Raptor Firewall, Exchange 2000 & long line length

Topic

New Reply

We have been getting the following returned error message on outgoing emails rather frequently:
[indent]

---

The destination system is currently not accepting any messages. Please retry at a later time. If that fails, contact your system administrator.

---

[/indent]
The firewall is rejecting our mail with the following error message:
[indent]

---

218 smtpd: Invalid SMTP protocol: Overly long line received from ourworldsecureserver.com ([ internal ip address ]) (3512 bytes received. Configured: smtpd.max_body_line_length=2048)

---

[/indent]
We have set a max body line length of 2048 on our Firewall per instruction by Symantec (Raptor Firewall). Does anyone know where/how we can tell Exchange 2000 to truncate lines somewhere under 2048? We can’t find the setting anywhere.

Thank you,
Becky

Reply | Quote

Replies

I know hardly anything about Exchange, so I can’t answer your question, BUT, can you tell whether this is tied to a less-used encoding scheme such as base64? Maybe the problem is created and can be fixed on the client side…

Reply | Quote

Sorry, I don’t know the answer to your question (probably because it doesn’t apply?), but I can provide a bit more background that I obviously omitted on my original post.

The messages that are rejected originate from people in our office. We use Outlook 2002 (SP-2) on our desktops. Some of the emails are replies, and some are original messages (it doesn’t seem to matter). It does not matter what domain they are addressed to, so it looks like the firewall is rejecting them on the grounds of the data in the message and not anything else.

I think that covers everything.
Thank you,
Becky

Reply | Quote

In Outlook 2000, the user could choose three different types of MIME encoding for 8-bit data: (1) none, (2) quoted printable, and (3)

Reply | Quote

In Outlook 2000, the user could choose three different types of MIME encoding for 8-bit data: (1) none, (2) quoted printable, and (3)

Reply | Quote

is there any thing similar about the rejected messages – such as they are over a certian size? Body line length is another way to measure message size.

What is the max message size in exchange? I think default 2048 kb, but that doesn’t equal 2048 lines.

Does the documentation for the firewall mention what setting is for?

Reply | Quote

i should have googled it before replying. it looks like is it line length. Outlook can have unlimited line lengths – until the sender hits Enter to start a new paragraph. you can control this in exchange – global settings, internet message format, advanced tab. Default is never.

Reply | Quote

Thanks! I’ll have my boss apply that change on Monday. We kind of stuck a band-aid on the problem by forcing all mail to leave here using Rich Text Format. We’re not sure what bad things might happen because of it, so I’m glad we have a “real” fix.

Thanks again!
Becky

Reply | Quote

Thanks! I’ll have my boss apply that change on Monday. We kind of stuck a band-aid on the problem by forcing all mail to leave here using Rich Text Format. We’re not sure what bad things might happen because of it, so I’m glad we have a “real” fix.

Thanks again!
Becky

Reply | Quote

Unfortunately, making that change in Exchange didn’t resolve the problem. We found out that we can’t use Rich Text Format as the default because it makes all of our Word attachments come through as winmail.dat files (and I have no idea why that would happen).

Any other suggestions?
Becky

Reply | Quote

Tell the users to write shorter paragraphs?

But seriously, why impose this restriction on outbound messages? What is Symantec’s rationale for that?

Reply | Quote

The interesting thing is, the paragraphs aren’t longer than the 2048. One email with a particularly long paragraph (1902 including spaces) comes back, but another fails with its longest paragraph being 601 characters including spaces.

Unfortunately, the switch to control the line length for messages works both on outbound and inbound messages. There isn’t a seperate setting for each. Here’s Symantec’s KB Article on the subject. It’s a security thing.

Thanks,
Becky

Reply | Quote

I see, it’s a general prophylactic against buffer overflows. I guess most buffer overflows will be longer than 1KB (or 2KB in your case).

But the article refers only to inbound messages — traversing the firewall from the untrusted outside to the trusted inside. I guess your Exchange Server’s SMTP component must be outside the firewall. Probably there’s no way to trust it then. Bummer. You could create separate SMTP servers for inside and outside users; just what the IT budget doesn’t need.

Reply | Quote

I see, it’s a general prophylactic against buffer overflows. I guess most buffer overflows will be longer than 1KB (or 2KB in your case).

But the article refers only to inbound messages — traversing the firewall from the untrusted outside to the trusted inside. I guess your Exchange Server’s SMTP component must be outside the firewall. Probably there’s no way to trust it then. Bummer. You could create separate SMTP servers for inside and outside users; just what the IT budget doesn’t need.

Reply | Quote

The interesting thing is, the paragraphs aren’t longer than the 2048. One email with a particularly long paragraph (1902 including spaces) comes back, but another fails with its longest paragraph being 601 characters including spaces.

Unfortunately, the switch to control the line length for messages works both on outbound and inbound messages. There isn’t a seperate setting for each. Here’s Symantec’s KB Article on the subject. It’s a security thing.

Thanks,
Becky

Reply | Quote

Tell the users to write shorter paragraphs?

But seriously, why impose this restriction on outbound messages? What is Symantec’s rationale for that?

Reply | Quote

Unfortunately, making that change in Exchange didn’t resolve the problem. We found out that we can’t use Rich Text Format as the default because it makes all of our Word attachments come through as winmail.dat files (and I have no idea why that would happen).

Any other suggestions?
Becky

Reply | Quote

i should have googled it before replying. it looks like is it line length. Outlook can have unlimited line lengths – until the sender hits Enter to start a new paragraph. you can control this in exchange – global settings, internet message format, advanced tab. Default is never.

Reply | Quote

is there any thing similar about the rejected messages – such as they are over a certian size? Body line length is another way to measure message size.

What is the max message size in exchange? I think default 2048 kb, but that doesn’t equal 2048 lines.

Does the documentation for the firewall mention what setting is for?

Reply | Quote

Sorry, I don’t know the answer to your question (probably because it doesn’t apply?), but I can provide a bit more background that I obviously omitted on my original post.

The messages that are rejected originate from people in our office. We use Outlook 2002 (SP-2) on our desktops. Some of the emails are replies, and some are original messages (it doesn’t seem to matter). It does not matter what domain they are addressed to, so it looks like the firewall is rejecting them on the grounds of the data in the message and not anything else.

I think that covers everything.
Thank you,
Becky

Reply | Quote

I know hardly anything about Exchange, so I can’t answer your question, BUT, can you tell whether this is tied to a less-used encoding scheme such as base64? Maybe the problem is created and can be fixed on the client side…

Reply | Quote