 |
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Mark Donne wrote:
> They (and we) thought that if they added the sender
address to their
> whitelist then it would stop maia from blocking it but
it didn't, it
> instead just disappeared.
No, whitelisting only applies to the spam/non-spam decision,
not to any
of the other filters (e.g. viruses, banned file types, bad
headers).
There's a recent feature request ticket, however, asking for
the ability
to make whitelisting apply (optionally) to one or more of
the other
filters as well, so that's likely to become part of future
releases.
> Aside from turning off the Bad Header quarantine, how
can we let this
> misbehaving programs email through?
Well, in situations like this it's worth considering that
you can only
control /your/ end of the mail transaction, and that if
something about
this email smells suspicious to /your/ filters, chances are
good that
the filters at the /receiving/ end are going to be
suspicious as well.
In other words, the mail your client is trying to send is
going to trip
the "bad header" alarms on a lot of other mail
filters across the
Internet, including most sites using amavisd-new, so the
deliverability
of its mail is being hurt by those non-RFC-compliant headers
they're
using. Mail servers have no obligation whatsoever to accept
or relay
mail containing RFC-noncompliant headers, so in all
likelihood many of
your client's mailings are being silently discarded enroute
to their
destinations. The best solution for everyone involved is
for them to
correct the problem with their auto-mailing software, to get
it to write
RFC-compliant headers.
If you must accommodate their use of RFC-noncompliant
headers, then
disabling bad header filtering for the system-default (.) user
(for
outbound mail) and for any affected local recipients (for
inbound mail)
is the only current solution.
- --
Robert LeBlanc <rjlrenaissoft.com>
Renaissoft, Inc.
Maia Mailguard <http://www.maiamail
guard.com/>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFFeDc6GmqOER2NHewRApCkAJ9O2Qqmiqv8Phg0jUqVDQaAIEUjNQCg
lIHg
HrXBtbC0QzyvTk5L3qQmc7Y=
=WLxn
-----END PGP SIGNATURE-----
_______________________________________________
Maia-users mailing list
Maia-usersrenaissoft.com
http://www.renaissoft.com/mailman/listinfo/maia-users
|
|
| BAD-HEADER even though whitelisted |
|
2006-12-07 16:16:53 |
Robert LeBlanc wrote:
> Mark Donne wrote:
>
>> They (and we) thought that if they added the sender
address to their
>> whitelist then it would stop maia from blocking it
but it didn't, it
>> instead just disappeared.
>>
>
> No, whitelisting only applies to the spam/non-spam
decision, not to any
> of the other filters (e.g. viruses, banned file types,
bad headers).
> There's a recent feature request ticket, however,
asking for the ability
> to make whitelisting apply (optionally) to one or more
of the other
> filters as well, so that's likely to become part of
future releases.
>
>
>
>> Aside from turning off the Bad Header quarantine,
how can we let this
>> misbehaving programs email through?
>>
Here is another vote for this option to make it into the
mainline code.
We're havinig this problem also. We've tried working with
the email
sender to see what client they're using. It's a custom
coded website.
Unfortunately we must receive these emails because they are
about bid
requests for work that we do.
The big problem I have though is that the mails do not
appear in the bad
header quarantine either. (other emails are making it to
the bad
header quarantine.)
Bryan
_______________________________________________
Maia-users mailing list
Maia-usersrenaissoft.com
http://www.renaissoft.com/mailman/listinfo/maia-users
|
|
| BAD-HEADER even though whitelisted |
|
2006-12-07 16:20:39 |
Bryan Ragon wrote:
> Robert LeBlanc wrote:
>
>> Mark Donne wrote:
>>
>>
>>> They (and we) thought that if they added the
sender address to their
>>> whitelist then it would stop maia from blocking
it but it didn't, it
>>> instead just disappeared.
>>>
>>>
>> No, whitelisting only applies to the spam/non-spam
decision, not to any
>> of the other filters (e.g. viruses, banned file
types, bad headers).
>> There's a recent feature request ticket, however,
asking for the ability
>> to make whitelisting apply (optionally) to one or
more of the other
>> filters as well, so that's likely to become part of
future releases.
>>
>>
>>
>>
>>> Aside from turning off the Bad Header
quarantine, how can we let this
>>> misbehaving programs email through?
>>>
>>>
> Here is another vote for this option to make it into
the mainline code.
> We're havinig this problem also. We've tried working
with the email
> sender to see what client they're using. It's a custom
coded website.
> Unfortunately we must receive these emails because they
are about bid
> requests for work that we do.
>
> The big problem I have though is that the mails do not
appear in the bad
> header quarantine either. (other emails are making it
to the bad
> header quarantine.)
>
> Bryan
> _______________________________________________
> Maia-users mailing list
> Maia-usersrenaissoft.com
> http://www.renaissoft.com/mailman/listinfo/maia-users
>
I just experienced this earlier this week. The message go
into a black
hole when bad-header is set to quarantine and the address is
whitelisted.. This is surely not the desired behavior.
-Blake
_______________________________________________
Maia-users mailing list
Maia-usersrenaissoft.com
http://www.renaissoft.com/mailman/listinfo/maia-users
|
|
| BAD-HEADER even though whitelisted |
|
2006-12-07 16:44:15 |
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Blake Hudson wrote:
> I just experienced this earlier this week. The message
go into a black
> hole when bad-header is set to quarantine and the
address is
> whitelisted.. This is surely not the desired behavior.
Ah, I see what you're saying now. Yes, that's neither the
intended nor
desired behaviour. If it's got bad headers, nothing else
should matter.
We'll open up a bug ticket for this, but chances are the
issue will get
resolved all at once with the feature enhancement ticket.
- --
Robert LeBlanc <rjlrenaissoft.com>
Renaissoft, Inc.
Maia Mailguard <http://www.maiamail
guard.com/>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFFeETfGmqOER2NHewRAqYwAJ9Fm981DIO0j625CmurdAh8F6JWaACe
I0Aw
T4RIZErYGi2FEQb+qk+NTPM=
=1MVx
-----END PGP SIGNATURE-----
_______________________________________________
Maia-users mailing list
Maia-usersrenaissoft.com
http://www.renaissoft.com/mailman/listinfo/maia-users
|
|
| BAD-HEADER even though whitelisted |
|
2006-12-19 21:09:35 |
Robert LeBlanc wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Blake Hudson wrote:
>
>
>> I just experienced this earlier this week. The
message go into a black
>> hole when bad-header is set to quarantine and the
address is
>> whitelisted.. This is surely not the desired
behavior.
>>
>
> Ah, I see what you're saying now. Yes, that's neither
the intended nor
> desired behaviour. If it's got bad headers, nothing
else should matter.
> We'll open up a bug ticket for this, but chances are
the issue will get
> resolved all at once with the feature enhancement
ticket.
>
I have had to turn off bad header checking in order for us
to receive
this emails. Hopefully with the next version whitelisting
will work to
the point where I can re-enable them.
However, I have managed to capture (using tcpdump) the SMTP
conversation
of the emails in question. Unfortunately I'm not enough of
a MIME
expert to diagnose what about these emails make them have
"bed
headers." Likewise the maia logs do not give very
specific
information. I was hoping to be able to precisely determine
why they
are being blocked and to help the sender of these emails fix
his
automated sender. Is there anyone I could send this SMTP
conversation
to and see if they can find anything I'm missing? (Off list
obviously).
Also, what ticket is supposed to fix this? I tried
searching but was
unable to find it.
Thanks again!
Bryan
_______________________________________________
Maia-users mailing list
Maia-usersrenaissoft.com
http://www.renaissoft.com/mailman/listinfo/maia-users
|
|
[1-6]
|
|