?
Solved

Watchguard Firebox 1000 - email problem - removing unknown or denied header

Posted on 2009-07-14
8
Medium Priority
?
1,275 Views
Last Modified: 2013-11-16
I am not receiving email from a particular domain. I've had a look and it appears the our Firebox is stripping some of the headers. Below is the sanitized log file.

I assume the last 4 entries are the key.

What can I do to allow these messages?

Thanks!

E.D.
153919088 07/09/09 16:58:18 smtp-proxy[31168] [64.114.x.x:5416 192.168.x.x:25] removing ESMTP keyword "TURN"
153919098 07/09/09 16:58:18 smtp-proxy[31168] [64.114.x.x:5416 192.168.x.x:25] removing ESMTP keyword "ETRN"
153919108 07/09/09 16:58:18 smtp-proxy[31168] [64.114.x.x:5416 192.168.x.x:25] removing ESMTP keyword "PIPELINING"
153919118 07/09/09 16:58:18 smtp-proxy[31168] [64.114.x.x:5416 192.168.x.x:25] removing ESMTP keyword "DSN"
153919128 07/09/09 16:58:18 smtp-proxy[31168] [64.114.x.x:5416 192.168.x.x:25] removing ESMTP keyword "ENHANCEDSTATUSCODES"
153919138 07/09/09 16:58:18 smtp-proxy[31168] [64.114.x.x:5416 192.168.x.x:25] removing ESMTP keyword "BINARYMIME"
153919148 07/09/09 16:58:18 smtp-proxy[31168] [64.114.x.x:5416 192.168.x.x:25] removing ESMTP keyword "CHUNKING"
153919158 07/09/09 16:58:18 smtp-proxy[31168] [64.114.x.x:5416 192.168.x.x:25] removing ESMTP keyword "VRFY"
153919168 07/09/09 16:58:18 smtp-proxy[31168] [64.114.x.x:5416 192.168.x.x:25] removing ESMTP keyword "X-EXPS"
153919178 07/09/09 16:58:18 smtp-proxy[31168] [64.114.x.x:5416 192.168.x.x:25] removing ESMTP keyword "X-EXPS=LOGIN"
153919188 07/09/09 16:58:18 smtp-proxy[31168] [64.114.x.x:5416 192.168.x.x:25] removing ESMTP keyword "AUTH"
153919198 07/09/09 16:58:18 smtp-proxy[31168] [64.114.x.x:5416 192.168.x.x:25] removing ESMTP keyword "AUTH=LOGIN"
153919208 07/09/09 16:58:18 smtp-proxy[31168] [64.114.x.x:5416 192.168.x.x:25] removing ESMTP keyword "X-LINK2STATE"
153919218 07/09/09 16:58:18 smtp-proxy[31168] [64.114.x.x:5416 192.168.x.x:25] removing ESMTP keyword "XEXCH50"
153919448 07/09/09 16:58:19 smtp-proxy[31168] [64.114.x.x:5416 192.168.x.x:25] removing unknown or denied header "Thread-Topic"
153919458 07/09/09 16:58:19 smtp-proxy[31168] [64.114.x.x:5416 192.168.x.x:25] removing unknown or denied header "Thread-Index"
153919468 07/09/09 16:58:19 smtp-proxy[31168] [64.114.x.x:5416 192.168.x.x:25] removing unknown or denied header "Accept-Language"
153919478 07/09/09 16:58:19 smtp-proxy[31168] [64.114.x.x:5416 192.168.x.x:25] removing unknown or denied header "acceptlanguage"

Open in new window

0
Comment
Question by:edalzell
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 2
8 Comments
 
LVL 12

Accepted Solution

by:
jmlamb earned 2000 total points
ID: 24855808
Look under the Headers section of the SMTP-Incoming proxy action. You can add in the headers being removed there.
0
 

Author Comment

by:edalzell
ID: 24862922
jmlamb!

Thanks fr the suggesion. I've added the following to the 'Allow the headers' Tab in the incoming SMTP proxy: "Thread-Topic", "Thread-Index", "Accept-Language", "acceptlanguage".

Just need to run some tests now.

I'll post back shortly.

Thanks!

E.D.
0
 

Author Comment

by:edalzell
ID: 24863752
Looks like a little more success.
Athough... the 'MAIL FROM: invalid sender address "<#Ours-AdminGroup@domain.com> SIZE=2708 BODY=7BIT"' Is the problem the # (pound) symbol?
Is this a weird coincidence?

Thanks again jmlamb!



 
105068 07/15/09 15:52:34 smtp-proxy[370] [64.114.x.x:8327 192.168.0.227:25] removing ESMTP keyword "TURN"
105078 07/15/09 15:52:34 smtp-proxy[370] [64.114.x.x:8327 192.168.0.227:25] removing ESMTP keyword "ETRN"
105088 07/15/09 15:52:34 smtp-proxy[370] [64.114.x.x:8327 192.168.0.227:25] removing ESMTP keyword "PIPELINING"
105098 07/15/09 15:52:34 smtp-proxy[370] [64.114.x.x:8327 192.168.0.227:25] removing ESMTP keyword "DSN"
105108 07/15/09 15:52:34 smtp-proxy[370] [64.114.x.x:8327 192.168.0.227:25] removing ESMTP keyword "ENHANCEDSTATUSCODES"
105118 07/15/09 15:52:34 smtp-proxy[370] [64.114.x.x:8327 192.168.0.227:25] removing ESMTP keyword "BINARYMIME"
105128 07/15/09 15:52:34 smtp-proxy[370] [64.114.x.x:8327 192.168.0.227:25] removing ESMTP keyword "CHUNKING"
105138 07/15/09 15:52:34 smtp-proxy[370] [64.114.x.x:8327 192.168.0.227:25] removing ESMTP keyword "VRFY"
105148 07/15/09 15:52:34 smtp-proxy[370] [64.114.x.x:8327 192.168.0.227:25] removing ESMTP keyword "X-EXPS"
105158 07/15/09 15:52:34 smtp-proxy[370] [64.114.x.x:8327 192.168.0.227:25] removing ESMTP keyword "X-EXPS=LOGIN"
105168 07/15/09 15:52:34 smtp-proxy[370] [64.114.x.x:8327 192.168.0.227:25] removing ESMTP keyword "AUTH"
105178 07/15/09 15:52:34 smtp-proxy[370] [64.114.x.x:8327 192.168.0.227:25] removing ESMTP keyword "AUTH=LOGIN"
105188 07/15/09 15:52:34 smtp-proxy[370] [64.114.x.x:8327 192.168.0.227:25] removing ESMTP keyword "X-LINK2STATE"
105198 07/15/09 15:52:34 smtp-proxy[370] [64.114.x.x:8327 192.168.0.227:25] removing ESMTP keyword "XEXCH50"
105208 07/15/09 15:52:34 smtp-proxy[370] [64.114.x.x:8327 192.168.0.227:25] removing ESMTP keyword "OK"
105218 07/15/09 15:52:34 smtp-proxy[370] [64.114.x.x:8327 192.168.0.227:25] MAIL FROM: invalid sender address "<#Ours-AdminGroup@domain.com> SIZE=2708 BODY=7BIT"

Open in new window

0
Optimize your web performance

What's in the eBook?
- Full list of reasons for poor performance
- Ultimate measures to speed things up
- Primary web monitoring types
- KPIs you should be monitoring in order to increase your ROI

 
LVL 12

Expert Comment

by:jmlamb
ID: 24864103
# is actually a valid character in the username portion of an email address. Check your SMTP-Incoming proxy action again, under Address, Mail From. By default there is an * in the Rules box. See if that's been changed.
0
 

Author Comment

by:edalzell
ID: 24878803
jmlamb,

Under Incoming SMTP, Address Patterns, there is asterisk (*).
I'm going to try it again andsee what happens.

Thanks!
0
 

Author Comment

by:edalzell
ID: 24878827
Still the same error.
Any thought?

3496358 07/17/09 10:11:18 smtp-proxy[9918] [64.114.x.x:27053 192.168.0.227:25] MAIL FROM: invalid sender address "<#Ours-AdminGroup@doamin.com> SIZE=2708 BODY=7BIT"
0
 

Author Closing Comment

by:edalzell
ID: 31603342
Thanks a bunch!
0
 

Author Comment

by:edalzell
ID: 24879092
jmlamb,

It was the # symbol.
I had to add it to the address validation field/allow chracters.
It was just set to this.... "_-.+=%*/~!^&?"

I still get the following, see below, but the email is delivered.
I hate to sound silly... but what is it actually removing?

Thanks again for all your help!
removing unknown or denied header "Content-class"
 
removing unknown or denied header "Content-Location"
 
removing unknown or denied header "Content-Location"
 
removing unknown or denied header "Content-Location"

Open in new window

0

Featured Post

Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you are like regular user of computer nowadays, a good bet that your home computer is on right now, all exposed to world of Internet to be exploited by somebody you do not know and you never will. Internet security issues has been getting worse d…
To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the…
Add bar graphs to Access queries using Unicode block characters. Graphs appear on every record in the color you want. Give life to numbers. Hopes this gives you ideas on visualizing your data in new ways ~ Create a calculated field in a query: …
In this video, Percona Director of Solution Engineering Jon Tobin discusses the function and features of Percona Server for MongoDB. How Percona can help Percona can help you determine if Percona Server for MongoDB is the right solution for …
Suggested Courses
Course of the Month12 days, 19 hours left to enroll

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question