This article applies to:
- Trustwave SEG
- Trustwave SPE
Symptoms:
- Some spam not being identified by SpamProfiler or other technologies
Causes:
- Messages containing "bare carriage returns" or "bare linefeeds" in the header area may not be fully processed by some parts of SEG
- Some spam campaigns are formatted with these bare characters
Resolution:
To resolve this issue, choose to fix or block messages containing these characters:
- In the Configurator, navigate to Tools > Trustwave SEG Properties > Receiver Properties > Advanced
- In earlier MailMarshal SMTP versions, see MailMarshal Properties.
- In SPE, see Array Advanced Properties, Receiver tab.
- Set the values for Bare carriage returns and Bare line feeds to "Fix".
- You can also choose "Block" to immediately deadletter messages with this issue. However, legitimate mail may be affected.
- Commit configuration.
Notes:
- A bare carriage return is the 'CR' (carriage return) character without an accompanying 'LF' (linefeed).
- A bare linefeed is an 'LF' (linefeed) without a preceding 'CR' (carriage return).
- Bare carriage returns and bare linefeeds are technically not allowed in email messages. SEG ignores this standard by default because legitimate messages are sometimes malformed in this way.