Emails being received in Base64, not being automatically decoded

A lot of agents at my company are receiving emails that still include the Barracuda (spam firewall) header (even in "message" view, not "source" view) and are encoded in Base64.

They are being sent from overseas for the most part, so is it possible that the locales are conflicting? ie. if there's an Asian character being sent over that necessitates the Base64 encoding in the first place.

Our mail server is SmarterMail Enterprise 14.5 and Intermedia Exchange, Barracuda Firmware v7.1.1.003 (2015-09-28 16:36:19)

Example: Side-by-side comparison of what the user sees and what the source of the image looks like in Barracuda.

So most of the header is still hidden from the user, but emails still shouldn't appear like this.

What I suspect is causing the problem is the following:

Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64

Is this a locale/encoding issue confusing our spam firewall?

user108

Posted 2016-09-08T17:29:56.377

Reputation: 21

This is too broad to answer. Please provide more details, such as the email server being used and maybe an example. And why is the Barracuda header even a problem? – Arjan – 2016-09-08T17:49:12.597

Are you in a position to change the configuration of the firewall? If you are not then, you cannot solve this problem, if you are then this likely is better served at Serverfault. – Ramhound – 2016-09-08T17:53:46.933

Seeing barracuda headers in an email is annoying and shouldn't happen unless we're looking at the message source. And yes, I can change the spam firewall settings. – user108 – 2016-09-08T17:57:07.443

Answers

No, that's not the problem. Content-Transfer-Encoding is perfectly valid and quite common.

The problem is that there is a blank line inserted right above the received-spf header. (In your left window, for some reason there's a thick red bar at exactly that point.)

A blank line indicates that the message headers end at that point and the body begins. Since the outermost Content-Type declaration (the multipart/related one) is below the bogus separator, the recipient's mail client doesn't even look at it – merely falls back to the non-MIME "plain text" mode.

Figure out at which step that empty line is inserted. Compare what Barracuda receives with what it stores (you might have to temporarily turn off TLS for that). Check if it behaves the same if you send a simpler message (i.e. not from MS Exchange); try sending a test message directly to the spamfilter, e.g. using swaks.

user1686

Posted 2016-09-08T17:29:56.377

Reputation: 283 655

We just recently enabled SPF and that was around the same time this problem started to happen. Thanks for your advice, I'll look further into this. Would updating our Barracuda be a quick way to fix this? – user108 – 2016-09-09T15:37:39.543

shrug Yes, it could be a bug in the Barracuda code which inserts the Received-SPF result header – but I don't know if that's been fixed in the latest version. Contact their tech support instead. – user1686 – 2016-09-10T13:28:47.490