TTT Testing

33 views
Skip to first unread message

Vallejo, Isaiah

unread,
Jul 6, 2016, 2:27:46 PM7/6/16
to transport-t...@googlegroups.com, Gilbert, Rachel, Wikle, Allison

Hello,

 

We are sending emails to the TTT testing tool at http://transport-testing.nist.gov/ttt/.

 

We have sent emails from the Direct address Kris.D...@direct.cgmus.com.  The mail server initially logs a warning, but does appear to eventually send and process the email.  Below is the output found in the logs.  We are not receiving any follow up email from the TTT tool, although we have associated Kris.D...@direct.cgmus.com with the results email t...@cgmus.com.

 

Are our emails making it through?  Does it simply take some time for emails sent to the tool to be processed?

 

Jul 06, 2016 10:53:28 AM org.nhindirect.gateway.smtp.james.mailet.NHINDSecurityAndTrustMailet service

INFO: Proccessing incoming message from sender Kris.D...@direct.cgmus.com

Jul 06, 2016 10:53:28 AM org.nhindirect.common.audit.impl.LoggingAuditor writeEvent

INFO: [DIRECT AUDIT EVENT]^M

        EVENT ID: c0fed4cb-aa86-4427-8a4a-64f0c1e85709^M

        EVENT PRINCIPAL: STAgent@p-ehr-drgw-app0^M

        EVENT CATEGORY: Outgoing Direct Message^M

        EVENT MESSAGE: SMTP Direct Message Processing^M

        EVENT CONTEXTS^M

                message-id:<1637590055.12528.14678...@direct.cgmus.com>^M

                from:Kris.D...@direct.cgmus.com^M

                to:direct-a...@transport-testing.nist.gov

Jul 06, 2016 10:53:28 AM org.nhindirect.stagent.cert.impl.CRLRevocationManager isRevoked

WARNING: Cannot find a CRL for certificate.^M

        DN: E=direct.cgmus.com,CN=direct.cgmus.com,C=US,ST=Massachusetts,L=Boston,O=CompuGroup Medical USA^M

        Serial Number: 147a5cab1d254441

Jul 06, 2016 10:53:54 AM org.nhind.james.matcher.RecipientIsXdAndNotSMIME match

INFO: Attempting to match XD recipients

Jul 06, 2016 10:53:54 AM org.nhind.james.matcher.RecipientIsXdAndNotSMIME match

INFO: MimeMessage is SMIME, skipping

Jul 06, 2016 10:53:54 AM org.nhind.james.matcher.RecipientIsNotXd match

INFO: Attempting to match non-XD recipients

Jul 06, 2016 10:53:54 AM org.nhind.james.matcher.RecipientIsNotXd match

INFO: Matched recipient direct-a...@transport-testing.nist.gov

 

 

 

Isaiah Vallejo

Systems Administrator, Hosted Services

GROUP IT, USA

 

 

 

CompuGroup Medical US

3300 N Central Ave Suite 2100

Phoenix, AZ 85012

 

o: 602-277-6277x4104

c: 480-369-5292

f: 602-288-3530

 

isaiah....@cgm.com
www.CGMus.com

 

 

Synchronizing Healthcare

Before printing, think about the environment.

CompuGroup Medical Confidentiality Notice: The information contained in this message, including any attachments, is confidential and may contain Protected Health Information or may be otherwise legally privileged. This message is intended solely for the addressee(s). If you are not the intended recipient, be advised that any unauthorized use, disclosure, copying, distribution or the taking of any action in reliance on the contents of this information is strictly prohibited, may be unlawful and may subject you to liability. If you have received this message in error, please contact the sender by return phone, email or fax and destroy all copies of the original message.

 

Andrew McCaffrey

unread,
Jul 6, 2016, 2:34:40 PM7/6/16
to Vallejo, Isaiah, transport-t...@googlegroups.com, Gilbert, Rachel, Wikle, Allison

Hi,

The messages are being rejected because we see them coming across as
"kris.d...@direct.cgmus.com" (note lower-case) and we are expecting
"Kris.D...@direct.cgmus.com". (The local mailbox part of an email
address is case sensitive.)

If you send with the mixed case or register the lower case version, you
should start to see the validation reports.

Thanks,
-Andrew

On 07/06/2016 02:27 PM, Vallejo, Isaiah wrote:
> Hello,
>
> We are sending emails to the TTT testing tool at
> http://transport-testing.nist.gov/ttt/.
>
> We have sent emails from the Direct address
> Kris.D...@direct.cgmus.com <mailto:Kris.D...@direct.cgmus.com>.
> The mail server initially logs a warning, but does appear to eventually
> send and process the email. Below is the output found in the logs. We
> are not receiving any follow up email from the TTT tool, although we
> have associated Kris.D...@direct.cgmus.com
> <mailto:Kris.D...@direct.cgmus.com> with the results email
> t...@cgmus.com <mailto:t...@cgmus.com>.
> *Isaiah Vallejo*
>
> *Systems Administrator, Hosted Services*
>
> *GROUP IT, USA*
>
> CompuGroup Medical US
>
> 3300 N Central Ave Suite 2100
>
> Phoenix, AZ 85012
>
> o: 602-277-6277x4104
>
> c: 480-369-5292
>
> f: 602-288-3530
>
> isaiah....@cgm.com <mailto:isaiah....@cgm.com>
> *www.CGMus.com <http://www.cgmus.com/>***
>
> **
>
> *Synchronizing Healthcare*
>
> *Before printing, think about the environment.*
>
> *CompuGroup Medical Confidentiality Notice:*The information contained in
> this message, including any attachments, is confidential and may contain
> Protected Health Information or may be otherwise legally privileged.
> This message is intended solely for the addressee(s). If you are not the
> intended recipient, be advised that any unauthorized use, disclosure,
> copying, distribution or the taking of any action in reliance on the
> contents of this information is strictly prohibited, may be unlawful and
> may subject you to liability. If you have received this message in
> error, please contact the sender by return phone, email or fax and
> destroy all copies of the original message.
>
> --
> You received this message because you are subscribed to the Google
> Groups "Transport Testing Tool" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to transport-testing...@googlegroups.com
> <mailto:transport-testing...@googlegroups.com>.
> For more options, visit https://groups.google.com/d/optout.

Vallejo, Isaiah

unread,
Jul 6, 2016, 4:16:55 PM7/6/16
to Andrew McCaffrey, transport-t...@googlegroups.com, Gilbert, Rachel, Wikle, Allison
Thanks Andrew, that was the solution. We really appreciate your guidance!



Isaiah Vallejo
Systems Administrator, Hosted Services
GROUP IT, USA
 


 
CompuGroup Medical US
3300 N Central Ave Suite 2100
Phoenix, AZ 85012
 
o: 602-277-6277x4104
c: 480-369-5292
f: 602-288-3530

isaiah....@cgm.com
www.CGMus.com
 

Synchronizing Healthcare
Before printing, think about the environment.
CompuGroup Medical Confidentiality Notice: The information contained in this message, including any attachments, is confidential and may contain Protected Health Information or may be otherwise legally privileged. This message is intended solely for the addressee(s). If you are not the intended recipient, be advised that any unauthorized use, disclosure, copying, distribution or the taking of any action in reliance on the contents of this information is strictly prohibited, may be unlawful and may subject you to liability. If you have received this message in error, please contact the sender by return phone, email or fax and destroy all copies of the original message.

BShur

unread,
Jul 7, 2016, 3:22:50 PM7/7/16
to Transport Testing Tool, rachel....@cgm.com, alliso...@cgm.com, isaiah....@cgm.com
Having learned this feature the hard way trying to register addresses in TTT, I was always curious about this insistence on following the letter of the RFC5321, but not the practice note in the same RFC:

However, exploiting the case sensitivity of mailbox local-parts impedes interoperability and is discouraged.  Mailbox domains follow normal DNS rules and are hence 
not case sensitive.

More about this in RFC2821 (sect. 4.1.2):

      Mailbox = Local-part "@" Domain

      Local-part = Dot-string / Quoted-string
            ; MAY be case-sensitive

   ...
   While the above definition for Local-part is relatively permissive,
   for maximum interoperability, a host that expects to receive mail
   SHOULD avoid defining mailboxes where the Local-part requires (or
   uses) the Quoted-string form or where the Local-part is case-
   sensitive.

Direct is all about maximum interoperability and considering that a Direct email address has to be converted into DNS name (decidedly non-case sensitive) in order to look up its encryption certificate, this is even more strange. Following the logic of treating local part as case-sensitive, there should be two different certificates somewhere, one for kris.d... and another, different one, for Kris.D...  - and it cannot happen - see above re: "normal DNS rules". Same with the signing certificate - if it is an address-bound cert, does TTT require that RFC822Name in the SAN has the same exact case as the email address?

On Wednesday, July 6, 2016 at 2:27:46 PM UTC-4, Vallejo, Isaiah wrote:

Hello,

 

We are sending emails to the TTT testing tool at http://transport-testing.nist.gov/ttt/.

 

We have sent emails from the Direct address Kris.D...@direct.cgmus.com.  The mail server initially logs a warning, but does appear to eventually send and process the email.  Below is the output found in the logs.  We are not receiving any follow up email from the TTT tool, although we have associated Kris.D...@direct.cgmus.com with the results email t...@cgmus.com.

 

Are our emails making it through?  Does it simply take some time for emails sent to the tool to be processed?

 

Jul 06, 2016 10:53:28 AM org.nhindirect.gateway.smtp.james.mailet.NHINDSecurityAndTrustMailet service

INFO: Proccessing incoming message from sender Kris.D...@direct.cgmus.com

Jul 06, 2016 10:53:28 AM org.nhindirect.common.audit.impl.LoggingAuditor writeEvent

INFO: [DIRECT AUDIT EVENT]^M

        EVENT ID: c0fed4cb-aa86-4427-8a4a-64f0c1e85709^M

        EVENT PRINCIPAL: STAgent@p-ehr-drgw-app0^M

        EVENT CATEGORY: Outgoing Direct Message^M

        EVENT MESSAGE: SMTP Direct Message Processing^M

        EVENT CONTEXTS^M

                message-id:<1637590055.12528.1467827605712.JavaMail.root@direct.cgmus.com>^M

                from:Kris...@direct.cgmus.com^M

                to:direct-...@transport-testing.nist.gov

Andrew McCaffrey

unread,
Jul 7, 2016, 3:48:51 PM7/7/16
to BShur, Transport Testing Tool, rachel....@cgm.com, alliso...@cgm.com, isaiah....@cgm.com
Hi,

This particular feature only pertains to matching the direct address to
the registered contact address for the purposes of sending a validation
report. As a conformance testing tool we're obliged to follow the
"letter of the law" even if real world practices may not necessarily be
as strict.

-Andrew McCaffrey
> <http://transport-testing.nist.gov/ttt/>.
>
> We have sent emails from the Direct address
> Kris.D...@direct.cgmus.com <javascript:>. The mail server initially
> logs a warning, but does appear to eventually send and process the
> email. Below is the output found in the logs. We are not receiving
> any follow up email from the TTT tool, although we have associated
> Kris.D...@direct.cgmus.com <javascript:> with the results email
> t...@cgmus.com <javascript:>.
>
> Are our emails making it through? Does it simply take some time for
> emails sent to the tool to be processed?
>
> Jul 06, 2016 10:53:28 AM
> org.nhindirect.gateway.smtp.james.mailet.NHINDSecurityAndTrustMailet
> service
>
> INFO: Proccessing incoming message from sender
> Kris.D...@direct.cgmus.com <javascript:>
>
> Jul 06, 2016 10:53:28 AM
> org.nhindirect.common.audit.impl.LoggingAuditor writeEvent
>
> INFO: [DIRECT AUDIT EVENT]^M
>
> EVENT ID: c0fed4cb-aa86-4427-8a4a-64f0c1e85709^M
>
> EVENT PRINCIPAL: STAgent@p-ehr-drgw-app0^M
>
> EVENT CATEGORY: Outgoing Direct Message^M
>
> EVENT MESSAGE: SMTP Direct Message Processing^M
>
> EVENT CONTEXTS^M
>
>
> message-id:<1637590055.12528.14678...@direct.cgmus.com
> <javascript:>>^M
>
> from:Kris...@direct.cgmus.com <javascript:>^M
>
> to:direct-...@transport-testing.nist.gov <javascript:>
>
> Jul 06, 2016 10:53:28 AM
> org.nhindirect.stagent.cert.impl.CRLRevocationManager isRevoked
>
> WARNING: Cannot find a CRL for certificate.^M
>
> DN: E=direct.cgmus.com
> <http://direct.cgmus.com>,CN=direct.cgmus.com
> <http://direct.cgmus.com>,C=US,ST=Massachusetts,L=Boston,O=CompuGroup Medical
> USA^M
>
> Serial Number: 147a5cab1d254441
>
> Jul 06, 2016 10:53:54 AM
> org.nhind.james.matcher.RecipientIsXdAndNotSMIME match
>
> INFO: Attempting to match XD recipients
>
> Jul 06, 2016 10:53:54 AM
> org.nhind.james.matcher.RecipientIsXdAndNotSMIME match
>
> INFO: MimeMessage is SMIME, skipping
>
> Jul 06, 2016 10:53:54 AM org.nhind.james.matcher.RecipientIsNotXd match
>
> INFO: Attempting to match non-XD recipients
>
> Jul 06, 2016 10:53:54 AM org.nhind.james.matcher.RecipientIsNotXd match
>
> INFO: Matched recipient direct-a...@transport-testing.nist.gov
> <javascript:>
>
> *Isaiah Vallejo*
>
> *Systems Administrator, Hosted Services*
>
> *GROUP IT, USA*
>
> CompuGroup Medical US
>
> 3300 N Central Ave Suite 2100
>
> Phoenix, AZ 85012
>
> o: 602-277-6277x4104
>
> c: 480-369-5292
>
> f: 602-288-3530
>
> isaiah....@cgm.com <javascript:>
> *www.CGMus.com <http://www.cgmus.com/>***
>
> **
>
> *Synchronizing Healthcare*
>
> *Before printing, think about the environment.*
>
> *CompuGroup Medical Confidentiality Notice:*The information
> contained in this message, including any attachments, is
> confidential and may contain Protected Health Information or may be
> otherwise legally privileged. This message is intended solely for
> the addressee(s). If you are not the intended recipient, be advised
> that any unauthorized use, disclosure, copying, distribution or the
> taking of any action in reliance on the contents of this information
> is strictly prohibited, may be unlawful and may subject you to
> liability. If you have received this message in error, please
> contact the sender by return phone, email or fax and destroy all
> copies of the original message.
>
Reply all
Reply to author
Forward
0 new messages