Releasing emails to Exchange overcoming Message-Id

Questions and answers about how to do stuff
Post Reply
zohman
Posts: 42
Joined: 12 Sep 2015 07:36

Releasing emails to Exchange overcoming Message-Id

Post by zohman »

Hi Guys,

I just want to share some insight i have releasing messages to exchange servers (2010 or 2013) from EFA system.
i dont know if you know this but microsoft are relying on Message-id to avoid duplicates emails per mailbox,
and it is a good thing because RFC-822 saying "no two different messages must ever have the same Message-ID."

Now, lets say you delete an email from your mailbox and you want to recover it from EFA,
you release it from the EFA but it's not coming to the inbox,
the reason is because the email is still indexed with the original Message-Id in Exchange. (until ESE remove it depanding on the retntion policy)

so if you want to release emails from the EFA to your Exchange server you can release it to different mailbox or
you can tell MailScanner on mailscanner.conf to remove Message-Id:

Code: Select all

# If you are having problems with duplicate message-id headers when you
# release spam from the quarantine and send it to an Exchange server, then add
#     Message-Id.
Remove These Headers = X-Mozilla-Status: X-Mozilla-Status2: Disposition-Notification-To: Return-Receipt-To:
if you do that, Exchange wont get the original message-id of the message and it will create one for the incoming email,
and the delivery will be successful, but..
The problem that i see with this is that now MailScanner removing the Message-Id in all emails inbound and outbound,
and its not a best practise since RFC-822 also saying that every new email need to have message-id header,
it can cause that every email you relaying to the world from the EFA will be Message-Id-less and it can cause your emails
to get high scores on remote spam filters.

The solution that was good for me is to add custom header (X-EFA-Origin) to all emails that i'm releasing from EFA
and create a transport rule in Exchange to remove the Message-Id.

first step, i added this line to /etc/postfix/header_checks:

Code: Select all

/^Received:.*\[127\.0\.0\.1/ PREPEND X-EFA-Origin:Yes
when we release email from MailScanner it uses the localhost as the relay,
so i will add the header only if it come from itself.

in Exchange PowerShell past this script,

Code: Select all

New-TransportRule "Remove Message-Id Header From EFA" -HeaderMatchesMessageHeader "X-EFA-Origin" -HeaderMatchesPatterns "Yes" -RemoveHeader "Message-Id" -Comments "Message-Id Header will be removed from emails before delivery if it originated from EFA."
when email comes with X-EFA-Origin:Yes header, remove the original message-id from it
and continue the MDA processing.

Regards,
Zohman.
User avatar
shawniverson
Posts: 3573
Joined: 13 Jan 2014 23:30
Location: Indianapolis, Indiana USA
Contact:

Re: Releasing emails to Exchange overcoming Message-Id

Post by shawniverson »

To gain rfc-822 compliance...

Should we go ahead and build in X-EFA-Origin as you describe? Wouldn't be a big deal and could be useful for other things.
User avatar
pdwalker
Posts: 1444
Joined: 18 Mar 2015 09:16

Re: Releasing emails to Exchange overcoming Message-Id

Post by pdwalker »

sounds like a reasonable feature request.

the previous tip added to the wiki.
zohman
Posts: 42
Joined: 12 Sep 2015 07:36

Re: Releasing emails to Exchange overcoming Message-Id

Post by zohman »

shawniverson wrote:To gain rfc-822 compliance...

Should we go ahead and build in X-EFA-Origin as you describe? Wouldn't be a big deal and could be useful for other things.
built-in will be great,
and like you said, it can be useful for other things as well..
if we releasing from EFA to have header like X-EFA-Origin:Yes,
Thanks. :)
zohman
Posts: 42
Joined: 12 Sep 2015 07:36

Re: Releasing emails to Exchange overcoming Message-Id

Post by zohman »

Thanks,

i just want to say that i don't use
/^Received:.*\[127\.0\.0\.1/ PREPEND X-EFA-Origin:Yes
anymore to add the header, I'm using some script with check_policy_service to do that..
i found that header_checks checks one line at a time and sometimes i get a lot of Received headers with one mail that contain
all the servers that handle this particular mail..
and some mails arriving with 127.0.0.1 in their Received header already so the EFA add the X-EFA-Origin:Yes and deliver the mail,
not what we want, so make something built-in that is not based on header_checks. :)

Zohman.
wdi_mike
Posts: 1
Joined: 26 Oct 2016 22:39

Re: Releasing emails to Exchange overcoming Message-Id

Post by wdi_mike »

zohman wrote:
Thanks,

i just want to say that i don't use
/^Received:.*\[127\.0\.0\.1/ PREPEND X-EFA-Origin:Yes
anymore to add the header, I'm using some script with check_policy_service to do that..
i found that header_checks checks one line at a time and sometimes i get a lot of Received headers with one mail that contain
all the servers that handle this particular mail..
and some mails arriving with 127.0.0.1 in their Received header already so the EFA add the X-EFA-Origin:Yes and deliver the mail,
not what we want, so make something built-in that is not based on header_checks. :)

Zohman.

I hate to bring up old posts, but what script did you go with? I'm trying to work this out.
arbiterzone
Posts: 1
Joined: 22 Nov 2016 14:37

Re: Releasing emails to Exchange overcoming Message-Id

Post by arbiterzone »

I followed Zohman instructions for releasing emails to our exchange server and its not working.

Is their a way when emails are release that a new message-id is created for any emails release that way it hits our inbox of exchange?

If not how can i get it to work?

Thanks for you help
Post Reply