CM Workgroup error mails are non RFC-compliant and are rejected by SMTP server

We're struggling with out customer IT department rejecting non-RFC compliant emails (as a response to SMTP Smuggling) and CM WGS getting rejected for that reason.

The problem is that 95% of the error mails that the WGS sends include bare LF character which is prohibited according to the standard: RFC-5322 section 4.1

In case 02849433 we went through support and finally got them to replicate the issue, but Dev seems incapable to do so and is determined to have our case closed.

To prevent support having to purchase/trial and configure the Cisco Secure Email Gateway that the customer is using as a frontend for their Exchange environment, we had given support 2 ways of replicating the issue by examining Wireshark capture and provided a sample SMTP server to show the issue.

Support was able to replicate the issue, but Dev isn't, which is very frustrating as that means the issue isn't going to be resolved.

This is a problem that we experience in both CM 10.0 and CM 23.4, so I think it's save to say that all versions have the same issue.

The Wireshark capture:

The custom SMTP listener sample:

Is any of you also experiencing this issue or can you replicate the issue?

For our support duties, isn't very convenient in not having immediate notifications if any issues within the CM system occur.

We would like to have this resolved asap.

Due to the security issue, the IT security department isn't willing to change the SMTP configuration.

Any help is greatly appreciated in convincing OpenText to fix this!

  • Suggested Answer

    0

    I've had something similar happen before, the best path forward is to escalate this to your OpenText partner manager.

  • 0

    Been having this issue since July and we finally identified today that this is why, we are going to be creating a ticket with OpenText but sometimes that is a real long process, i'm curious if there is a solution you found that you could share or if you are in limbo as well!

  • 0 in reply to 

    Still no luck on this one. Dev team only wants to test with Exchange which accepts the wrongly formatted mail.

    Haven't decided on how to go forward: with or without the mail.

    Trying to prevent having to setup a local SMTP server on the CM server(s) to fix the email and forward it to their IT provider SMTP relay server.'

    For the current version (10.0) we're without mail for 8 months now and surviving, but that's a version we know now. When implementing a new version, those kind if emails are usually more of a help, but everything is in the log files, so we could have closer look on them for some time after the migration...

  • 0 in reply to 

    We're a step further in this story!

    After another session with support last Friday, the dev team has accepted this issue (OCTCR52O975152) and promised to fix this in 24.4.

    Still waiting on confirmation to have this fixed in 23.4 (hotfix for patch 1) as well.