Page 1 of 1
policy violation found in sent message
Posted: Wed Mar 21, 2007 11:49 am
by dietcheese
Does anyone know what the message:
policy-violation_found_in_sent_message_
Means exactly?
Spamassassin is filtering out valid local mail, I believe it has something to do with bad or strange mail headers (which are actually there on purpose, used to import information into Goldmine)
Mar 21 11:38:28 109839-app1 qmail-scanner[15395]: Clear:RC:1(127.0.0.1): 0 1100
root@109839-app1.domain.com <> policy-violation_found_in_sent_message_"{$GM-WebImport$}"
109839-app1.domain.com117449150876315395-root@109839-app1.domainquarantine-event.txt:1000
Mar 21 11:38:28 109839-app1 qmail-scanner[15395]: Clear:RC:1(127.0.0.1): 0 1100
root@109839-app1.domain.com <> policy-violation_found_in_sent_message_"{$GM-WebImport$}"
109839-app1.domain.com117449150876315395-root@109839-app1.domain.com quarantine-event.txt:1000
Mar 21 11:38:28 109839-app1 qmail-scanner[15395]: Policy:Bad_MIME:RC:1(127.0.0.1): 0.295026 1066
testfrom@test.com goldmine@foobar.com {$GM-WebImport$} <
20070321153828.15390.qmail@109839-app1.domain.com> 1174491508.15401-0.109839-app1.domain.com:684
Thanks
DC
Posted: Wed Mar 21, 2007 12:02 pm
by dietcheese
This is a real problem for me. I have whitelisted the sending domain and of course the local IP is whitelisted and still these emails are getting filtered out.
Anyone have any ideas? Is there a way to ignore certain headers?
Thanks,
DC
Posted: Wed Mar 21, 2007 12:06 pm
by dietcheese
I get the policy violation errors even when SA is off. Is this part of qmail-scanner or qmail itself???
Posted: Wed Mar 21, 2007 12:22 pm
by dietcheese
The only way I was able to fix this was by setting the qmail-scanner option:
FIX_MIME="no"
Maybe that'll help someone...
DC
Posted: Wed Mar 21, 2007 1:11 pm
by scott
This could be language related, are those messages in straight ASCII (english) or some other language involving MIME encodings?
Posted: Fri Mar 23, 2007 11:42 am
by dietcheese
Here is how I format the headers and body (not sure if this helps you) .
I'm assuming qmail-scanner is choking on the "Content-Type: application/x-gm-impdata", but it's needed in this casee. Maybe there is a way of adding this to a list of valid headers?
Mail created in PHP:
-----------------------
$header = "From: ". $firstname . " " . $lastname ." <".$email.">\r\n";
$header .= "Reply-To: Agent Registration <
register@foobar.com>\r\n";
$header .= "Content-Type: application/x-gm-impdata\r\n";
$header .= "Return-Path: " . $email . "\r\n";
mail($to, $sub, $message, $header);
Header
--------
Return-Path: <
jwelby@asdf.net>
Delivered-To:
124-clabd@asdf.com
Received: (qmail 7209 invoked by uid 10066); 22 Mar 2007 12:39:52 -0400
Received: from 127.0.0.1 by 109839-app1.foobar.com (envelope-from <
jwelby@asdf.net>, uid 48) with qmail-scanner-2.01st
(clamdscan: 0.88.7/2899. spamassassin: 3.1.7. perlscan: 2.01st.
Clear:RC:1(127.0.0.1):.
Processed in 0.021399 secs); 22 Mar 2007 16:39:52 -0000
Date: 22 Mar 2007 12:39:52 -0400
Message-ID: <
20070322163952.7198.qmail@109839-app1.foobar.com>
To:
blah@blah.tv
Subject: {$GM-WebImport$}
From: Jim Welby <
jwelby@asdf.net>
Reply-To: Agent Registration <
register@uauaua.com>
Content-Type: application/x-gm-impdata
Body
------
[Instructions]
[Data]
[ContSupp]
cs1_RecType=P
cs1_ACCOUNTNO=A5012849154&N)ZAf32
cs1_ContSupRef=John Smith
cs1_DEAR=
cs1_EXT=Female
cs1_LINKACCT=TX
cs1_ZIP=19770619
cs1_COUNTRY=none
cs1_MERGECODES=02d3d2e
Posted: Fri Mar 23, 2007 3:21 pm
by scott
You'd want to talk to the q-s folks about it, but I'll bet that you're creating a non-rfc compliant mime header. Keep in mind that when you do that, its not just qmail-scanner thats going to cause it to be rejected, but also all the other MTA's on the internet that also check for that kind of compliance. Obviously if its only ever going to localhost, then thats not really an issue.
hmm
Posted: Fri Mar 23, 2007 6:37 pm
by dietcheese
Multipurpose Internet Mail Extensions June 1992
different communities using "Content-Type:
application/foobar" to mean two different things. The
process of defining new content-subtypes, then, is not
intended to be a mechanism for imposing restrictions, but
simply a mechanism for publicizing the usages. There are,
therefore, two acceptable mechanisms for defining new
Content-Type subtypes:
1. Private values (starting with "X-") may be
defined bilaterally between two cooperating
agents without outside registration or
standardization.
Posted: Sat Mar 24, 2007 10:58 am
by luribe
dietcheese wrote:The only way I was able to fix this was by setting the qmail-scanner option:
FIX_MIME="no"
Maybe that'll help someone...
DC
Where did you put that option? In /var/qmail/bin/qmail-scanner-queue.pl?
Posted: Sat Mar 24, 2007 1:59 pm
by scott
Yep thats the RFC all right. Which is exactly what I'm talking about, I just ran the following test script successfully through qmail-scanner with FIX_BAD_MIME set to 2. This is through a CentOS 4 box, with no CPAN modules mixed in:
$firstname="Scott";
$lastname="Shinn";
$email="
scott@atomicrocketturtle.com";
$message="This is a test message";
$to="
scott@shinn.net";
$sub="Test Message #1";
$header = "From: ". $firstname . " " . $lastname ." <".$email.">\r\n";
$header .= "Reply-To: Agent Registration <
register@foobar.com>\r\n";
$header .= "Content-Type: application/x-gm-impdata\r\n";
$header .= "Return-Path: " . $email . "\r\n";
mail($to, $sub, $message, $header);
I ran the same message through a RH9 CPAN'd box, and it failed. So I removed the \r's from the code, and ran it again, this time successfully through both CentOS4 and the RH9 box:
$header = "From: ". $firstname . " " . $lastname ." <".$email."> \n";
$header .= "Reply-To: Agent Registration <
register@foobar.com> \n";
$header .= "Content-Type: application/x-gm-impdata \n";
$header .= "Return-Path: " . $email;
Just to make sure, I ran the first script through a MS exchange 2003, and a Lotus Notes 5 server. In both cases, mimesweeper on MS exchange, and the mime check on Lotus Notes 5.5 rejected the message. The second script worked on these systems correctly.
Posted: Tue Mar 27, 2007 9:34 pm
by dietcheese
Hrm, I always used "\r\n" as an EOL for mail headers in PHP.
The "Content-Type: application/x-gm-impdata" is unusual but meets RFC requirements, right?
What's the disadvantage of leaving FIX_MIME="no" ?
Thanks for looking into this. You do great work
DC
Posted: Wed Mar 28, 2007 8:06 am
by scott
Its mainly good at blocking spam/virii from badly written MTA's, like zombie'd windows boxes, or cgi-bin perl mailers. The 2 setting is the less restrictive of the checks.
Re: policy violation found in sent message
Posted: Wed Oct 13, 2010 4:23 am
by coolemail
Can anyone help. We are having the same problem with X-Mailer emails not being sent from the server. Maillog shows:
and I think my qmail-scanner config is set to FIX_MIME="2" as Scott said, so I have put all of the incidents of FIX below. Can someone tell me how to make these emails go through?
[plesk2.expat-email.co.uk ~]# grep FIX -R /usr/share/qmail-scanner
/usr/share/qmail-scanner/qmail-scanner-reconfigure.psa: --fix-mime $FIX_MIME \
/usr/share/qmail-scanner/qmail-scanner-queue.template:my $BAD_MIME_CHECKS='FIX_MIME';
/usr/share/qmail-scanner/qmail-scanner-reconfigure.project-gamera: --fix-mime $FIX_MIME \
/usr/share/qmail-scanner/contrib/check_AV_daemons: SUFFIX => '.com');
/usr/share/qmail-scanner/configure:FIX_MIME="2"
/usr/share/qmail-scanner/configure: --fix-mime) if [ "$2" != "" -a "`echo $2|grep '\-'`" = "" ] ; then shift ; if [ "`echo $1|egrep -i '^0|^no'`" != "" ]; then FIX_MIME="0" ; fi ; if [ "`echo $1|egrep -i '^[1-9]+$'`" != "" ]; then FIX_MIME="$1" ; fi ; fi ;;
/usr/share/qmail-scanner/configure:CMDLINE="$CMDLINE --admin $USERNAME --domain $MAILDOMAIN --admin-description \"$ADMIN_DESCRIPTION\" --notify $NOTIFY_ADDRESSES --local-domains $LOCAL_DOMAINS_ARRAY --silent-viruses $SILENT_VIRUSES --virus-to-delete $VIRUS_DELETE --skip-text-msgs $SKIP_TEXT_MSGS --lang $QSLANG --debug $DEBUG_LEVEL --minidebug $MINI_DEBUG --add-dscr-hdrs $DESCRIPTIVE_HEADERS --dscr-hdrs-text \"$DESCR_HEADERS_TEXT\" --normalize $NORMALIZE_MSG --archive $ARCHIVEIT --settings-per-domain $SETTINGS_P_D --max-scan-size $MAX_SCAN_SIZE --unzip $FORCE_UNZIP --max-zip-size $MAX_ZIP_SIZE --max-unpacked-files $MAX_UNPACKED_FILES --redundant $REDUNDANT --log-details $LOG_DETAILS --log-crypto $LOG_CRYPTO --fix-mime $FIX_MIME --ignore-eol-check $DISABLE_EOL_CHECK"
/usr/share/qmail-scanner/configure:if [ "$FIX_MIME" != "" ]; then
/usr/share/qmail-scanner/configure: echo "fix-mime=$FIX_MIME"
/usr/share/qmail-scanner/configure:s?FIX_MIME?$FIX_MIME?g;
[plesk2.expat-email.co.uk ~]#
Re: policy violation found in sent message
Posted: Wed Oct 13, 2010 2:42 pm
by faris
Don't forget that you need to run the qmail-scanner-reconfigure script after changing fix_mime to 2.
Faris.
Re: policy violation found in sent message
Posted: Wed Oct 13, 2010 4:51 pm
by coolemail
we were already on fix-mime 2 so did not change anything. We did change it to 1 and that appears to have worked for us so far, but we then got a flood of Spam emails through so for now we have put it back to 2.