Author Topic: Timeout when sending/forwarding HTML email with links  (Read 1405 times)

Offline ArashiInteractive

  • Newbie
  • *
  • Posts: 3
Timeout when sending/forwarding HTML email with links
« on: August 03, 2021, 11:31:23 PM »
I have a client reporting that they're unable to forward HTML emails, with or without attachments, when the message contains links to URLs.  In my own testing, I've found that if the links are deleted from the email body before sending, all works as expected.  Similarly, if I force using plain text for the email, the message sends successfully.  My client is insistent upon using HTML email, and is insistent upon using Roundcube rather than an email client -Outlook, Thunderbird, etc.

When trying to send using HTML email while the message body has links, Roundcube will sit for a time, then put up a timeout error.  This only happens when sending HTML email with links in the body.  Switching to plain text or using an email client completely fixes the problem.

I'm hoping there's an obvious setting I can change to make this work again.  My server is currently running the following:
Roundcube 1.4.11
DirectAdmin 1.62.4
CSF 14.10
Ubuntu 20.04 LTS

Thanks for your time

Offline alec

  • Hero Member
  • *****
  • Posts: 1,363
Re: Timeout when sending/forwarding HTML email with links
« Reply #1 on: August 04, 2021, 02:02:49 AM »
The request might get blocked by mod_security or other security appliance e.g. WordFence in the way.

Offline ArashiInteractive

  • Newbie
  • *
  • Posts: 3
Re: Timeout when sending/forwarding HTML email with links
« Reply #2 on: August 04, 2021, 02:26:30 AM »
Any idea what that may look like in the logs?  Since its in Roundcube itself I'm guessing it wouldn't be Wordfence, but possibly CSF.  The client has a static IP address, which I've already added to the allow/ignore list.

Offline ArashiInteractive

  • Newbie
  • *
  • Posts: 3
Re: Timeout when sending/forwarding HTML email with links
« Reply #3 on: August 04, 2021, 10:12:00 AM »
Turns out it was Comodo WAF 2.24.5's XSS rules causing the problem.  I haven't gone through all 50 rules yet, but by disabling this category for the domain in question, the client is able to once again reply/forward HTML email with links in the body.  Thanks for pointing me in the right direction.