CM Workgroup error mails are non RFC-compliant and are rejected by SMTP server

We're struggling with out customer IT department rejecting non-RFC compliant emails (as a response to SMTP Smuggling) and CM WGS getting rejected for that reason.

The problem is that 95% of the error mails that the WGS sends include bare LF character which is prohibited according to the standard: RFC-5322 section 4.1

In case 02849433 we went through support and finally got them to replicate the issue, but Dev seems incapable to do so and is determined to have our case closed.

To prevent support having to purchase/trial and configure the Cisco Secure Email Gateway that the customer is using as a frontend for their Exchange environment, we had given support 2 ways of replicating the issue by examining Wireshark capture and provided a sample SMTP server to show the issue.

Support was able to replicate the issue, but Dev isn't, which is very frustrating as that means the issue isn't going to be resolved.

This is a problem that we experience in both CM 10.0 and CM 23.4, so I think it's save to say that all versions have the same issue.

The Wireshark capture:

The custom SMTP listener sample:

Is any of you also experiencing this issue or can you replicate the issue?

For our support duties, isn't very convenient in not having immediate notifications if any issues within the CM system occur.

We would like to have this resolved asap.

Due to the security issue, the IT security department isn't willing to change the SMTP configuration.

Any help is greatly appreciated in convincing OpenText to fix this!

  • Suggested Answer

    0

    I've had something similar happen before, the best path forward is to escalate this to your OpenText partner manager.

  • 0

    Been having this issue since July and we finally identified today that this is why, we are going to be creating a ticket with OpenText but sometimes that is a real long process, i'm curious if there is a solution you found that you could share or if you are in limbo as well!

  • 0 in reply to 

    Still no luck on this one. Dev team only wants to test with Exchange which accepts the wrongly formatted mail.

    Haven't decided on how to go forward: with or without the mail.

    Trying to prevent having to setup a local SMTP server on the CM server(s) to fix the email and forward it to their IT provider SMTP relay server.'

    For the current version (10.0) we're without mail for 8 months now and surviving, but that's a version we know now. When implementing a new version, those kind if emails are usually more of a help, but everything is in the log files, so we could have closer look on them for some time after the migration...

  • 0 in reply to 

    We're a step further in this story!

    After another session with support last Friday, the dev team has accepted this issue (OCTCR52O975152) and promised to fix this in 24.4.

    Still waiting on confirmation to have this fixed in 23.4 (hotfix for patch 1) as well.

  • 0 in reply to 

    If I may add: In our TRIM Environment, since the upgrade from CM 9.4.4 to CM 23.4.1 Hotfix 3, we have a similar situation, which we are trying to fix by fixing the TRIM User Profiles , electronic - email settings in particular. Basically, some of our users were not been receiving TRIM Workflow Action Notification emails at all if their TRIM PROFILES , electronic emails were not set like this: 

    Email address must be name.surname@company.com   and in between two options: MSTP and EXCHANGE , they must be SMTP and also set to be a Default email address, 

    Note, even if the email is set like that, e.g. if a user only have one email address and it is checked to be Default one, but not "recognised" (e.g. in Bold letters") , it will not be OK, e.g. no emails would be sent/received. 

    Other issues spotted were:

    User have maiden name email address and also a married surname email address in MS Outlook, and TRIM threat this as the error

    User have multiple various email addresses in TRIM some proper one set to a default, sometimes it work OK, sometimes not,,,

    Then user have 2 same email addresses but MS Exchange type email in user profile is set as default...

    So, for the temp workaround, we do huge TRIM PROFILE clean ups....as a temp solution until 24.4 or this issue resolved by some other means..

    Once all users have only 1 email address set in TRIM profile as default and INTERNET type, not SMTP, and also "confirmed as Default, by becoming BOLD letters" then emails flowing freely 

    I hope this help/clarify our case. Anyone else have users not receiving Action email notifications these days?

    Thanks