MIME encoded headers

DennisMidjord

• May 22, 2018 03:22

Hi, I have no idea if this happened after upgrading to WHM 70 or if it's due to us changing mailserver, but it seems like every email from WHM/cPanel containing special characters now has MIME encoded headers. This makes it really difficult (if not impossible) to setup email filters using regex. This is how the subject looks like in the email we received: Message-Id: <1526968270.lDQIYsK3KFwDTpPE@server11.domain.tld> Subject: =?UTF-8?B?W3NlcnZlcjExLmNob3N0aW5nLmRrXSBESVNLV0FSTiBibG9ja3Mg?= =?UTF-8?B?4pqgOiBNb3VudCBQb2ludCDigJwvaG9tZeKAnSAoMTc4LjIwLjIxNi4yMCk6?= =?UTF-8?B?IDUyNS40wqBHQi82MzAuOTPCoEdCIC0gODguMzU2OTY3JQ==?=
When grepping for the same message ID in /var/log/exim_mainlog, I don't see the encoded subject: [root@server11 ~]# exigrep 1526968270.lDQIYsK3KFwDTpPE@server11.domain.tld /var/log/exim_mainlog 2018-05-22 07:51:10 1fL0CU-0018UH-Mk H=(localhost.localdomain) [127.0.0.1]:35032 Warning: Message has been scanned: no virus or other harmful content was found 2018-05-22 07:51:11 1fL0CU-0018UH-Mk H=(localhost.localdomain) [127.0.0.1]:35032 Warning: "SpamAssassin as cpaneleximscanner detected OUTGOING smtp message as NOT spam (-1.0/60)" 2018-05-22 07:51:11 1fL0CU-0018UH-Mk <= cpanel@server11.domain tld H=(localhost.localdomain) [127.0.0.1]:35032 P=esmtp S=38275 id=1526968270.lDQIYsK3KFwDTpPE@server11.domain tld T="[server11.domain tld] DISKWARN blocks \342\232\240: Mount Point \342\200\234/home\342\200\235 (178.20.216.20): 525.4\240GB/630.93" for logs@domain tld 2018-05-22 07:51:11 1fL0CU-0018UH-Mk SMTP connection identification H=localhost A=127.0.0.1 P=35032 M=1fL0CU-0018UH-Mk U=root ID=0 S=root B=authenticated_local_user 2018-05-22 07:51:11 1fL0CU-0018UH-Mk Sender identification U=root D=-system- S=root 2018-05-22 07:51:12 1fL0CU-0018UH-Mk => logs@domain tld R=lookuphost T=remote_smtp H=mail.domain tld [178.20.217.5] X=TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256 CV=yes C="250 2.0.0 Ok: queued as CFA9520C3FA8" 2018-05-22 07:51:12 1fL0CU-0018UH-Mk Completed
I've checked that check_rfc2047_length is set to false [root@server11 ~]# grep check_rfc2047_length /etc/exim.conf check_rfc2047_length = false
What could the issue be here?

• 

  cPanelMichael

  • May 22, 2018 19:53

  Hello @DennisMidjord, It's possible this relates to the following case that was included in cPanel & WHM version 70.0.41: Fixed case CPANEL-20378: Update exim to 4.91-3.cp1170. In particular, here's the specific change from the RPM change log that could have caused the change you notice: [QUOTE] - Compile in SMTPUTF8 support
  If you'd like to disable SMTPUTF8 support to see if the issue persists for new emails, you can browse to WHM >> Exim Configuration Manager >> Advanced Editor, scroll down until you see the "Add additional configuration setting" button, click the button, and enter the following value to look like this: smtputf8_advertise_hosts = :
  Let me know if this helps. Thank you.

  0
• 

  cPanelMichael

  • May 23, 2018 14:30

  Hello @DennisMidjord, To follow-up, cPanel & WHM version 70.0.44 is now published to the CURRENT release tier and includes a case that disables SMTPUTF8: Fixed case CPANEL-20542: Explicitly disable SMTPUTF8. Upon updating to this version, run the following commands to ensure the change is enabled: /scripts/buildeximconf /scripts/restartsrv_exim
  Thank you.

  0
• 

  DennisMidjord

  • May 24, 2018 08:25

  Hi, We're using version 70.0.44, but it seems that the subjects are still encoded. I've also made sure to execute the two commands you sent.

  0
• 

  cPanelMichael

  • May 24, 2018 18:23

  Hello @DennisMidjord, It's possible that case is unrelated to the issue you are facing. Could you open a

  0

Please sign in to leave a comment.