Outbound Email Message Data is Being Re-written (Not Message Header)
in [Postfix]
|
Prev: Postfix (Ubuntu 9.10 x64) said: 421 4.4.1 Connection timed out (inreply to end of DATA command)
Next: different user levels receiving and sending
From: wiskbroom on 28 May 2010 10:24 Hello; I have an outsourced IM archival system, data from IM sessions are sent to this system for archive via email. We select an IM message for un-archival, which is then emailed to us. The problem I am having is that even prior to arrival at the IM archiving vendor, my IM message has already had its DATA munged by our outbound server, whereby our outbound SMTP relay has appended our domain to an IM screen-name. In other words, the DATA within the IM message is being read as a message HEADER, and the "To" field within the IM message is being re-written and appended with my own domain. As you can see from my capture below, "screen-name" is within the message DATA, yet when arriving at the archive site, has already been re-written to be "screen-name(a)my.example.com". My deliminator in my main.cf is :, and needed that way for my AV. Is my problem a result of my deliminator setting? Thank you all in advance, ..vp Below is an example of this, captured from tcpdump: 220 smtp-relay.example.net ESMTP EHLO internal-host.example.net 250-smtp-relay.example.net 250-PIPELINING 250-SIZE 15360000 250-VRFY 250-ETRN 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN MAIL FROM:<imdude(a)example-im.com> SIZE=2198 250 2.1.0 Ok RCPT TO:<valid.user(a)my.example.com> 250 2.1.5 Ok DATA 354 End data with <CR><LF>.<CR><LF> Received: from mail pickup service by internal-host.example.net with Microsoft SMTPSVC; .. Thu, 27 May 2010 17:26:38 -0400 x-KVS-MessageType:IM.imim Message-ID: <B110F551-356D-4BDE-9977-8D9A33994F671003883202358181@> Date: Thu, 27 May 2010 15:21:45 UTC From: imdude(a)example-IM.com To:"screen-name"; "Last, First" <first.last(a)valid.user@my.example.com>; Subject: Symantec IMManager conversation export: Thursday, May 27, 2010 11:21:45 AM EDT: want to meet for a drink later? [...SNIP...] QUIT 221 2.0.0 Bye
From: Wietse Venema on 28 May 2010 10:42 wiskbroom(a)hotmail.com: > > > Hello; > > I have an outsourced IM archival system, data from IM sessions > are sent to this system for archive via email. We select an IM > message for un-archival, which is then emailed to us. The problem > I am having is that even prior to arrival at the IM archiving > vendor, my IM message has already had its DATA munged by our > outbound server, whereby our outbound SMTP relay has appended our > domain to an IM screen-name. In other words, the DATA within the > IM message is being read as a message HEADER, and the "To" field > within the IM message is being re-written and appended with my > own domain. > > As you can see from my capture below, "screen-name" is within the > message DATA, yet when arriving at the archive site, has already > been re-written to be "screen-name(a)my.example.com".? My deliminator > in my main.cf is :, and needed that way for my AV.? Is my problem > a result of my deliminator setting? According to RFC 5322, the body of a message is separated from the header by an empty line. To send the IM message in the body of an RFC 5322 message, the retrieval system must prepend an RFC 5322 header and empty line before the IM message. Wietse
From: Wietse Venema on 28 May 2010 20:12
wiskbroom(a)hotmail.com: > >> I have an outsourced IM archival system, data from IM sessions > >> are sent to this system for archive via email. We select an IM > >> message for un-archival, which is then emailed to us. The problem > >> I am having is that even prior to arrival at the IM archiving > >> vendor, my IM message has already had its DATA munged by our > >> outbound server, whereby our outbound SMTP relay has appended our > >> domain to an IM screen-name. In other words, the DATA within the > >> IM message is being read as a message HEADER, and the "To" field > >> within the IM message is being re-written and appended with my > >> own domain. > >> > >> As you can see from my capture below, "screen-name" is within the > >> message DATA, yet when arriving at the archive site, has already > >> been re-written to be "screen-name(a)my.example.com".? My deliminator > >> in my main.cf is :, and needed that way for my AV.? Is my problem > >> a result of my deliminator setting? > > > > According to RFC 5322, the body of a message is separated from > > the header by an empty line. > > > > To send the IM message in the body of an RFC 5322 message, the > > retrieval system must prepend an RFC 5322 header and empty line > > before the IM message. > > Thank you Wietse, how can I tell if this is actually happening, > based on my tcpdump output? I suppose you overlooked this detail in my response: To send the IM message in the body of an RFC 5322 message, the retrieval system must prepend an RFC 5322 header and empty line before the IM message. In case you wonder, RFC 5322 is the official definition of the Internet message format. Wietse |