Weird header in email body - normally from ebay emails

Report bugs and workarounds
Post Reply
andyhud
Posts: 17
Joined: 15 May 2014 14:57

Weird header in email body - normally from ebay emails

Post by andyhud » 15 Oct 2019 15:54

Very odd,

If I get emails delivered "through" EFA to my mail server (Exchange) and they come from ebay then I sometimes, not all the time, get something similar to this at the top of the BODY of the email

{ "@context": "http://schema.org", "@type": "EmailMessage", "action": { "@type": "ViewAction", "url": "https://rover.ebay.com/rover/0/e145401. ... Tags=bu=bu", "name": "Track order" }, "description": "Track order" }

If however the email is delivered to my mailbox outside of EFA, I never seem to get them (if I alter MX records for example for a few days).

Any ideas?

Thanks

Andy

User avatar
shawniverson
Posts: 2897
Joined: 13 Jan 2014 23:30
Location: Rushville, Indiana, USA
Contact:

Re: Weird header in email body - normally from ebay emails

Post by shawniverson » 15 Oct 2019 18:38

Might be a suspicious HTML tag getting "disarmed," or removed, by MailScanner. This results sometimes in junk at the top of an email because it becomes incomplete HTML.
Version eFa 4.0.0 now available!

andyhud
Posts: 17
Joined: 15 May 2014 14:57

Re: Weird header in email body - normally from ebay emails

Post by andyhud » 15 Oct 2019 18:56

Thanks Shawn.

Is it a corrupt mail scanner I have maybe? Or is there a setting to ignore it or otherwise? I'm on 3.0.2.6

Cheers for your help.

Andy

andyhud
Posts: 17
Joined: 15 May 2014 14:57

Re: Weird header in email body - normally from ebay emails

Post by andyhud » 17 Oct 2019 09:39

Any suggestions? It seems like it only happens when emails go via EFA...

Many thanks

User avatar
shawniverson
Posts: 2897
Joined: 13 Jan 2014 23:30
Location: Rushville, Indiana, USA
Contact:

Re: Weird header in email body - normally from ebay emails

Post by shawniverson » 18 Oct 2019 15:10

Yeah, in /etc/MailScanner/MailScanner.conf

Look for this section and review your disarming options.

Code: Select all

# Do you want to allow <IFrame> tags in email messages? This is not a good
# idea as it allows various Microsoft Outlook security vulnerabilities to
# remain unprotected, but if you have a load of mailing lists sending them,
# then you will want to allow them to keep your users happy.
# Value: yes     => Allow these tags to be in the message
#        no      => Ban messages containing these tags
#        disarm  => Allow these tags, but stop these tags from working
# This can also be the filename of a ruleset, so you can allow them from
# known mailing lists but ban them from everywhere else.
Allow IFrame Tags = disarm

# Do you want to allow <Form> tags in email messages? This is a bad idea
# as these are used as scams to pursuade people to part with credit card
# information and other personal data.
# Value: yes     => Allow these tags to be in the message
#        no      => Ban messages containing these tags
#        disarm  => Allow these tags, but stop these tags from working
#                   Note: Disarming can be defeated, it is not 100% safe!
# This can also be the filename of a ruleset.
Allow Form Tags = disarm
# Do you want to allow <Script> tags in email messages? This is a bad idea
# as these are used to exploit vulnerabilities in email applications and
# web browsers.
# Value: yes     => Allow these tags to be in the message
#        no      => Ban messages containing these tags
#        disarm  => Allow these tags, but stop these tags from working
#                   Note: Disarming can be defeated, it is not 100% safe!
# This can also be the filename of a ruleset.
Allow Script Tags = disarm

# Do you want to allow <Img> tags with very small images in email messages?
# This is a bad idea as these are used as 'web bugs' to find out if a message
# has been read. It is not dangerous, it is just used to make you give away
# information.
# Value: yes     => Allow these tags to be in the message
#        disarm  => Allow these tags, but stop these tags from working
#                   Note: Disarming can be defeated, it is not 100% safe!
# Note: You cannot block messages containing web bugs as their detection
#       is very vulnerable to false alarms.
# This can also be the filename of a ruleset.
Allow WebBugs = disarm
Version eFa 4.0.0 now available!

Post Reply