Koozali.org: home of the SME Server

DMARC issue with special character in company name

Offline SchulzStefan

  • *
  • 620
  • +0/-0
DMARC issue with special character in company name
« on: December 11, 2018, 02:58:59 PM »
Today I got an email from DHL:

Quote
Dear ,

I'd like to notify you that the DMARC reports that are being sent out
from your email system contain a syntax error which makes the report
invalid. Could you please provide this email to someone who is
managing the email system to fix it?

The problem is in the following line:

<org_name>XYZ GmbH & Co. KG</org_name>

The & character needs to be either removed or replaced by &amp;

Thank you

Quote
The report I am talking about is report that is being sent by XYZ's email system to DHL about emails from DHL to XYZ (so the opposite way). Somewhere on servers that are sending messages out you have a setting for "aggregated DMARC reports".

Anybody with any hint where to investigate?

Thank's for any hint.

regards,
stefan

Edit:
This does not work in the server-manager:

The & character needs to be either removed or replaced by &amp;

https://forums.contribs.org/index.php/topic,53187.msg275390.html#msg275390
« Last Edit: December 11, 2018, 03:15:13 PM by SchulzStefan »
And then one day you find ten years have got behind you.

Time, 1973
(Mason, Waters, Wright, Gilmour)

Offline ReetP

  • *
  • 3,722
  • +5/-0
Re: DMARC issue with special character in company name
« Reply #1 on: December 11, 2018, 04:15:02 PM »
At a vague guess I think it is in the file:

/usr/bin/dmarc_send_reports

Possibly in this sectiopn

Code: [Select]
sub email {
    my ($to, $shrunk, $agg_ref) = @_;

.......

    my $from = $report->config->{organization}{email};

...........

That file is triggered by /etc/crontab

Code: [Select]
15 0 * * * qpsmtpd /usr/bin/dmarc_send_reports 2>&1 | grep -v "SSL connection failed" | logger -t "DMARC Reporting"
There is some ini data here:

Code: [Select]
cat /etc/mail-dmarc.ini
However, I am not sure where it picks up your compnay name from.

I *think* that this information is stored in the sqlite DB here (be careful with this file - take a backup before messing about with it):

Code: [Select]
/var/lib/qpsmtpd/dmarc/reports.sqlite

The simple answer is to use 'and' in your company name.

Beyond that it may take some serious to digging to find and fix.

...
1. Read the Manual
2. Read the Wiki
3. Don't ask for support on Unsupported versions of software
4. I have a job, wife, and kids and do this in my spare time. If you want something fixed, please help.

Bugs are easier than you think: http://wiki.contribs.org/Bugzilla_Help

If you love SME and don't want to lose it, join in: http://wiki.contribs.org/Koozali_Foundation

Offline ReetP

  • *
  • 3,722
  • +5/-0
Re: DMARC issue with special character in company name
« Reply #2 on: December 11, 2018, 05:08:47 PM »
Probably worth an upstream bug for this

https://github.com/msimerson/mail-dmarc
...
1. Read the Manual
2. Read the Wiki
3. Don't ask for support on Unsupported versions of software
4. I have a job, wife, and kids and do this in my spare time. If you want something fixed, please help.

Bugs are easier than you think: http://wiki.contribs.org/Bugzilla_Help

If you love SME and don't want to lose it, join in: http://wiki.contribs.org/Koozali_Foundation

Offline mmccarn

  • *
  • 2,626
  • +10/-0
Re: DMARC issue with special character in company name
« Reply #3 on: December 12, 2018, 04:30:45 AM »
My suspicion is that "XYZ GmbH & Co. KG" is the value of ldap->defaultCompany in the config database.

You can check this by running:
Code: [Select]
config show ldap

If I'm right, then I think you need to either hard-code "&amp" in ldap->defaultCompany variable, modify the template for /etc/mail-dmarc.ini to escape "&", or simply create a custom template that hardcodes the value you want for org_name.

Quote from: /etc/e-smith/templates/etc/mail-dmarc.ini/100organization
[organization]
domain             = { $DomainName }
org_name           = { $ldap{defaultCompany} || 'SME Server powered company' }
email              = { $qpsmtpd{DMARCReportEmail} || 'admin@' . $DomainName }
extra_contact_info = { $qpsmtpd{DMARCContactInfo} || 'http://' . $DomainName }

Offline ReetP

  • *
  • 3,722
  • +5/-0
Re: DMARC issue with special character in company name
« Reply #4 on: December 12, 2018, 09:57:12 AM »
Nice answer Mike!!
...
1. Read the Manual
2. Read the Wiki
3. Don't ask for support on Unsupported versions of software
4. I have a job, wife, and kids and do this in my spare time. If you want something fixed, please help.

Bugs are easier than you think: http://wiki.contribs.org/Bugzilla_Help

If you love SME and don't want to lose it, join in: http://wiki.contribs.org/Koozali_Foundation

Offline SchulzStefan

  • *
  • 620
  • +0/-0
Re: DMARC issue with special character in company name
« Reply #5 on: December 12, 2018, 10:28:11 AM »
My suspicion is that "XYZ GmbH & Co. KG" is the value of ldap->defaultCompany in the config database.

You can check this by running:
Code: [Select]
config show ldap

If I'm right, then I think you need to either hard-code "&amp" in ldap->defaultCompany variable, modify the template for /etc/mail-dmarc.ini to escape "&", or simply create a custom template that hardcodes the value you want for org_name.

You're right.

Interesting, while I entered in the server-manager the escape, it is not shown there. But a

#config show ldap shows
ldap=service
    Authentication=disabled
    TCPPort=389
    TCPPorts=389,636
    access=private
    defaultCity=D-7
    defaultCompany=XYZ GmbH &amp; Co. KG
    defaultDepartment=Buero
    defaultPhoneNumber=+49.(0)
    defaultStreet=Str. 99
    status=enabled

I'll ask DHL if the error is gone, and let you know.

stefan
And then one day you find ten years have got behind you.

Time, 1973
(Mason, Waters, Wright, Gilmour)

Offline mmccarn

  • *
  • 2,626
  • +10/-0
Re: DMARC issue with special character in company name
« Reply #6 on: December 12, 2018, 12:10:58 PM »
You should confirm that the org name change made it to /etc/mail-dmarc.ini:
Quote from: /etc/mail-dmarc.ini
...
[organization]
domain             = my.obfuscated.domain
org_name           = My Obfuscated Org Name
email              = admin@my.obfuscated.domain
extra_contact_info = http://my.obfuscated.domain
...

If it didn't make it there yet, run the 'email-update' event and check again:
Code: [Select]
signal-event email-update


There are a couple tools for reviewing the dmarc reports your server has sent - these may show the new organization name.

"dmarc_view_reports" lists the reports in reverse chronological order at the command line:
Code: [Select]
dmarc_view_reports |less

"dmarc_httpd" starts a web server on port 8080 to let you browse your reports:
Code: [Select]
dmarc_httpd
Then browse to http:/your-sme-server-name-or-ip:8080 from your workstation.

Offline SchulzStefan

  • *
  • 620
  • +0/-0
Re: DMARC issue with special character in company name
« Reply #7 on: December 12, 2018, 01:07:06 PM »
You should confirm that the org name change made it to /etc/mail-dmarc.ini:
If it didn't make it there yet, run the 'email-update' event and check again:
Code: [Select]
signal-event email-update
This seems to be imortant - without email-update the escape didn't make it in the mail-dmarc.ini.
And then one day you find ten years have got behind you.

Time, 1973
(Mason, Waters, Wright, Gilmour)