Weird header in email body - normally from ebay emails

Report bugs and workarounds
Post Reply
andyhud
Posts: 17
Joined: 15 May 2014 14:57

Weird header in email body - normally from ebay emails

Post by andyhud »

Very odd,

If I get emails delivered "through" EFA to my mail server (Exchange) and they come from ebay then I sometimes, not all the time, get something similar to this at the top of the BODY of the email

{ "@context": "http://schema.org", "@type": "EmailMessage", "action": { "@type": "ViewAction", "url": "https://rover.ebay.com/rover/0/e145401. ... Tags=bu=bu", "name": "Track order" }, "description": "Track order" }

If however the email is delivered to my mailbox outside of EFA, I never seem to get them (if I alter MX records for example for a few days).

Any ideas?

Thanks

Andy
User avatar
shawniverson
Posts: 3640
Joined: 13 Jan 2014 23:30
Location: Indianapolis, Indiana USA
Contact:

Re: Weird header in email body - normally from ebay emails

Post by shawniverson »

Might be a suspicious HTML tag getting "disarmed," or removed, by MailScanner. This results sometimes in junk at the top of an email because it becomes incomplete HTML.
andyhud
Posts: 17
Joined: 15 May 2014 14:57

Re: Weird header in email body - normally from ebay emails

Post by andyhud »

Thanks Shawn.

Is it a corrupt mail scanner I have maybe? Or is there a setting to ignore it or otherwise? I'm on 3.0.2.6

Cheers for your help.

Andy
andyhud
Posts: 17
Joined: 15 May 2014 14:57

Re: Weird header in email body - normally from ebay emails

Post by andyhud »

Any suggestions? It seems like it only happens when emails go via EFA...

Many thanks
User avatar
shawniverson
Posts: 3640
Joined: 13 Jan 2014 23:30
Location: Indianapolis, Indiana USA
Contact:

Re: Weird header in email body - normally from ebay emails

Post by shawniverson »

Yeah, in /etc/MailScanner/MailScanner.conf

Look for this section and review your disarming options.

Code: Select all

# Do you want to allow <IFrame> tags in email messages? This is not a good
# idea as it allows various Microsoft Outlook security vulnerabilities to
# remain unprotected, but if you have a load of mailing lists sending them,
# then you will want to allow them to keep your users happy.
# Value: yes     => Allow these tags to be in the message
#        no      => Ban messages containing these tags
#        disarm  => Allow these tags, but stop these tags from working
# This can also be the filename of a ruleset, so you can allow them from
# known mailing lists but ban them from everywhere else.
Allow IFrame Tags = disarm

# Do you want to allow <Form> tags in email messages? This is a bad idea
# as these are used as scams to pursuade people to part with credit card
# information and other personal data.
# Value: yes     => Allow these tags to be in the message
#        no      => Ban messages containing these tags
#        disarm  => Allow these tags, but stop these tags from working
#                   Note: Disarming can be defeated, it is not 100% safe!
# This can also be the filename of a ruleset.
Allow Form Tags = disarm
# Do you want to allow <Script> tags in email messages? This is a bad idea
# as these are used to exploit vulnerabilities in email applications and
# web browsers.
# Value: yes     => Allow these tags to be in the message
#        no      => Ban messages containing these tags
#        disarm  => Allow these tags, but stop these tags from working
#                   Note: Disarming can be defeated, it is not 100% safe!
# This can also be the filename of a ruleset.
Allow Script Tags = disarm

# Do you want to allow <Img> tags with very small images in email messages?
# This is a bad idea as these are used as 'web bugs' to find out if a message
# has been read. It is not dangerous, it is just used to make you give away
# information.
# Value: yes     => Allow these tags to be in the message
#        disarm  => Allow these tags, but stop these tags from working
#                   Note: Disarming can be defeated, it is not 100% safe!
# Note: You cannot block messages containing web bugs as their detection
#       is very vulnerable to false alarms.
# This can also be the filename of a ruleset.
Allow WebBugs = disarm
Post Reply