Koozali.org: home of the SME Server

Obsolete Releases => SME Server 9.x => Topic started by: SchulzStefan on December 11, 2018, 02:58:59 PM

Title: DMARC issue with special character in company name
Post by: SchulzStefan on December 11, 2018, 02:58:59 PM

Today I got an email from DHL:

Quote

Dear ,

I'd like to notify you that the DMARC reports that are being sent out
from your email system contain a syntax error which makes the report
invalid. Could you please provide this email to someone who is
managing the email system to fix it?

The problem is in the following line:

<org_name>XYZ GmbH & Co. KG</org_name>

The & character needs to be either removed or replaced by &amp;

Thank you

Quote

The report I am talking about is report that is being sent by XYZ's email system to DHL about emails from DHL to XYZ (so the opposite way). Somewhere on servers that are sending messages out you have a setting for "aggregated DMARC reports".

Anybody with any hint where to investigate?

Thank's for any hint.

regards,
stefan

Edit:
This does not work in the server-manager:

The & character needs to be either removed or replaced by &amp;

https://forums.contribs.org/index.php/topic,53187.msg275390.html#msg275390

Title: Re: DMARC issue with special character in company name
Post by: ReetP on December 11, 2018, 04:15:02 PM

At a vague guess I think it is in the file:

/usr/bin/dmarc_send_reports

Possibly in this sectiopn

Code: [Select]

sub email {
    my ($to, $shrunk, $agg_ref) = @_;

.......

    my $from = $report->config->{organization}{email};

...........
That file is triggered by /etc/crontab

Code: [Select]

15 0 * * * qpsmtpd /usr/bin/dmarc_send_reports 2>&1 | grep -v "SSL connection failed" | logger -t "DMARC Reporting"
There is some ini data here:

Code: [Select]

cat /etc/mail-dmarc.ini
However, I am not sure where it picks up your compnay name from.

I *think* that this information is stored in the sqlite DB here (be careful with this file - take a backup before messing about with it):

Code: [Select]

/var/lib/qpsmtpd/dmarc/reports.sqlite

The simple answer is to use 'and' in your company name.

Beyond that it may take some serious to digging to find and fix.

Title: Re: DMARC issue with special character in company name
Post by: ReetP on December 11, 2018, 05:08:47 PM

Probably worth an upstream bug for this

https://github.com/msimerson/mail-dmarc

Title: Re: DMARC issue with special character in company name
Post by: mmccarn on December 12, 2018, 04:30:45 AM

My suspicion is that "XYZ GmbH & Co. KG" is the value of ldap->defaultCompany in the config database.

You can check this by running:

Code: [Select]

config show ldap

If I'm right, then I think you need to either hard-code "&amp" in ldap->defaultCompany variable, modify the template for /etc/mail-dmarc.ini to escape "&", or simply create a custom template that hardcodes the value you want for org_name.

Quote from: /etc/e-smith/templates/etc/mail-dmarc.ini/100organization

[organization]
domain             = { $DomainName }
org_name           = { $ldap{defaultCompany} || 'SME Server powered company' }
email              = { $qpsmtpd{DMARCReportEmail} || 'admin@' . $DomainName }
extra_contact_info = { $qpsmtpd{DMARCContactInfo} || 'http://' . $DomainName }

Title: Re: DMARC issue with special character in company name
Post by: ReetP on December 12, 2018, 09:57:12 AM

Nice answer Mike!!

Title: Re: DMARC issue with special character in company name
Post by: SchulzStefan on December 12, 2018, 10:28:11 AM

Quote from: mmccarn on December 12, 2018, 04:30:45 AM

My suspicion is that "XYZ GmbH & Co. KG" is the value of ldap->defaultCompany in the config database.

You can check this by running:

Code: [Select]

config show ldap

If I'm right, then I think you need to either hard-code "&amp" in ldap->defaultCompany variable, modify the template for /etc/mail-dmarc.ini to escape "&", or simply create a custom template that hardcodes the value you want for org_name.

You're right.

Interesting, while I entered in the server-manager the escape, it is not shown there. But a

#config show ldap shows
ldap=service
    Authentication=disabled
    TCPPort=389
    TCPPorts=389,636
    access=private
    defaultCity=D-7
    defaultCompany=XYZ GmbH &amp; Co. KG
    defaultDepartment=Buero
    defaultPhoneNumber=+49.(0)
    defaultStreet=Str. 99
    status=enabled

I'll ask DHL if the error is gone, and let you know.

stefan

Title: Re: DMARC issue with special character in company name
Post by: mmccarn on December 12, 2018, 12:10:58 PM

You should confirm that the org name change made it to /etc/mail-dmarc.ini:

Quote from: /etc/mail-dmarc.ini

...
[organization]
domain             = my.obfuscated.domain
org_name           = My Obfuscated Org Name
email              = admin@my.obfuscated.domain
extra_contact_info = http://my.obfuscated.domain
...

If it didn't make it there yet, run the 'email-update' event and check again:

Code: [Select]

signal-event email-update


There are a couple tools for reviewing the dmarc reports your server has sent - these may show the new organization name.

"dmarc_view_reports" lists the reports in reverse chronological order at the command line:

Code: [Select]

dmarc_view_reports |less

"dmarc_httpd" starts a web server on port 8080 to let you browse your reports:

Code: [Select]

dmarc_httpd
Then browse to http:/your-sme-server-name-or-ip:8080 from your workstation.

Title: Re: DMARC issue with special character in company name
Post by: SchulzStefan on December 12, 2018, 01:07:06 PM

Quote from: mmccarn on December 12, 2018, 12:10:58 PM

You should confirm that the org name change made it to /etc/mail-dmarc.ini:
If it didn't make it there yet, run the 'email-update' event and check again:

Code: [Select]

signal-event email-update


This seems to be imortant - without email-update the escape didn't make it in the mail-dmarc.ini.