Policy:Bad_MIME with PHP 5.2.14 & mail.add_x_header enabled

[breun]

Since the upgrade to PHP 5.2.14-1 mail sent via the PHP mail function (mail forms on websites regularly use this) is blocked by qmail-scanner with a Policy:Bad_MIME message in the maillog. For now we have set mail.add_x_header to Off in /etc/php.ini as a workaround.

Maybe the backported X-PHP-Originaiting-Script header patch isn't completely compatible with PHP 5.2.14?

[breun]

It seems the problem occurs when custom headers are added to the message. I believe an extra linebreak is causing problems. Without custom headers messages sent via the PHP mail function are ok.

(Also, where php.ini says 'X-PHP-Originaiting-Script' shouldn't it read 'X-PHP-Originating-Script'?)

[breun]

These bugs in PHP 5.3.x seem to be related:

* Bug #48620 X-PHP-Originating-Script assumes no trailing CRLF in $headers
* Bug #50907 X-PHP-Originating-Script adding two new lines in *NIX

Apparently this was already a problem when this feature was first backported to PHP 5.2.11:

* https://www.atomicorp.com/forums/viewto ... =12&t=3562
* https://www.atomicorp.com/forums/viewto ... =12&t=4324

The bugs mentioned above have both been closed, so maybe this feature needs to backported again from the current version of PHP 5.3.x? Anyway, the feature is broken in the current packages (5.2.14-1), but enabled by default in /etc/php.ini. I think this feature needs to be fixed or removed; or at least disabled by default until there is a more permanent solution.

[prupert]

It seems that Scott is currently working on backporting the fix (for this 5.3.x bug) into the 5.2.14 package.
http://twitter.com/atomicturtle/status/20999921634

Hooray!

[prupert]

We can confirm that this bug has been resolved by updating to the php-5.2.14-2.art package.

[coolemail]

I know the posts in this thread are quite old, but we are on
PHP 5.3.23 (cli) (built: Mar 15 2013 11:15:15)

and we have got some specific requests to look at failed emails today - hosted domain owners not receiving an email confirmation email:

Apr 30 14:22:39 plesk3 qmail-scanner[13173]: Policy:Bad_MIME:RC:0(208.109.80.198):SA:0(-0.3/5.0): 2.745662 1283 lulu@domain1.co.uk kc@domain2.co.uk Confirm_your_email_to_vote_for_Women_Inspiring_Women_Awards <20130430080656.20678.qmail@ip-208-109-238-190.ip.secureserver.net> orig-plesk3.emailitis.co.uk136732815679713173:1283 1367328157.13175-0.plesk3.hostname.co.uk:414

Apr 30 20:49:45 plesk3 qmail-scanner[20985]: Policy:Bad_MIME:RC:0(208.109.80.1):SA:0(1.1/5.0): 6.205838 1297 lulu@domain1.co.uk info@domain3.com Confirm_your_email_to_vote_for_Women_Inspiring_Women_Awards <20130430143353.4110.qmail@ip-208-109-238-190.ip.secureserver.net> orig-plesk3.emailitis.co.uk136735137979720985:1297 1367351379.20987-0.plesk3.hostname.co.uk:426

Any ideas of how we can get these through? I don't want to whitelist 208.109.80.1/24

[scott]

It looks like they're not crafting the message correctly to fit the mime standard. Normally that happens if you have a windows-y type development environment and you dont use the right characters to terminate a newline.