Raptor Firewall

Error: "SMTPD: Invalid SMTP protocol: Overly long line received from . . ." when sending email to some addresses

Situation:
You cannot receive email from some users or servers outside of the firewall. When viewing the log files, you see that the email is rejected with an error message similar to the following: "SMTPD: Invalid SMTP protocol: Overly long line received from mailserver.domain.com ([10.10.10.10]) (1343 bytes received. Configured: smtpd.max_body_line_length=1024)."

Solution:
This error message is seen when the message received contains a line that is longer than 1024 characters. To pass the email traffic through the firewall, use one of the following solutions:

Client-side Solution
The recommended solution is to modify sent email to use less then 1024 characters on a single line. The easiest way to change this is to add a hard carriage return to the message (press Enter) on the line that is longer then 1024 characters.


Firewall Solution
To work around this at the firewall, you must modify the SMTP proxy directive max_body_line_length.
 


WARNING: Before making this change, evaluate the possible security risk that modifying this setting will create. Changing this setting will lower the security of the SMTP daemon and may expose clients behind the firewall to a possible buffer-overflow. This change to the configuration is not recommended by Symantec.

To modify the max_body_line_length setting on Symantec Enterprise Firewall 6.5x or 7.0x products (including Symantec VelociRaptor and Symantec Gateway Security 1.0)
  1. Open the config.cf file using the firewall editor.
  2. Remove the hash mark (#) from the beginning of the line that says: smtpd.max_body_line_length=1024
  3. Change the number after the equal sign to the maximum number of characters that you want to permit in a single line of an email.
  4. Save the file.
  5. Restart your firewall.

To modify the max_body_line_length setting on Symantec Enterprise Firewall 8.0 products (including Symantec Gateway Security 5400 Series)
  1. Connect to the Security Gateway Management Interface (SGMI).
  2. In the left pane, click System.
  3. In the right pane, on the Advanced tab, click Advanced Options.
  4. In the Advanced Options list, click New Advanced Option.
    This creates a new Advanced Options entry and highlights it for you.
  5. Click Properties.
  6. In the Properties window, on the General tab, in the Option Name box, type the following:

    misc.smtpd.max_body_line_length
  7. On the Value tab, in the Value box, type the maximum number of characters that you want to permit in a single line of an email.
  8. Click Add.
  9. Click OK.
  10. In the SGMI, in the right pane, click Apply.
  11. On the Action menu, click Activate Changes.
  12. Restart your firewall.


Technical Information:
Section 4.5.3.1 (Size Limits and Minimums) of RFC 2821 states, "The maximum total length of a text line including the <CRLF> is 1000 characters (not counting the leading dot duplicated for transparency).
 
© 2016 AppRiver LLC.  All rights reserved.

Add Feedback