Netmail Secure 6.1+
In some cases, email may be returned to sender with the SMTP error "500 - line too long." This means that the message had over 998 characters/symbols on a single line, without a line break. As per the original IETF RFC:
"There are two limits that this standard places on the number of characters in a line. Each line of characters MUST be no more than 998 characters, and SHOULD be no more than 78 characters, excluding the CRLF.
The 998 character limit is due to limitations in many implementations which send, receive, or store Internet Message Format messages that simply cannot handle more than 998 characters on a line. Receiving implementations would do well to handle an arbitrarily large number of characters in a line for robustness sake. However, there are so many implementations which (in compliance with the transport requirements of [RFC2821]) do not accept messages containing more than 1000 character including the CR and LF per line, it is important for implementations not to create such messages."
Of course, since that RFC was written, technology has advanced significantly and email has grown much larger and more sophisticated. The original restriction is becoming too limiting for many people, and thus Microsoft increased the maximum to 8000 characters as of Exchange 2007. If you're encountering this situation in your mailflow, you can disable the length checking altogether with the steps below.
See an example of the error occurring in the STMP conversation below:
250-securemail.fake.com Pleased to meet you
250 SIZE 52428800
MAIL FROM:<firstname.lastname@example.org > SIZE=107936
250 Sender OK
250 Recipient OK
354 Send message, end with <CRLF>.<CRLF>
500 Line too long
From this log we can see that message is coming with a long row in the header (more than 998 symbols),
To set the system to allow messages with long body lines you need to add an attribute to the OpenLDAP in Secure. Using an LDAP browser that allows you to write to the directory, connect to with the following info:
Base DN: o=netmail
User DN: cn=netmail,cn=system,o=netmail
Password: same as you use for the Netmail Secure admin UI
Port: 389 (SSL=false) or 636 (SSL=true)
If you are blocked by the firewall on Secure, you can log into the machine and stop it using: systemctl stop firewalld
(Don't forget to 'start' it afterwards).
Using the LDAP browser navigate to Netmail > Security > Agents > SMTP, and add an attribute named 'MaConfiguration' with the value 'AllowLongBodyLines:1'
Once that's in place, you will need to restart the SMTP agent, on every Netmail Secure appliance, which you can do at a shell prompt with the following command: /opt/ma/netmail/sbin/launcher -e "restart smtpd"
Or you can restart all services with: systemctl restart netmail
To undo, change the attribute value to 'AllowLongBodyLines:0' and restart the agent/service again.
Sometimes it's not the sender that is the source of the long lines. Netmail's own anti-virus / anti-spam engines can also pose a problem when they append their entries in the header. If you want to maintain the 1000 character limit but the engines are interfering, we can disable header modifications by the anti-spam or the anti-virus engines:
Open the Netmail web console.
Navigate to Security -> Agents -> Antispam -> Advanced.
Uncheck "Diagnostics: Enable Reference ID" and "Diagnostics: Enable X-Tag"
You may do the same for the Anti-Virus
Navigate to Security -> Agents -> Anti-Virus > Advanced Settings -> "Diagnostics: Enable X-Tag"
NOTE: Be aware that disabling these will interfere with troubleshooting false positives in the future.