LO49625: MANY OF "X-NOTES-ITEM" HEADERS HAD CREATED AT SENDING "MEETING I NVITATION" TO INTERNET ADDRESSES.

APAR status

Closed as fixed if next.

Error description

Fix will be similar to startfix ******* which removes name
headers.  We
intentionally convert headers from C&S onto MIME, and we remove
a hardcoded
list.  Any headers that are not wanted can be added to this
list, but as these
headers are later converted back into NRPC note properties, we
have to evaluate
if each one can be safely removed.  We will need a list of the
appropriate
headers to remove.  Perhaps we can make this list configurable
if that is a
requirement, but this risk will remain so we might NOT want to
expose it.
------------------

Customer send the "Meeting Invitation" from his Calendar.
But, the address for "To" included several internet addresses.
Then, there are many of "X-Notes-Item" headers added of the
"Meeting
Invitation" for internet addresses.
Unfortunately, the end internet address users uses EUDORA as
their MTA.
EUDORA show the many of "X-Notes-Item"s in the message bodies.
EUDORA's behavior is not correct for MIME messages, customer
agreed for it, but
Customer want to disappear the many needless (for any other mail
systems)
headers in the "Meeting Invitation" messages.

But, there are no any efficient work around for remove all the
extra
"X-Notes-Item" message headers.
Write all headers on the 'notes Items to be removed from
headers' field in
Server configuration Document,[MIME]-[Advanced]-[Advanced
Outbound Message
Options], but we could not remove the extra headers.

Follow is the exported SMTP mail message with
"smtpoutboundtofile=1".
"smtpsaveoutboundtofile=1". (Updated by Fei)


You can find many of "X-Notes-Item" header added, and find some
unsavory
information for security (Domino Server Name, Server versions,
Notes user name
and so on).
Especially for Server version, immoral internet user can send
any known
server-crashable mail from the out side of Customer's internet
site, if
customer did not update the latest maintenance release of latest
Fixpak.

If we could not remove the all/part of these "X-Notes-Item"
header, it will be
a security hole.

Local fix

Problem summary

The problem will be fixed in the next release of the product.

Problem conclusion

Temporary fix

Comments

This APAR is associated with SPR# MKIA6ZXG8B.
The problem will be fixed in the next release of the product.

APAR Information

APAR number
LO49625
Reported component name
DOMINO SERVER
Reported component ID
5724E6200
Reported release
801
Status
CLOSED FIN
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt
Submitted date
2010-03-09
Closed date
2010-03-19
Last modified date
2010-03-19

APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:

Modules/Macros

```
NA
```

Fix information

Applicable component levels

R801 PSN
UP

[{"Business Unit":{"code":"BU055","label":"Cognitive Applications"},"Product":{"code":"SSKTMJ","label":"Lotus Domino"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"8.0.1","Edition":"","Line of Business":{"code":"","label":""}}]

Document Information

Modified date:
19 March 2010

Tips

LO49625: MANY OF "X-NOTES-ITEM" HEADERS HAD CREATED AT SENDING "MEETING I NVITATION" TO INTERNET ADDRESSES.

Subscribe

APAR status

Closed as fixed if next.

Error description

Local fix

Problem summary

Problem conclusion

Temporary fix

Comments

APAR Information

APAR number

Reported component name

Reported component ID

Reported release

Status

PE

HIPER

Special Attention

Submitted date

Closed date

Last modified date

APAR is sysrouted FROM one or more of the following:

APAR is sysrouted TO one or more of the following:

Modules/Macros

Fix information

Applicable component levels

R801 PSN

Document Information

Share your feedback

Need support?