Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1 reply
  • Subscribers 27 subscribers
  • Views 1874 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SFOS in legacy mode is stripping "NOTIFY" option when sent to multiple recipients

Tech Centio

Hi,

 

SFOS 17.1 MR2 is stripping the  NOTIFY option when user sent To multiple recipients.

There is SMTP/S scanning rule for the outgoing mail traffic from LAN clients to Mail Server in DMZ:

When this rule is in place and multiple recipients are in "To" the "Delivery Status Notification" is not working.
If single recipient is selected, then it works as expected.
If we disable the rule or just uncheck SMTP/S scan

, the "Delivery Status Notifications" are working with multiple recipients.

This the anonymized awarrensmtp DEBUG log for one such mail:

MESSAGE Oct 16 09:16:58 [0x2011f3bd]: New SMTP Session Initialized 192.168.100.103:61876 ==> 2xx.x2.1x8.9x:587
INFO Oct 16 09:16:58 [0x2011f3bd]: Connecting to server ...
INFO Oct 16 09:16:58 [0x2011f3bd]: Response: 220 xxxx.xxx.bg ESMTP xxx MAIL SERVER
INFO Oct 16 09:16:59 [0x2011f3bd]: Request: 'EHLO [10.1.0.254]'
INFO Oct 16 09:16:59 [0x2011f3bd]: Response: 250-xxxx.xxx.bg
INFO Oct 16 09:16:59 [0x2011f3bd]: Response: 250-PIPELINING
INFO Oct 16 09:16:59 [0x2011f3bd]: Response: 250-SIZE 54525952
INFO Oct 16 09:16:59 [0x2011f3bd]: Response: 250-VRFY
INFO Oct 16 09:16:59 [0x2011f3bd]: Response: 250-ETRN
INFO Oct 16 09:16:59 [0x2011f3bd]: Response: 250-STARTTLS
INFO Oct 16 09:16:59 [0x2011f3bd]: Response: 250-ENHANCEDSTATUSCODES
INFO Oct 16 09:16:59 [0x2011f3bd]: Response: 250-8BITMIME
INFO Oct 16 09:16:59 [0x2011f3bd]: Response: 250 DSN
INFO Oct 16 09:16:59 [0x2011f3bd]: Request: 'STARTTLS'
INFO Oct 16 09:16:59 [0x2011f3bd]: Response: 220 2.0.0 Ready to start TLS
INFO Oct 16 09:16:59 [0x2011f3bd]: valid client hello
INFO Oct 16 09:16:59 [0x2011f3bd]: h-ver '3' , chel-ver '5'
INFO Oct 16 09:16:59 [0x2011f3bd]: SSL session established with server: '2xx.x2.1x8.9x'
INFO Oct 16 09:16:59 [0x2011f3bd]: Server certificate error 'unable to get local issuer certificate'
INFO Oct 16 09:16:59 [0x2011f3bd]: initializing ssl session with proxy mode ctx
INFO Oct 16 09:16:59 [0x2011f3bd]: SSL session established with client: '192.168.100.103'
INFO Oct 16 09:16:59 [0x2011f3bd]: Request: 'EHLO [10.1.0.254]'
INFO Oct 16 09:16:59 [0x2011f3bd]: Response: 250-xxxx.xxx.bg
INFO Oct 16 09:16:59 [0x2011f3bd]: Response: 250-PIPELINING
INFO Oct 16 09:16:59 [0x2011f3bd]: Response: 250-SIZE 54525952
INFO Oct 16 09:16:59 [0x2011f3bd]: Response: 250-VRFY
INFO Oct 16 09:16:59 [0x2011f3bd]: Response: 250-ETRN
INFO Oct 16 09:16:59 [0x2011f3bd]: Response: 250-AUTH CRAM-MD5 LOGIN PLAIN
INFO Oct 16 09:16:59 [0x2011f3bd]: Response: 250-AUTH=CRAM-MD5 LOGIN PLAIN
INFO Oct 16 09:16:59 [0x2011f3bd]: Response: 250-ENHANCEDSTATUSCODES
INFO Oct 16 09:16:59 [0x2011f3bd]: Response: 250-8BITMIME
INFO Oct 16 09:16:59 [0x2011f3bd]: Response: 250 DSN
INFO Oct 16 09:16:59 [0x2011f3bd]: Request: 'AUTH CRAM-MD5'
INFO Oct 16 09:16:59 [0x2011f3bd]: Response: 334 PDE5MTcyNzgyMTg4MzE3NzguMTUzOTY3MDYxOUBtYWlsPg==
INFO Oct 16 09:16:59 [0x2011f3bd]: Response: 235 2.7.0 Authentication successful
INFO Oct 16 09:16:59 [0x2011f3bd]: Authorization is successful
INFO Oct 16 09:16:59 [0x2011f3bd]: Request: 'MAIL FROM:<xxxxxx@xxx.bg> RET=FULL ENVID=<d2ed83dd-f919-92a6-b9df-a2d8de3942a0@xxx.bg> BODY=8BITMIME SIZE=524'
INFO Oct 16 09:16:59 [0x2011f3bd]: Response: 250 2.1.0 Ok
INFO Oct 16 09:16:59 [0x2011f3bd]: Request: 'RCPT TO:<xxxxx.xxxxx@gmail.com> NOTIFY=SUCCESS,FAILURE,DELAY ORCPT=rfc822;xxxxx.xxxxx@gmail.com'
INFO Oct 16 09:16:59 [0x2011f3bd]: Response: 250 2.1.5 Ok
INFO Oct 16 09:16:59 [0x2011f3bd]: Request: 'RCPT TO:<xxxx@yyy.bg> NOTIFY=SUCCESS,FAILURE,DELAY ORCPT=rfc822;xxxx@yyy.bg'
INFO Oct 16 09:16:59 [0x2011f3bd]: Response: 250 2.1.5 Ok
INFO Oct 16 09:16:59 [0x2011f3bd]: Request: 'DATA'
INFO Oct 16 09:16:59 [0x2011f3bd]: Response: 354
MESSAGE Oct 16 09:16:59 [0x2011f3bd]: [0x2011f3bd0] FROM:xxxxxx@xxx.bg , TO:xxxxx.xxxxx@gmail.com
MESSAGE Oct 16 09:16:59 [0x2011f3bd]: [0x2011f3bd1] FROM:xxxxxx@xxx.bg , TO:xxxx@yyy.bg
MESSAGE Oct 16 09:16:59 [0x2011f3bd]: Mail Accepted by SF With ID=0x2011f3bd
INFO Oct 16 09:16:59 [0x2011f3bd]: SCANCONTENT AV: 1 TFT: 0 DLP: 0
INFO Oct 16 09:16:59 [0x2011f3bd]: handle_clean(): Antivirus Scanned result: Clean
MESSAGE Oct 16 09:16:59 [0x2011f3bd]: [0x2011f3bd0](xxxxx.xxxxx@gmail.com)SF Policy Action: ACCEPT
MESSAGE Oct 16 09:16:59 [0x2011f3bd]: [0x2011f3bd0] Mail sent successfully with 250 2.0.0 Ok: queued as 25D0486016
MESSAGE Oct 16 09:16:59 [0x2011f3bd]: [0x2011f3bd1](xxxx@yyy.bg)SF Policy Action: ACCEPT
MESSAGE Oct 16 09:16:59 [0x2011f3bd]: [0x2011f3bd1] Mail sent successfully with 250 2.0.0 Ok: queued as 4F22D86017
INFO Oct 16 09:16:59 [0x2011f3bd]: Request: 'QUIT'

Looks like when multiple recipients are selected the "NOTIFY" header part is not forwarded to the mail server in DMZ by the Sophos mail proxy.

Is this by design? 



This thread was automatically locked due to age.
Parents Reply Children
No Data