search

roundcube / roundcubemail

The Roundcube Webmail suite
https://roundcube.net
GNU General Public License v3.0
5.82k stars 1.63k forks source link

Could not forward message flagged as spam on 1.4.7 #7522

Closed samuelmf closed 4 years ago

samuelmf commented 4 years ago

I coulnd't forward messages flagged as SPAM by spam assasin i get a SMT Error 550. But on my old roundcube version on the server i'm able to forward messages flagged as spam.

It's possible to disable outgoing message check if its on spam, on the roundcube configuration or any way to fix.

By the moment the only way to bypass the outgoing messages check is using the option Resend (bounce).

alecpl commented 4 years ago

Sounds like an SMTP issue. I'm not sure I understand it. Could you enable the smtp_debug option and provide the log?

samuelmf commented 4 years ago

Sounds like an SMTP issue. I'm not sure I understand it. Could you enable the smtp_debug option and provide the log?

Hi, thanks for reply, how can enable that option? on the config file?

samuelmf commented 4 years ago

I have set this lines on the config file `// system error reporting, sum of: 1 = log; 4 = show $config['debug_level'] = 1;

// Log SQL queries $config['sql_debug'] = true;

// Log IMAP conversation $config['imap_debug'] = true;

// Log LDAP conversation $config['ldap_debug'] = true;

// Log SMTP conversation $config['smtp_debug'] = true;`

But i'm unnable to view smtp file under logs folder

samuelmf commented 4 years ago

Content of the smtp.log

[30-Jul-2020 02:55:58 +0000]: <25ac829c> Connecting to mail.peihap.gob.pe:587...
[30-Jul-2020 02:55:58 +0000]: <25ac829c> Recv: 220-opower.opowerserver.net ESMTP Exim 4.93 #2 Wed, 29 Jul 2020 21:55:58 -0500 
[30-Jul-2020 02:55:58 +0000]: <25ac829c> Recv: 220-We do not authorize the use of this system to transport unsolicited, 
[30-Jul-2020 02:55:58 +0000]: <25ac829c> Recv: 220 and/or bulk e-mail.
[30-Jul-2020 02:55:58 +0000]: <25ac829c> Send: EHLO peihap.gob.pe
[30-Jul-2020 02:55:58 +0000]: <25ac829c> Recv: 250-opower.opowerserver.net Hello peihap.gob.pe [66.85.141.178]
[30-Jul-2020 02:55:58 +0000]: <25ac829c> Recv: 250-SIZE 52428800
[30-Jul-2020 02:55:58 +0000]: <25ac829c> Recv: 250-8BITMIME
[30-Jul-2020 02:55:58 +0000]: <25ac829c> Recv: 250-PIPELINING
[30-Jul-2020 02:55:58 +0000]: <25ac829c> Recv: 250-AUTH PLAIN LOGIN
[30-Jul-2020 02:55:58 +0000]: <25ac829c> Recv: 250-STARTTLS
[30-Jul-2020 02:55:58 +0000]: <25ac829c> Recv: 250 HELP
[30-Jul-2020 02:55:58 +0000]: <25ac829c> Send: AUTH LOGIN
[30-Jul-2020 02:55:58 +0000]: <25ac829c> Recv: 334 VXNlcm5hbWU6
[30-Jul-2020 02:55:58 +0000]: <25ac829c> Send: YWFuY2FqaW1hQHBlaWhhcC5nb2IucGU=
[30-Jul-2020 02:55:58 +0000]: <25ac829c> Recv: 334 UGFzc3dvcmQ6
[30-Jul-2020 02:55:58 +0000]: <25ac829c> Send: ****** [16]
[30-Jul-2020 02:55:58 +0000]: <25ac829c> Recv: 235 Authentication succeeded
[30-Jul-2020 02:55:58 +0000]: <25ac829c> Send: MAIL FROM:<aancajima@peihap.gob.pe>
[30-Jul-2020 02:55:58 +0000]: <25ac829c> Recv: 250 OK
[30-Jul-2020 02:55:58 +0000]: <25ac829c> Send: RCPT TO:<samuelmf@gmail.com>
[30-Jul-2020 02:55:58 +0000]: <25ac829c> Recv: 250 Accepted
[30-Jul-2020 02:55:58 +0000]: <25ac829c> Send: DATA
[30-Jul-2020 02:55:58 +0000]: <25ac829c> Recv: 354 Enter message, ending with "." on a line by itself
[30-Jul-2020 02:55:58 +0000]: <25ac829c> Send: Resent-From: aancajima@peihap.gob.pe
Resent-To: samuelmf@gmail.com
Resent-Date: Wed, 29 Jul 2020 21:55:58 -0500
Resent-Message-ID: <165623f73ee862a04283d82898ed1f2c@peihap.gob.pe>
Return-Path: <webmaster@sunat.gob.pe>
Delivered-To: aancajima@peihap.gob.pe
Received: from opower.opowerserver.net
    by opower.opowerserver.net with LMTP
    id UBvTIJeAIV8MDwAANeyW9w
    (envelope-from <webmaster@sunat.gob.pe>)
    for <aancajima@peihap.gob.pe>; Wed, 29 Jul 2020 08:58:47 -0500
Return-path: <webmaster@sunat.gob.pe>
Envelope-to: aancajima@peihap.gob.pe
Delivery-date: Wed, 29 Jul 2020 08:58:47 -0500
Received: from mx12.sunat.gob.pe ([190.102.150.12]:4805 helo=correo.sunat.gob.pe)
    by opower.opowerserver.net with esmtp (Exim 4.93)
    (envelope-from <webmaster@sunat.gob.pe>)
    id 1k0mbS-0000zL-DU
    for aancajima@peihap.gob.pe; Wed, 29 Jul 2020 08:58:47 -0500
Received: from w72ssunat.sunat.peru ([192.168.40.72]) by correo.sunat.gob.pe with Microsoft SMTPSVC(7.5.7601.17514);
     Wed, 29 Jul 2020 08:57:50 -0500
Date: Wed, 29 Jul 2020 08:57:43 -0500 (GMT-05:00)
From: SUNAT <webmaster@sunat.gob.pe>
To: "aancajima@peihap.gob.pe" <aancajima@peihap.gob.pe>
Message-ID: <588596890.7235.1596031063996.JavaMail.root@SERVER4>
MIME-Version: 1.0
Content-Type: multipart/alternative; 
    boundary="----=_Part_7233_588565559.1596031063994"
X-OriginalArrivalTime: 29 Jul 2020 13:57:50.0040 (UTC) FILETIME=[3F0BDD80:01D665B0]
X-Spam-Status: Yes, score=7.3
X-Spam-Score: 73
X-Spam-Bar: +++++++
X-Spam-Report: Spam detection software, running on the system "opower.opowerserver.net",
 has identified this incoming email as possible spam.  The original
 message has been attached to this so you can view it or label
 similar future email.  If you have any questions, see
 root\@localhost for details.
 Content preview:  Constancia de Dep贸sito CONSTANCIA DE DEPOSITO SISTEMA DE
   PAGO DE OBLIGACIONES TRIBUTARIAS D.LEG. 940 N煤mero de constancia 116149635
    Usuario SOL 20525662 N掳 Cuenta de detracciones (Banco de la Naci贸n) 00004015355
    Tipo de [...] 
 Content analysis details:   (7.3 points, 5.0 required)
  pts rule name              description
 ---- ---------------------- --------------------------------------------------
 -1.9 BAYES_00               BODY: Bayes spam probability is 0 to 1%
                             [score: 0.0000]
 -0.0 SPF_HELO_PASS          SPF: HELO matches SPF record
  4.0 SPF_FAIL               SPF: sender does not match SPF record (fail)
 [SPF failed: Please see http://www.openspf.org/Why?s=mfrom;id=webmaster%40sunat.gob.pe;ip=190.102.150.12;r=opower.opowerserver.net]
  0.1 MIME_HTML_ONLY         BODY: Message only has text/html MIME parts
  0.8 MPART_ALT_DIFF         BODY: HTML and text parts are different
  0.0 HTML_MESSAGE           BODY: HTML included in message
  1.8 BODY_QUOTE_MALF_MSGID  Malformed MSGID with quote
  0.0 MIME_HTML_ONLY_MULTI   Multipart message only has text/html MIME
                             parts
  1.0 FORGED_SPF_HELO        No description available.
  0.5 KAM_NUMSUBJECT         Subject ends in numbers excluding current years
  1.0 HEXHASH_WORD           Multiple instances of word + hexadecimal hash
X-Spam-Flag: YES
Subject:  ***SPAM***  Constancia de deposito por detracciones 116149635
X-From-Rewrite: unmodified, no actual sender determined from check mail permissions

[30-Jul-2020 02:55:58 +0000]: <25ac829c> Send: ------=_Part_7233_588565559.1596031063994
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

<html>
<head>
<title>Constancia de Dep&oacute;sito</title>

<style type=3D"text/css">
/* GLOBAL */
BODY{FONT-SIZE:10px;MARGIN:5px;COLOR:#000;FONT-FAMILY:verdana,arial,helveti=
ca,sans-serif;BACKGROUND-COLOR: #ffffff}
TABLE{FONT-SIZE:10px;PADDING-RIGHT:0px;PADDING-LEFT:0px;PADDING-BOTTOM:0px;=
MARGIN:0px;WIDTH: PADDING-TOP:0px;align:;border:0;}
..T1{FONT-WEIGHT:900;FONT-SIZE:18px;background-color:#39c;FONT-FAMILY:verdan=
a, arial, helvetica, sans-serif;text-align:center;}
..T3{FONT-WEIGHT:900;FONT-SIZE:14px;background-color:#4682B4;COLOR:#FFF;FONT=
-FAMILY: verdana, arial, helvetica, sans-serif;TEXT-DECORATION: none;text-a=
lign:center;}
A {font-size:11px;font-style:italic;}
A:link {text-decoration:none;color:#00f;}
A:visited{text-decoration:none;color:#30c;}
A:hover{text-decoration: underline;color:Red;}
A:active{text-decoration:none;color:#0c9;border:1px dotted Lime;}
..buttonbar{background-color:#fff;height:28px;padding-top:3px;padding-left:3=
px;border-top:1px solid Black;margin-top:6px;}
SELECT {FONT-FAMILY:verdana,arial,helvetica,sans-serif;FONT-SIZE:9px;border=
-color:#CCC;border-style:solid;border-width:1px;}
..form-table {border-color:#4682B4;border-style:solid;border-width:1px;}
..form-button {border-color:#69C;border-style:solid;border-width:1px;cursor:=
hand}
..form-button-hover {border-bottom:solid 1px #69C;border-left:solid 1px #FFF=
;border-right: solid 1px #6699CC;border-top:solid 1px #FFF;}
..form-text { border-color:#CCC;border-style:solid;border-width:1px; font-fa=
mily:verdana,Arial}
..form-radio {vertical-align:middle;}
/* ALPHA */
A.alpha {color:#000;text-decoration:none;}
TR.alpha {background-color:#69C;}
TD.alpha {background-color:#69C;}
..alpha-neg-alert {color:#F00;}
..alpha-pos-alert {color:#007F00;}
/* BETA */
A.beta {color: #000; text-decoration:none;}
TR.beta {background-color:#B6CBEB;}
TD.beta {background-color:#B6CBEB;}
TH.beta {background-color:#B6CBEB;}
..beta-neg-alert {color:#FF0000;}
..beta-pos-alert {color:#007F00;}
/* GAMMA */
A.gamma {color:#000;text-decoration:none;}
TR.gamma {background-color:#EEE;}
TD.gamma {background-color:#EEE;}
..gamma-neg-alert {color:#FF0000;}
..gamma-pos-alert {color:#007F00;}
/* BG */
A.bg {color:#000;text-decoration:none;}
TBODY.bg {background-color:#FFF;}
TR.bg {background-color:#FFF;}
TD.bg {background-color:#FFF;}
SELECT.bg{font-size:11px;}
..bg-neg-alert {color:#F00;}
..bg-pos-alert {color:#007F00;}
/* BGN */
A.bgn {color:#000;text-decoration:none;FONT-WEIGHT:900;}
A.bgn:hover {color:#960;text-decoration:underline;FONT-WEIGHT:900;}
TR.bgn {background-color:#FFF;FONT-WEIGHT:900;}
TD.bgn {background-color:#FFF;FONT-WEIGHT:900;}
..bgn-neg-alert {color:#F00;FONT-WEIGHT:900;}
..bgn-pos-alert {color:#007F00;FONT-WEIGHT:900;}
</style>

</head>
<body>

<table width=3D"90%" cellpadding=3D"3" cellspacing=3D"3" align=3D"center"
class=3D"form-table">
<tr class=3D"bgn" align=3D"center">
=09<td>CONSTANCIA DE DEPOSITO</td>
</tr>
<tr class=3D"bgn" align=3D"center">
=09<td>SISTEMA DE PAGO DE OBLIGACIONES TRIBUTARIAS D.LEG. 940</td>
</tr>

</table>
<br>
<table cellpadding=3D"3" cellspacing=3D"2" width=3D"90%" class=3D"form-tabl=
e" align=3D"center">
<tr class=3D"bgn">
=09<td>N&uacute;mero de constancia</td>
=09<td>116149635</td>
</tr>

<UsuarioSOL>
<tr>
=09<td>Usuario SOL</td>
=09<td>20525662</td>
</tr>
</UsuarioSOL>

<tr>
=09<td>N&deg; Cuenta de detracciones (Banco de la Naci&oacute;n)</td>
=09<td>00004015355</td>
</tr>
<tr>
=09<td>Tipo de Cuenta:</td>
=09<td>Cuenta de Detracciones Convencional</td>
</tr>
<tr>
=09<td>RUC del Proveedor</td>
=09<td>20510070187</td>
</tr>
<tr>
=09<td>Nombre/Raz&oacute;n Social del Proveedor</td>
=09<td>SERVICIOS GENERALES ERLON S.A.C.</td>
</tr>
<tr>
=09<td>Tipo de Documento del Adquiriente</td>
=09<td>6 - REG. UNICO DE CONTRIBUYENTES  </td>
</tr>
<tr>
=09<td>N&uacute;mero de Documento del ... [truncated 1077 bytes]
[30-Jul-2020 02:55:58 +0000]: <25ac829c> Send: 
.
[30-Jul-2020 02:55:59 +0000]: <25ac829c> Recv: 250 OK id=1k0yje-0004B8-U0
[30-Jul-2020 02:55:59 +0000]: <25ac829c> Send: QUIT
[30-Jul-2020 02:55:59 +0000]: <25ac829c> Recv: 221 opower.opowerserver.net closing connection
alecpl commented 4 years ago

I'm more interested in the log when in fails. This looks like a successful request.

samuelmf commented 4 years ago

Suppose when I click send, and the screen stays in Sending ... the smtp.log file is already being written or not?

samuelmf commented 4 years ago

Seems that the problem is caused by wordpress plugin Wordfence Activity Detail Piura, Peru left https://domain.gob.pe/correoweb/?_task=mail&_action=compose&_id=19945128005f2385bfb764e and was blocked by firewall for XSS: Cross Site Scripting in POST body: _message=%3Cp%3E%26nbsp%3B%3C%2Fp%3E%0D%0A%3Cp%3E--------%20Mensaje%20Original%20--------%3C%2Fp%3E%0D%0A%3Ct… at https://domain.gob.pe/correoweb/?_task=mail&_unlock=loading1596163526319&_framed=1&_lang=es 30/7/2020 21:45:26 (1 hour 4 mins ago)
IP: 179.6.49.171 Hostname: 179.6.49.171

I disabled plugin and can forward messages normally no matter if it is flagged as SPAM by spamassasin.