Solved

Watchguard Firebox 1000 - email problem - removing unknown or denied header

Posted on 2009-07-14
8
1,268 Views
Last Modified: 2013-11-16
I am not receiving email from a particular domain. I've had a look and it appears the our Firebox is stripping some of the headers. Below is the sanitized log file.

I assume the last 4 entries are the key.

What can I do to allow these messages?

Thanks!

E.D.
153919088 07/09/09 16:58:18 smtp-proxy[31168] [64.114.x.x:5416 192.168.x.x:25] removing ESMTP keyword "TURN"
153919098 07/09/09 16:58:18 smtp-proxy[31168] [64.114.x.x:5416 192.168.x.x:25] removing ESMTP keyword "ETRN"
153919108 07/09/09 16:58:18 smtp-proxy[31168] [64.114.x.x:5416 192.168.x.x:25] removing ESMTP keyword "PIPELINING"
153919118 07/09/09 16:58:18 smtp-proxy[31168] [64.114.x.x:5416 192.168.x.x:25] removing ESMTP keyword "DSN"
153919128 07/09/09 16:58:18 smtp-proxy[31168] [64.114.x.x:5416 192.168.x.x:25] removing ESMTP keyword "ENHANCEDSTATUSCODES"
153919138 07/09/09 16:58:18 smtp-proxy[31168] [64.114.x.x:5416 192.168.x.x:25] removing ESMTP keyword "BINARYMIME"
153919148 07/09/09 16:58:18 smtp-proxy[31168] [64.114.x.x:5416 192.168.x.x:25] removing ESMTP keyword "CHUNKING"
153919158 07/09/09 16:58:18 smtp-proxy[31168] [64.114.x.x:5416 192.168.x.x:25] removing ESMTP keyword "VRFY"
153919168 07/09/09 16:58:18 smtp-proxy[31168] [64.114.x.x:5416 192.168.x.x:25] removing ESMTP keyword "X-EXPS"
153919178 07/09/09 16:58:18 smtp-proxy[31168] [64.114.x.x:5416 192.168.x.x:25] removing ESMTP keyword "X-EXPS=LOGIN"
153919188 07/09/09 16:58:18 smtp-proxy[31168] [64.114.x.x:5416 192.168.x.x:25] removing ESMTP keyword "AUTH"
153919198 07/09/09 16:58:18 smtp-proxy[31168] [64.114.x.x:5416 192.168.x.x:25] removing ESMTP keyword "AUTH=LOGIN"
153919208 07/09/09 16:58:18 smtp-proxy[31168] [64.114.x.x:5416 192.168.x.x:25] removing ESMTP keyword "X-LINK2STATE"
153919218 07/09/09 16:58:18 smtp-proxy[31168] [64.114.x.x:5416 192.168.x.x:25] removing ESMTP keyword "XEXCH50"
153919448 07/09/09 16:58:19 smtp-proxy[31168] [64.114.x.x:5416 192.168.x.x:25] removing unknown or denied header "Thread-Topic"
153919458 07/09/09 16:58:19 smtp-proxy[31168] [64.114.x.x:5416 192.168.x.x:25] removing unknown or denied header "Thread-Index"
153919468 07/09/09 16:58:19 smtp-proxy[31168] [64.114.x.x:5416 192.168.x.x:25] removing unknown or denied header "Accept-Language"
153919478 07/09/09 16:58:19 smtp-proxy[31168] [64.114.x.x:5416 192.168.x.x:25] removing unknown or denied header "acceptlanguage"

Open in new window

0
Comment
Question by:edalzell
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 2
8 Comments
 
LVL 12

Accepted Solution

by:
jmlamb earned 500 total points
ID: 24855808
Look under the Headers section of the SMTP-Incoming proxy action. You can add in the headers being removed there.
0
 

Author Comment

by:edalzell
ID: 24862922
jmlamb!

Thanks fr the suggesion. I've added the following to the 'Allow the headers' Tab in the incoming SMTP proxy: "Thread-Topic", "Thread-Index", "Accept-Language", "acceptlanguage".

Just need to run some tests now.

I'll post back shortly.

Thanks!

E.D.
0
 

Author Comment

by:edalzell
ID: 24863752
Looks like a little more success.
Athough... the 'MAIL FROM: invalid sender address "<#Ours-AdminGroup@domain.com> SIZE=2708 BODY=7BIT"' Is the problem the # (pound) symbol?
Is this a weird coincidence?

Thanks again jmlamb!



 
105068 07/15/09 15:52:34 smtp-proxy[370] [64.114.x.x:8327 192.168.0.227:25] removing ESMTP keyword "TURN"
105078 07/15/09 15:52:34 smtp-proxy[370] [64.114.x.x:8327 192.168.0.227:25] removing ESMTP keyword "ETRN"
105088 07/15/09 15:52:34 smtp-proxy[370] [64.114.x.x:8327 192.168.0.227:25] removing ESMTP keyword "PIPELINING"
105098 07/15/09 15:52:34 smtp-proxy[370] [64.114.x.x:8327 192.168.0.227:25] removing ESMTP keyword "DSN"
105108 07/15/09 15:52:34 smtp-proxy[370] [64.114.x.x:8327 192.168.0.227:25] removing ESMTP keyword "ENHANCEDSTATUSCODES"
105118 07/15/09 15:52:34 smtp-proxy[370] [64.114.x.x:8327 192.168.0.227:25] removing ESMTP keyword "BINARYMIME"
105128 07/15/09 15:52:34 smtp-proxy[370] [64.114.x.x:8327 192.168.0.227:25] removing ESMTP keyword "CHUNKING"
105138 07/15/09 15:52:34 smtp-proxy[370] [64.114.x.x:8327 192.168.0.227:25] removing ESMTP keyword "VRFY"
105148 07/15/09 15:52:34 smtp-proxy[370] [64.114.x.x:8327 192.168.0.227:25] removing ESMTP keyword "X-EXPS"
105158 07/15/09 15:52:34 smtp-proxy[370] [64.114.x.x:8327 192.168.0.227:25] removing ESMTP keyword "X-EXPS=LOGIN"
105168 07/15/09 15:52:34 smtp-proxy[370] [64.114.x.x:8327 192.168.0.227:25] removing ESMTP keyword "AUTH"
105178 07/15/09 15:52:34 smtp-proxy[370] [64.114.x.x:8327 192.168.0.227:25] removing ESMTP keyword "AUTH=LOGIN"
105188 07/15/09 15:52:34 smtp-proxy[370] [64.114.x.x:8327 192.168.0.227:25] removing ESMTP keyword "X-LINK2STATE"
105198 07/15/09 15:52:34 smtp-proxy[370] [64.114.x.x:8327 192.168.0.227:25] removing ESMTP keyword "XEXCH50"
105208 07/15/09 15:52:34 smtp-proxy[370] [64.114.x.x:8327 192.168.0.227:25] removing ESMTP keyword "OK"
105218 07/15/09 15:52:34 smtp-proxy[370] [64.114.x.x:8327 192.168.0.227:25] MAIL FROM: invalid sender address "<#Ours-AdminGroup@domain.com> SIZE=2708 BODY=7BIT"

Open in new window

0
What Is Transaction Monitoring and who needs it?

Synthetic Transaction Monitoring that you need for the day to day, which ensures your business website keeps running optimally, and that there is no downtime to impact your customer experience.

 
LVL 12

Expert Comment

by:jmlamb
ID: 24864103
# is actually a valid character in the username portion of an email address. Check your SMTP-Incoming proxy action again, under Address, Mail From. By default there is an * in the Rules box. See if that's been changed.
0
 

Author Comment

by:edalzell
ID: 24878803
jmlamb,

Under Incoming SMTP, Address Patterns, there is asterisk (*).
I'm going to try it again andsee what happens.

Thanks!
0
 

Author Comment

by:edalzell
ID: 24878827
Still the same error.
Any thought?

3496358 07/17/09 10:11:18 smtp-proxy[9918] [64.114.x.x:27053 192.168.0.227:25] MAIL FROM: invalid sender address "<#Ours-AdminGroup@doamin.com> SIZE=2708 BODY=7BIT"
0
 

Author Closing Comment

by:edalzell
ID: 31603342
Thanks a bunch!
0
 

Author Comment

by:edalzell
ID: 24879092
jmlamb,

It was the # symbol.
I had to add it to the address validation field/allow chracters.
It was just set to this.... "_-.+=%*/~!^&?"

I still get the following, see below, but the email is delivered.
I hate to sound silly... but what is it actually removing?

Thanks again for all your help!
removing unknown or denied header "Content-class"
 
removing unknown or denied header "Content-Location"
 
removing unknown or denied header "Content-Location"
 
removing unknown or denied header "Content-Location"

Open in new window

0

Featured Post

On Demand Webinar: Networking for the Cloud Era

Ready to improve network connectivity? Watch this webinar to learn how SD-WANs and a one-click instant connect tool can boost provisions, deployment, and management of your cloud connection.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you are like regular user of computer nowadays, a good bet that your home computer is on right now, all exposed to world of Internet to be exploited by somebody you do not know and you never will. Internet security issues has been getting worse d…
The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
In this video, viewers are given an introduction to using the Windows 10 Snipping Tool, how to quickly locate it when it's needed and also how make it always available with a single click of a mouse button, by pinning it to the Desktop Task Bar. Int…
This tutorial will teach you the special effect of super speed similar to the fictional character Wally West aka "The Flash" After Shake : http://www.videocopilot.net/presets/after_shake/ All lightning effects with instructions : http://www.mediaf…

717 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question