Mail rejection from Sendmail organisation sent via Forefront Security for Exchange

Hi everyone, a colleague of mine had (and solved the issue below) and I thought given the time taken to solve it, that I would share it here?

My colleague had a client who had just done an upgrade from Exchange 2003 to 2007. Mail flow was working except for messages to IBM.

Any mail sent to IBM would get an immediate message rejection. Mails were however able to be accepted from IBM.

The error that was presented was:

The following organization rejected your message: e5.ny.us.ibm.com.
e5.ny.us.ibm.com #550 <xxxxxxxx@us.ibm.com>… cataddr: string too long ##

After a bunch of research my colleague found that ideally some patches should be applied on the sendmail servers that IBM are using. However he called and talked to IBM and all of their servers have the most recent patches. So that was a dead end!

Everything else that you might consider had been checked including having the correct SPF records, being a trustedsource email domain, and not being on any blacklists, etc.

?

So a while later this is what the solution was:

As part of the upgrade Forefront for Exchange was deployed and if you do, you can enable the below option to provide the MIME headers to be aligned with the RFC compliant headers.

Fix Bare CR or LF in Mime Headers

Specifies whether FSE should fix bare carriage returns and bare line feeds. This corrects a discrepancy between the MIME header parsing method used by Microsoft Outlook? and Outlook Express and the RFC 822 specification on how “bare carriage return (CR)” (0x0d) and “bare line feed (LF)” (0x0a) are handled in MIME headers. Disabled by default. If enabled, it corrects out-of-compliance MIME messages to be compliant with the RFC 2822 specification, meaning that bare carriage returns and bare line feeds are replaced by a “CR-LF” combination. Messages with bare carriage returns or bare line feeds can be parsed differently by different e-mail clients. By design, FSE parses these messages in the same manner as Microsoft Outlook and Outlook Express. If this feature is enabled, FSE alters these messages to be compliant with the RFC 2822 specification and, as a result, all e-mail clients will parse them in the same manner. If this feature is disabled, e-mail clients other than Microsoft Outlook and Outlook Express may parse messages with bare carriage returns or bare line feeds differently than FSE. Because of this, a virus could avoid detection. To maximize system performance, this feature is disabled by default. If your organization uses e-mail clients that interpret messages with bare carriage returns or bare line feeds differently than Microsoft Outlook and Outlook Express, you should enable this feature for maximum security.

?

It would seem that by default this setting is off and can therefore cause issues with some Sendmail servers. Enabling the above option fixed the problem.

Cheers

Nathan