Results 1 to 11 of 11
  1. #1
    4 Star Lounger
    Join Date
    Jan 2001
    Location
    Richmond, Virginia, USA
    Posts
    416
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Raptor Firewall, Exchange 2000 & long line length

    We have been getting the following returned error message on outgoing emails rather frequently:
    <hr>The destination system is currently not accepting any messages. Please retry at a later time. If that fails, contact your system administrator.<hr>
    The firewall is rejecting our mail with the following error message:
    <hr>218 smtpd: Invalid SMTP protocol: Overly long line received from ourworldsecureserver.com ([ internal ip address ]) (3512 bytes received. Configured: smtpd.max_body_line_length=2048)<hr>
    We have set a max body line length of 2048 on our Firewall per instruction by Symantec (Raptor Firewall). Does anyone know where/how we can tell Exchange 2000 to truncate lines somewhere under 2048? We can't find the setting anywhere.

    Thank you,
    Becky

  2. #2
    Super Moderator jscher2000's Avatar
    Join Date
    Feb 2001
    Location
    Silicon Valley, USA
    Posts
    23,112
    Thanks
    5
    Thanked 93 Times in 89 Posts

    Re: Raptor Firewall, Exchange 2000 & long line length

    I know hardly anything about Exchange, so I can't answer your question, BUT, can you tell whether this is tied to a less-used encoding scheme such as base64? Maybe the problem is created and can be fixed on the client side...

  3. #3
    4 Star Lounger
    Join Date
    Jan 2001
    Location
    Richmond, Virginia, USA
    Posts
    416
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Raptor Firewall, Exchange 2000 & long line length

    Sorry, I don't know the answer to your question (probably because it doesn't apply?), but I can provide a bit more background that I obviously omitted on my original post. <img src=/S/scold.gif border=0 alt=scold width=50 height=15>

    The messages that are rejected originate from people in our office. We use Outlook 2002 (SP-2) on our desktops. Some of the emails are replies, and some are original messages (it doesn't seem to matter). It does not matter what domain they are addressed to, so it looks like the firewall is rejecting them on the grounds of the data in the message and not anything else.

    I think that covers everything. <img src=/S/sigh.gif border=0 alt=sigh width=15 height=15>
    Thank you,
    Becky

  4. #4
    Super Moderator jscher2000's Avatar
    Join Date
    Feb 2001
    Location
    Silicon Valley, USA
    Posts
    23,112
    Thanks
    5
    Thanked 93 Times in 89 Posts

    Re: Raptor Firewall, Exchange 2000 & long line length

    In Outlook 2000, the user could choose three different types of MIME encoding for 8-bit data: (1) none, (2) quoted printable, and (3)

  5. #5
    Platinum Lounger
    Join Date
    Jan 2001
    Location
    Roanoke area, Virginia, USA
    Posts
    3,729
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Raptor Firewall, Exchange 2000 & long line length

    is there any thing similar about the rejected messages - such as they are over a certian size? Body line length is another way to measure message size.

    What is the max message size in exchange? I think default 2048 kb, but that doesn't equal 2048 lines.

    Does the documentation for the firewall mention what setting is for?

  6. #6
    Platinum Lounger
    Join Date
    Jan 2001
    Location
    Roanoke area, Virginia, USA
    Posts
    3,729
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Raptor Firewall, Exchange 2000 & long line length

    i should have googled it before replying. it looks like is it line length. Outlook can have unlimited line lengths - until the sender hits Enter to start a new paragraph. you can control this in exchange - global settings, internet message format, advanced tab. Default is never.

  7. #7
    4 Star Lounger
    Join Date
    Jan 2001
    Location
    Richmond, Virginia, USA
    Posts
    416
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Raptor Firewall, Exchange 2000 & long line length

    <img src=/S/cheers.gif border=0 alt=cheers width=30 height=16> Thanks! I'll have my boss apply that change on Monday. We kind of stuck a band-aid on the problem by forcing all mail to leave here using Rich Text Format. We're not sure what bad things might happen because of it, so I'm glad we have a "real" fix.

    Thanks again!
    Becky

  8. #8
    4 Star Lounger
    Join Date
    Jan 2001
    Location
    Richmond, Virginia, USA
    Posts
    416
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Raptor Firewall, Exchange 2000 & long line length

    Unfortunately, making that change in Exchange didn't resolve the problem. We found out that we can't use Rich Text Format as the default because it makes all of our Word attachments come through as winmail.dat files (and I have no idea why that would happen).

    Any other suggestions?
    Becky

  9. #9
    Super Moderator jscher2000's Avatar
    Join Date
    Feb 2001
    Location
    Silicon Valley, USA
    Posts
    23,112
    Thanks
    5
    Thanked 93 Times in 89 Posts

    Re: Raptor Firewall, Exchange 2000 & long line length

    Tell the users to write shorter paragraphs?

    But seriously, why impose this restriction on outbound messages? What is Symantec's rationale for that?

  10. #10
    4 Star Lounger
    Join Date
    Jan 2001
    Location
    Richmond, Virginia, USA
    Posts
    416
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Raptor Firewall, Exchange 2000 & long line length

    The interesting thing is, the paragraphs aren't longer than the 2048. One email with a particularly long paragraph (1902 including spaces) comes back, but another fails with its longest paragraph being 601 characters including spaces.

    Unfortunately, the switch to control the line length for messages works both on outbound and inbound messages. There isn't a seperate setting for each. Here's Symantec's KB Article on the subject. It's a security thing.

    Thanks,
    Becky

  11. #11
    Super Moderator jscher2000's Avatar
    Join Date
    Feb 2001
    Location
    Silicon Valley, USA
    Posts
    23,112
    Thanks
    5
    Thanked 93 Times in 89 Posts

    Re: Raptor Firewall, Exchange 2000 & long line length

    I see, it's a general prophylactic against buffer overflows. I guess most buffer overflows will be longer than 1KB (or 2KB in your case).

    But the article refers only to inbound messages &mdash; traversing the firewall from the untrusted outside to the trusted inside. I guess your Exchange Server's SMTP component must be outside the firewall. Probably there's no way to trust it then. Bummer. You could create separate SMTP servers for inside and outside users; just what the IT budget doesn't need. <img src=/S/smile.gif border=0 alt=smile width=15 height=15>

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •