K2 workflow task notifications are being filtered by Antigen on Exchange when sent with html message body

K
Badge +1

The issue occurred after we've upgraded our QA environment  from 1170 to 1420


We have been trying to get the task
notification email to go to the destination users ,however each time a task
notification is being sent it gets Purged by the Antigen filtering application
on our exchange server.
When changing the message body from HTML to text the
email gets delivered to destination  users but all the HTML references and Hyperlink references does not look good , so using text  in the email body is not a good solution.


See below a sample of the email


Microsoft Antigen for SMTP found a message matching a filter. The message is
currently Purged.
Message: "Security Analyst - Review Task Notification
Request- Request Number: 110 - Dated:3/20/2012 "

Filter name: "IllegalMimeHeader"
Sent from: "K2.QA@companyname.com"

Folder: "SMTP MessagesOutbound"
Location: "/exchange server name"


We've contacted the Exchange support and they said  that the Antigen filtering has been set to optimal settings and as per Microsoft recommendations and nothing can be changed on there side.


Just wondering if anyone else encountered the same issue after upgrading to 1420


and what would be the proper solution for this issue.


 


Thank you


KAL.

11 replies

C
Badge +10

I have personally not seen this one, anyone else had issues? 

S
Badge +6

Please talk to exchange administrator if the following does not makes sense.


Do you have inhouse Exchange or Hosted Exchange? Do you have Edge transport server role with Forefront?


If you are using inhouse, add the K2 Server IP address to one of the receive connectors so that all SMTP traffic from K2 server is trusted. This is the best practice for internal servers because exchange server is wasting resources on scanning email from trusted servers.


If you are using edge transport, add the K2 server IP address to the trusted list in the exchange management console


Check the headers for the email you receive and make sure there are no duplicate headers with different values. If there is, please log a ticket with K2 as a bug.


As a workaround for the time being, ask your administrator to skip scanning internal emails from trusted servers.

S
Badge +6

Hi KAL


I have logged this issue as a feature request. A future version will follow RFC specifications for task notification emails. Unfortunately an immediate fix will not be made available.


You have two options.
1) Skip scanning the internal emails
2) You can change the ‘Illegal MIME Header Action’ in the SETTINGS-->General Options panel of the Antigen/Forefront Administrator console to "Ignore" setting.

K
Badge +1

HI Sujeeth,


I actually requested from the exchange team to add the server /IP address to a receive connectors on exchange, meaning to add the K2 server to be trusted on exchange. This was the recommended solution from K2 support  as we have a ticket opened with them.


As per your suggestion in the reply to my question , this is not recommended as it would be a global change that would affect all emails coming through exchange and can cause security risks across the organization ,exchange support already quoted  the same response.


I will let you know how it goes .


 


Thanks Sujeeth


 


Kal

K
Badge +1

Hi Sujeeth,


just to update you on this , Exchange team was able to add the K2 server / IP address to the trusted list on Exchange server , however we are now receiving duplicated email notification from Antigen filtering for the same outgoing email from the K2 workflow, I already reported this to k2 support via my open ticket .


In your respond above what would cause the header to be duplicated ? and from your experience would be the fix for it


 


Thanks again


Kal.

S
Badge +6

Are you sure it is the exact email received twice by the same user. It might be happening due to some setting on Exchange server e.g. If a spam email has been detected, it will send the original as well another email with stripped content.


The header duplication is caused if RFC specifications are not followed. The only way to fix it is change the code (in this case, it will be K2)


As I mentioned earlier, I have already logged this as a feature request with K2. It will be fixed in a future release. What is your K2 support ticket number.

S
Badge +6

The RFC specifications were introduced recently. There are many email providers that still doesnt follow all of these specifications. It will take some time for everyone to adopt them.

K
Badge +1

Hi Sujeeth,


The Ticket  logged with K2 is 41941, Adding see examples of the 2 email bodies that is being sent to the Mailbox and marked by Antigen as purged








Normal
0




false
false
false

EN-US
X-NONE
AR-SA









































































































































































The 2 emails has the same body , except I noticed some emails came from 2 different exchange servers but also has the same body


Microsoft Antigen for SMTP found a message matching a
filter. The message is currently Purged.


Message: "Security Analyst - Review Task
Notification for Manual Token Facility ID


 Request- Request
Number: 113 - Dated:3/27/2012 "


Filter name: "IllegalMimeHeader"


Sent from: "K2.QA@companyname.com"


Folder: "SMTP MessagesOutbound"


Location: "/Exchange serverName"


 


Thanks Sujeeth


 


Kal.

S
Badge +6

It looks like you are scanning the emails irrespective of the source(trusted or untrusted). unfortunately in this case, you have to change the setting to 'Ignore' - admins might not like this as it affects globally. Find out from exchange admin if they can exclude k2 emails from being scanned by Antigen.

K
Badge +1

Hi Sujeeth,


Finally we got the email task notifications working , looks like exchange did change setting on Antigen filtering  ,I haven't checked with them yet on what changes they made most probably like you mentioned to change the settings to 'ignore'


Thanks again for your help.


 


Kal

C
Badge +10

Glad you got it all working! if you find out the change they made that got it working let us know.


Thanks all

Reply


View our Community Site Map

Nintex Community Sitemap
Terms & ConditionsCookie settings