Symantec Encryption Management Server exhibits UTF-8 errors and goes to Exception Chain for Quoted-Printable encoded emails
search cancel

Symantec Encryption Management Server exhibits UTF-8 errors and goes to Exception Chain for Quoted-Printable encoded emails

book

Article ID: 158556

calendar_today

Updated On:

Products

Encryption Management Server Gateway Email Encryption

Issue/Introduction

The PGP Encryption Server (Symantec Encryption Management Server), including Lotus Protector for Mail Encryption (LPME) exhibits UTF-8 errors and goes to Exception Chain for Quoted-Printable encoded emails.

When encountering this condition, the following error is displayed:

fatal exception evaluating policy for recipient [email protected]: invalid utf8 character encountered - jumping to Exception chain

 

Cause

The PGP Encryption Server and Lotus Protector for Mail Encryption are designed to parse through messages at a very granular level. 

It looks at headers of a message, and even ensures integrity of the message, checking that it complies with proper and known RFCs. 

If any portion of the message does not comply as expected, the server will push the message processing to the Exception Chain.

The Exception Chain is where all mal-formed, or non-RFC compliant emails go to, instead of processing the message through the normal Mail Chains and Rules. 

The reason for this is SEMS should not normally propagate mal-formed emails, or those messages that do not comply with RFCs.

 

One environment was observed to have emails that did not have the soft line breaks within the 76-character per line limits. 

Non-compliant utf-8 characters were encountered, caused by faulty QP encoding that used hard line breaks rather than soft line breaks in the middle of a multi-byte UTF-8 character. 

When the absence of soft line breaks was encountered, SEMS would push the message to the exception chain. 

It is expected behavior for SEMS to work in this way.

For more information on the Exception Chain, please consult the PGP Encryption Server Admin Guide.

 

Resolution

As this is expected behavior, the source of the problem should be reviewed to see what is sending the non-RFC mail. 

If possible, the issue should be corrected at the source, as the PGP Encryption Server is working properly.

In environments where it is difficult to pinpoint the source of these non-compliant emails as stated above, or in the case where it may be impossible to control these non-compliant emails as they may originate externally, a hidden parameter can be added to ignore the absence of these soft-line breaks.

For more information on for this, please contact Broadcom support.

 

 

 

Additional Information

 Etrack 3304663