Attachments missing due to bad MIME headers
I've got a weird problem which has only recently manifested, after running a very happy LAMP server on a linode 512 running Debian 5.0 for quite a while now.
A few days ago, on random incoming and outgoing emails with attachments, recipient mail clients could not see the attachment (Outlook 2007 and Thunderbird 3). An example header from one of these emails is like so:
From - Thu Aug 12 18:27:38 2010
X-Account-Key: account2
X-UIDL: UID2524-1268054582
X-Mozilla-Status: 0003
X-Mozilla-Status2: 00000000
X-Mozilla-Keys:
Return-Path: <mcc@xxxxxxcom>
Received: from localhost (localhost [127.0.0.1])
by server1.xxxxxxx (Postfix) with ESMTP id 1C1C7A075;
Thu, 12 Aug 2010 18:26:49 +0100 (BST)
X-Virus-Scanned: Debian amavisd-new at server1.xxxxxxxx.co.uk
[b]X-Amavis-Alert: BAD HEADER SECTION, MIME error: error: part did not end with
expected boundary[/b]
Received: from server1.xxxxxx.co.uk ([127.0.0.1])
by localhost (server1.xxxxxx.co.uk [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id sEiMepIFWeMU; Thu, 12 Aug 2010 18:26:48 +0100 (BST)
Received: by server1.xxxxxxx.co.uk (Postfix, from userid 108)
id 95476A1B6; Thu, 12 Aug 2010 18:26:48 +0100 (BST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=g-q-r.com; s=dkim_2;
t=1281634008; bh=6a9fN4hpcj/nqTz5xg3/nt8vs+qcI5xb8m8uJpQ+LpA=;
h=From:To:Cc:Subject:Date:Message-ID:MIME-Version:Content-Type; b=d
n/tZ0oBwNmaloeTTfmFj+F71D6fHb2OCdDSGuE72dgDGqQ1XQW5tQXqB3Am6wJRUR3p
rvrT6dcgb451WhPpVMMTshOxVk1L+uPcExUExwJUrByE/o8P6Fe9gV2y01hd8slxKJl
4HHZTEZTSrNV8nkpENtXaTpl8VjTStKuskSM=
Received: from WKSta08 (unknown [212.36.58.162])
(Authenticated sender: mcc@xxxxxxx)
by server1.sm-technologies.co.uk (Postfix) with ESMTPA id 5EB31A075;
Thu, 12 Aug 2010 18:26:47 +0100 (BST)
From: "xxxxxxxx" <mcc@xxxxxxx>
To: <smt@xxxxxxxx>
Cc: <julian@xxxxxxx>
Subject: FW: prep - as attachment
Date: Thu, 12 Aug 2010 18:28:33 +0100
Message-ID: <02d601cb3a43$ca615f70$5f241e50$@com>
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----=_NextPart_000_02D7_01CB3A4C.2C25C770"
X-Mailer: Microsoft Office Outlook 12.0
Thread-Index: Acs6KFzlgsPc2gujT5Gl4FFPdEZu3wAAaapwAANfLdA=
Content-Language: en-gb
X-Antivirus: avast! (VPS 100812-0, 12/08/2010), Inbound message
X-Antivirus-Status: Clean</julian@xxxxxxx></smt@xxxxxxxx></mcc@xxxxxxx></mcc@xxxxxxcom>
I've highlighted the bad header markup in bold.
I've tried stopping header checks like so:
@bypass_header_checks_maps = ([1]);
although offending emails still have headers like the ones above and the attachments are still missing.
An example section of the postfix log where an offending email has been processed looks like so:
Aug 13 17:09:39 server1 postfix/smtpd[23397]: 8457FA1B5: client=localhost[127.0.0.1]
Aug 13 17:09:39 server1 postfix/cleanup[23334]: 8457FA1B5: message-id= <ea4b6aa599e0744fb4474bebb7003085044474b516@uklonmcs002.bam.bamroot.net>Aug 13 17:09:39 server1 postfix/smtpd[23397]: disconnect from localhost[127.0.0.1]
Aug 13 17:09:39 server1 postfix/qmgr[23215]: 8457FA1B5: from=<nimesh.mistry@barings.com>, size=12174, nrcpt=1 (queue active)
Aug 13 17:09:39 server1 amavis[22887]: (22887-05) Passed BAD-HEADER, [195.245.230.115] [130.32.42.40] <nimesh.mistry@barings.com> -> <smt@xxxxxx.com>, Message-ID: <ea4b6aa599e0744fb4474bebb7003085044474b516@uklonmcs002.bam.bamroot.net>, $
Aug 13 17:09:39 server1 postfix/pipe[23353]: 8457FA1B5: to=<smt@xxxxxx.com>, relay=maildrop, delay=0.04, delays=0.01/0/0/0.02, dsn=2.0.0, status=sent (delivered via maildrop service)
Aug 13 17:09:39 server1 postfix/qmgr[23215]: 8457FA1B5: removed</smt@xxxxxx.com></ea4b6aa599e0744fb4474bebb7003085044474b516@uklonmcs002.bam.bamroot.net></smt@xxxxxx.com></nimesh.mistry@barings.com></nimesh.mistry@barings.com></ea4b6aa599e0744fb4474bebb7003085044474b516@uklonmcs002.bam.bamroot.net>
which obviously doesn't tell me any more.
Now my understanding is that the MIME header section is so malformed that the mail clients can't see/process the attachments. These users are regularly sending attachments and don't normally have any problems, it seems solely with stuff that comes through my linode, and the strangest thing is that it is very, very sporadic and random, and can happen with PDFs, DOCs, DOCXs etc etc.
Any ideas on where to go next? It's becoming pretty frustrating and I don't know what to do. It's almost as if the linode is muddling up the header somewhere along the line.