Winmail.dat contents extracted but not replaced

Bugs in eFa 4
Post Reply
victorburgos
Posts: 17
Joined: 13 May 2017 20:53

Winmail.dat contents extracted but not replaced

Post by victorburgos » 23 Feb 2021 19:06

According to this logs, the contents inside winmail.dat were extracted and winmail.dat was removed.

Code: Select all

Feb 23 17:18:45 filtro MailScanner[15028]: Expanding TNEF archive at /var/spool/MailScanner/incoming/15028/4DlPPG112Dz3xBCt/winmail.dat
Feb 23 17:18:45 filtro MailScanner[15028]: Message 4DlPPG112Dz3xBCt added TNEF contents timage001.png,tX_20210223_529.pdf
Feb 23 17:18:45 filtro MailScanner[15028]: Message 4DlPPG112Dz3xBCt has had TNEF winmail.dat removed
Feb 23 17:18:50 filtro MailScanner[15028]: Requeue: 4DlPPG112Dz3xBCt to 4DlPPQ3kzPzxBCt
However, my customer receives winmail.dat

When I check the message, I see there is winmail.dat instead of timage001.png and tX_20210223_529.pdf.
winmail-dat.png
winmail-dat.png (26.6 KiB) Viewed 927 times
This are my TNEF settings
tnef settings.png
tnef settings.png (8.8 KiB) Viewed 927 times
This is my TNEF module version:

Code: Select all

0.18    Convert::TNEF
When I read "added TNEF contents timage001.png,tX_20210223_529.pdf" and then "TNEF winmail.dat removed", I suppose:
  • Customer will receive extracted files
  • Efa will store message with extracted files
  • There is no winmail.dat anymore

Is this expected or not?

User avatar
shawniverson
Posts: 3398
Joined: 13 Jan 2014 23:30
Location: Indianapolis, Indiana USA
Contact:

Re: Winmail.dat contents extracted but not replaced

Post by shawniverson » 23 Feb 2021 20:47

I remember dealing with this recently.....looking back at notes...

User avatar
shawniverson
Posts: 3398
Joined: 13 Jan 2014 23:30
Location: Indianapolis, Indiana USA
Contact:

Re: Winmail.dat contents extracted but not replaced

Post by shawniverson » 23 Feb 2021 20:49

https://github.com/E-F-A/v4/issues/255
https://github.com/MailScanner/v5/issues/525

What version of MailScanner do you show?

Code: Select all

rpm -qa | grep -i mailscanner

victorburgos
Posts: 17
Joined: 13 May 2017 20:53

Re: Winmail.dat contents extracted but not replaced

Post by victorburgos » 24 Feb 2021 05:21

Code: Select all

rpm -qa | grep -i mailscanner
MailScanner-5.4.1-1.eFa.el7.noarch

User avatar
shawniverson
Posts: 3398
Joined: 13 Jan 2014 23:30
Location: Indianapolis, Indiana USA
Contact:

Re: Winmail.dat contents extracted but not replaced

Post by shawniverson » 24 Feb 2021 12:34

That is the right version for the fixes. I'm going to need to troubleshoot this further. I'll do some things on my end first to see if I can replicate it with a winmail.dat and keep you posted.

victorburgos
Posts: 17
Joined: 13 May 2017 20:53

Re: Winmail.dat contents extracted but not replaced

Post by victorburgos » 25 Feb 2021 01:29

Thanks shawniverson for your help.
In the meantime, I will disable winmail.dat extraction and replacement.

Code: Select all

Expand TNEF = no

ashweb
Posts: 13
Joined: 05 Feb 2016 12:17

Re: Winmail.dat contents extracted but not replaced

Post by ashweb » 25 Mar 2021 13:53

I am having the same issue, I have now turned off TNEF expanding.

The attachments are extracted but named as follows:

MailScanner: No programs allowed (900000.dat)
MailScanner: No programs allowed (900000.dat)

Then blocked as they are .dat files.

This email had a pdf and a docx file attached.

User avatar
shawniverson
Posts: 3398
Joined: 13 Jan 2014 23:30
Location: Indianapolis, Indiana USA
Contact:

Re: Winmail.dat contents extracted but not replaced

Post by shawniverson » 28 Mar 2021 22:18

Troubleshooting this...

So...

MailScanner in Debug mode works...

MailScanner in Daemon mode doesn't work and the miltipart mime message is truncated at the first mime attachment...

:think:

User avatar
shawniverson
Posts: 3398
Joined: 13 Jan 2014 23:30
Location: Indianapolis, Indiana USA
Contact:

Re: Winmail.dat contents extracted but not replaced

Post by shawniverson » 28 Mar 2021 22:29

selinux...

Code: Select all

type=AVC msg=audit(1616970514.129:1580): avc:  denied  { rename } for  pid=537701 comm=4D61696C5363616E6E65723A206578 name="bookmark.htm" dev="tmpfs" ino=17131582 scontext=system_u:system_r:mscan_t:s0 tcontext=system_u:object_r:tmpfs_t:s0 tclass=file permissive=0
type=AVC msg=audit(1616970514.130:1581): avc:  denied  { rename } for  pid=537701 comm=4D61696C5363616E6E65723A206578 name="zappa_av1.jpg" dev="tmpfs" ino=17131581 scontext=system_u:system_r:mscan_t:s0 tcontext=system_u:object_r:tmpfs_t:s0 tclass=file permissive=0
Looks like we need an update to the selinux rules

User avatar
shawniverson
Posts: 3398
Joined: 13 Jan 2014 23:30
Location: Indianapolis, Indiana USA
Contact:

Re: Winmail.dat contents extracted but not replaced

Post by shawniverson » 29 Mar 2021 01:49

Fix is in 4.0.4-11 update going out.

Post Reply