Date: Thu, 18 Nov 1999 09:38:11 +0100 From: "James A Wilde" <iq-unlimited@telia.com> To: <freebsd-questions@freebsd.org> Subject: Re: Corruption of file attachments passing late BSD relayers Message-ID: <007a01bf31a0$40e6d020$8c0aa8c0@hk.tbv.se> References: <015a01bf30e8$1c8298d0$8c0aa8c0@hk.tbv.se> <86r9hpw3ay.fsf@localhost.hell.gr>
next in thread | previous in thread | raw e-mail | index | archive | help
Thanks for your full and detailed reply, Giorgios.
> At first, I would like to apologize for my lengthy posting. Now let =
us
> see what we can do for your problems :)
No need to apologize. The original was also long.
>=20
> > Problem description:
> >=20
> > My employer company's new mail system comprises a Microsoft Exchange =
server
> > version 5.5 SP2 protected by a FreeBSD UNIX version 2.2.5 firewall..
>=20
> Your FreeBSD system is kind of old. Since on the www.freebsd.org =
pages
> I seem to have noticed that 2.2.8 was the first version of the
> base-system to qualify as Y2K safe, you might consider upgrading to a
> newer version. At least before Jan 1 2000 comes knocking on your =
door.
It was for just this reason that we built the new machine with v.3.1, =
and we built a new machine in order to be able to test it before the old =
one was taken out of service.
>=20
> > The internal clients use > the FreeBSD machine as their smtp =
server.
> > The system has run very > satisfactorily for about a year and a =
half.
>=20
> You are using FreeBSD as the server's OS. But what are you using as
> your smtp server or imap4 server software?
This machine is used only for sending mail. As far as I can see we are =
using the Firewall toolkits smtp-gw but I must admit I don't know =
whether than uses sendmail or smap. Imap and Pop3 services run on the =
Exchange server.
>=20
> > About three weeks ago a new smtp server was installed outside the =
firewall.
> > This runs FreeBSD UNIX version 3.1.
>=20
> What smtp server software are you using? Which version?
Juniper smtpd and smtpfwdd version 2.0
>=20
> > Almost immediately reports began to come in of corrupted file
> > attachments. Hitherto only Microsoft Word and Excel documents have
> > been examined since these were readily available.
>=20
> On a Windows platform there are lots of other binary formats you can =
use=20
> for testing how your attachments work. The executables .exe and .dll
> might be of some use, archives like .zip and/or .rar files was what I
> would use next, etc. etc. endless binary formats.
True, but the results are easier to see in a simple doc or xls file!
>=20
> > The new smtp server was at first assumed to be the cause and was =
taken
> > out of the system, whereupon the level of reports reduced =
drastically
> > but did not disappear altogether.
>=20
> Which means that the new server was not the real cause of the problem,
> but somehow helped in making things even worse.
... or that the new server displayed on 100% of outgoing messages =
behaviour which had hitherto only been shown by a small proportion of =
them.
>=20
> > Further investigation confirmed that the problem had not disappeared
> > with the removal of the smtp server. Mail passing in one direction
> > from an account with one local Internet service provider to our
> > company Exchange server could be relied upon to corrupt file
> > attachments provided the client program was configured for html
> > format.
>=20
>=20
> > Mail passing out from our Exchange server to the same account
> > was apparently not affected.
>=20
> When mail is sent from Exchange to the ISP server, the protocols
> involved are (correct me if I'm wrong):
>=20
> smtp smtp
> Exchange ------> FreeBSD ------> ISP's smtp server
I expressed myself badly here. Mail never goes from Exchange to the ISP =
since FreeBSD is the smtp server. I should have said 'when mail is sent =
from an internal client' So the picture is:
smtp
FreeBSD------------> ISP's smtp server
>=20
> This means that the following programs work correctly (at least as
> they're expected to work):
>=20
> * Your Exchange smtp forwarder.
It does, but from independent tests, not as part of standard procedure.
> * The smtp listener of your FreeBSD, and it's smtp forwarder
> (these are usually part of the same package).
Correct
> * The ISP's smtp listener.
Correct
>=20
> > Mail to and from accounts with two other major Internet service
> > providers passed without corruption of the file attachments.
>=20
> Assuming that you're using the same FreeBSD machine as above, the plan
> now would be something like:
Corrected:
>=20
> smtp
> FreeBSD <------> ISP's smtp server
> :
> : later on
> imap4 :
> Outlook <-------> FreeBSD
>=20
> > File attachments to mail from our Exchange server back to our =
Exchange
> > server routed via the new smtp server were also corrupted in a
> > reproducible manner.
>=20
> The fact that your attachments are corrupted means that one of the
> programs involved in this type of connection does not work as =
expected.
> Let's see what programs are involved:
>=20
> * The ISP's smtp forwarder.
Not known
> * The FreeBSD's smtp listener.
On the new FreeBSD machine this is Juniper smtpd and smtpfwdd
> * The imap4 server on FreeBSD.
The imap4 server is on Exchange not FreeBSD.
* a fourth alternative is some function of the opsys on FreeBSD and =
the ISPs machine
>=20
> You can check if mail reaches the FreeBSD machine without being
> corrupted by your ISP's smtp forwarder or the FreeBSD listener, by the
> following simple process. Install some mail user agent on the FreeBSD
> machine; well known such programs include Pine, Mutt, elm, etc. Then
> (after making sure that imap4 server is not running) copy a mailbox =
that=20
> contains some attachments to /tmp and restart imap4 server, so as not =
to=20
> hinder the users trying to access their mail through imap4. Then open
> the mailbox with a mail user agent in FreeBSD, and see if you can
> extract the attached documents. Check with a non-corrupted copy of =
the
> documents to see if you managed to extract them correctly. This can =
be
> as simple as FTP'ing a copy of the documents, and using cmp(1) as in:
>=20
> % cmp good.doc attached.doc ; echo $?
>=20
> if that prints zero (0), then the attached document is fine.
Can one not simply mail to an account on this machine? And can one not =
draw the conclusion that, since the other (older) smtp machine, running =
FreeBSD 2.2.5, receives corrupted files from the affected ISP and not =
from the other ISPs that the corruption takes place at the ISP machine?
Thanks again for making me critically examine what I have done to date =
and trying to formulate a procedure for the next stage.
mvh/regards
James Wilde
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?007a01bf31a0$40e6d020$8c0aa8c0>