Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Malformed Message-ID

341 views
Skip to first unread message

Dan Schuster

unread,
Sep 22, 2004, 3:26:17 PM9/22/04
to
Some emails passing into and out of our Sendmail 8.12.6 system have
what look like malformed Message IDs that look like:

Message-ID: <!~!UENERkVCMDkAAQACAI4AAAAAAAAAOKG7EAXlEBqhuwgAKypWwgAARU1TTURCLkRMTAAAAAAAAAAAG1X6IKpmEc2byACqAC/EWgwAAABUTFJVU01ORUFHTUJYMDMAL289VGhvbXNvbi9vdT1GaXJzdCBBZG1pbmlzdHJhdGl2ZSBHcm91cC9jbj1SZWNpcGllbnRzL2NuPTAwMzU4OTEALgAAAAAAAADMmZarxf56SLlB6BsYNBEKAQCWcO8/WIGeTLl1DefRoo+IAAAABAhPAAAAAAAALgAAAAAAAADMmZarxf56SLlB6BsYNBEKAQCWcO8/WIGeTLl1DefRoo+IAAAABAhQAAAQAAAAP8FqVGJsSkW85O4ObXi9yjAAAABS
TogVXBkYXRlIG9uIGVtYWlscyBiZXR3ZWVuIENoaWNhZ28gYW5kIEVhZ2FuPwA=@barbrigroup.com>

Has anyone see msgids that start with "!~!" ? Is there any
possibility that sendmail could be causing this? It seems to happen
more with internal Outlook users relaying email through the systems
but have also seen it on inbound mail destined to our domain as well.

TIA,
-Dan

Neil W Rickert

unread,
Sep 22, 2004, 4:36:43 PM9/22/04
to
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

danwes...@hotmail.com (Dan Schuster) writes:

>Some emails passing into and out of our Sendmail 8.12.6 system have
>what look like malformed Message IDs that look like:

>Message-ID: <!~!UENERkVCMDkAAQACAI4AAAAAAAAAOKG7EAXlEBqhuwgAKypWwgAARU1TTURCLkRMTAAAAAAAAAAAG1X6IKpmEc2byACqAC/EWgwAAABUTFJVU01ORUFHTUJYMDMAL289VGhvbXNvbi9vdT1GaXJzdCBBZG1pbmlzdHJhdGl2ZSBHcm91cC9jbj1SZWNpcGllbnRzL2NuPTAwMzU4OTEALgAAAAAAAADMmZarxf56SLlB6BsYNBEKAQCWcO8/WIGeTLl1DefRoo+IAAAABAhPAAAAAAAALgAAAAAAAADMmZarxf56SLlB6BsYNBEKAQCWcO8/WIGeTLl1DefRoo+IAAAABAhQAAAQAAAAP8FqVGJsSkW85O4ObXi9yjAAAABS
>TogVXBkYXRlIG9uIGVtYWlscyBiZXR3ZWVuIENoaWNhZ28gYW5kIEVhZ2FuPwA=@barbrigroup.com>

>Has anyone see msgids that start with "!~!" ?

Yes, I see some of those.

> Is there any
>possibility that sendmail could be causing this?

Only if you went out of your way to configure sendmail to do
this. Normal sendmail msgids don't look at all like this.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (SunOS)

iD8DBQFBUeJXvmGe70vHPUMRAg6CAJ9/6igBfW3yq4766fkNqtp7rfuykACfY7ez
Hixzz3DDVfZm6v94n6Ijrts=
=6yuy
-----END PGP SIGNATURE-----

Jochen Bern

unread,
Sep 22, 2004, 5:39:23 PM9/22/04
to
Neil W Rickert wrote:
> Normal sendmail msgids don't look at all like this.

To be precise,

bern% grep Message-Id: /etc/mail/*.cf
/etc/mail/sendmail.cf:H?M?Resent-Message-Id: <$t.$i@$j>
/etc/mail/sendmail.cf:H?M?Message-Id: <$t.$i@$j>
/etc/mail/submit.cf:H?M?Resent-Message-Id: <$t.$i@$j>
/etc/mail/submit.cf:H?M?Message-Id: <$t.$i@$j>

I have a legitimate email on record with that kind of weird Message-Id.
The "software" involved were "Microsoft Office Outlook, Build
11.0.5510", with a MIME multipart/signed signature, and a commercial
(probably innocent, hence unnamed) email ISP with servers based on exim.

Regards,
J. Bern

Dan Schuster

unread,
Sep 23, 2004, 9:48:36 AM9/23/04
to
Jochen Bern <be...@ti.uni-trier.de> wrote in message news:<cisreb$675$1...@news.kamp.net>...

> I have a legitimate email on record with that kind of weird Message-Id.
> The "software" involved were "Microsoft Office Outlook, Build
> 11.0.5510", with a MIME multipart/signed signature, and a commercial
> (probably innocent, hence unnamed) email ISP with servers based on exim.

I see it with X-Mailer: Microsoft Outlook, Build 10.0.6626

The reason this causes us problems is that we have found that Exchange
200x only looks at the first 212 characters of the message id to
determin uniqueness. Repeated messages with this long message id that
only change the last 100 characters of the msgid are showing up as
duplicates in Ex2000.

My Sendmail Question: Could sendmail look for msgids that start with
!~! and remove them and insert its own instead? This would be a work
around for our Outlook clients that AUTH relay through sendmail with
these malformed ids.

Thanks again,
-Dan

Jochen Bern

unread,
Sep 23, 2004, 11:27:10 AM9/23/04
to
Dan Schuster wrote:
> My Sendmail Question: Could sendmail look for msgids that start with
> !~! and remove them and insert its own instead?

sendmail itself has a serious problem with removing headers, and most
probably another one with doing it so early on that the normal
give-email-a-Message-Id-if-it-doesnt-have-one-yet mechanism will kick
in. This sounds like a job for a Milter to me. Alternatively, if you can
have your sendmail pass the emails through the procmail mailer before
relaying them to the ExchangeMe server, a recipe like:

:0Hhf
* ^Message-Id:.*<!~!.*@barbrigroup.com>
| sed -e "/^[Mm]essage-[Ii][Dd]:/s/<!~!.*@/<`date +%s`.$$.replaced@/"

(special chars might need add'l escaping ...) should do the trick.

Regards,
J. Bern

0 new messages