PIX MailGuard "fixup protocol smtp" and Exchange Server?

  • Permalink
  • submit to reddit
  • Email
  • Follow


I've googled this one to death but cannot find the info I need.  I
have an IT  user that is attempting to send and receive test email via
Outlook Express to/from their ISP from within our internal network,
which includes a (PIX 515 v6.3.3).  This user can receive their test
email via POP but cannot send via SMTP.  I've found numerous articles
discussing issues with M$ Exchange server / ESMTP and the Cisco PIX
Mailguard feature (fixup protocol smtp 25) which I do have enabled.  I
do not know for sure if BellSouth is using Exchange but it seems
likely given the fact that our Notes server and all clients inside and
out are working fine traversing the same firewall.  Microsoft's answer
appears to be, turn off the PIX Mailguard feature (no fixup protocol
SMTP 25) as noted here >

http://support.microsoft.com/?kbid=320027

Not willing to blindly follow the M$ sheeple, I have to wonder what if
any security risk does turning off the PIX Mailguard create?  Is there
a better solution?

Thx!  David@Rocketmail.com
0
Reply David 1/8/2004 9:45:33 PM

See related articles to this posting


On Thu, 08 Jan 2004 15:45:33 -0600, David K wrote:

> I've googled this one to death but cannot find the info I need.  I have
> an IT  user that is attempting to send and receive test email via
> Outlook Express to/from their ISP from within our internal network,
> which includes a (PIX 515 v6.3.3).  This user can receive their test
> email via POP but cannot send via SMTP.  I've found numerous articles
> discussing issues with M$ Exchange server / ESMTP and the Cisco PIX
> Mailguard feature (fixup protocol smtp 25) which I do have enabled.  I
> do not know for sure if BellSouth is using Exchange but it seems likely
> given the fact that our Notes server and all clients inside and out are
> working fine traversing the same firewall.  Microsoft's answer appears
> to be, turn off the PIX Mailguard feature (no fixup protocol SMTP 25) as
> noted here >
> 
> http://support.microsoft.com/?kbid=320027
> 
> Not willing to blindly follow the M$ sheeple, I have to wonder what if
> any security risk does turning off the PIX Mailguard create?  Is there a
> better solution?
> 
> Thx!  David@Rocketmail.com

David,

If the SMTP connection is from inside to outside, then the fixup should
not come into play. 

-what does sniffer capture of the SMTP session attempt show?
-relaying issue?
-can you telnet to server on port 25 and issue commands? 


Rik Bain
0
Reply Rik 1/8/2004 11:06:09 PM

Rik, et al,

After posting this I was able to get a hold of a senior tech at
BellSouth who told me that the problem is on their end.  Apparently,
they will not allow anyone to connect to their SMTP servers unless
they originate from the BellSouth network which is an anti-spam/relay
effort.  Thanks for the response and sorry for the waste of
bandwidth!!  :)

Regards,

David@Rocketmail.com





Rik Bain  <rik@remove.bainz.org> wrote in message news:<pan.2004.01.08.23.06.05.244105.4106@remove.bainz.org>...
> On Thu, 08 Jan 2004 15:45:33 -0600, David K wrote:
> 
> > I've googled this one to death but cannot find the info I need.  I have
> > an IT  user that is attempting to send and receive test email via
> > Outlook Express to/from their ISP from within our internal network,
> > which includes a (PIX 515 v6.3.3).  This user can receive their test
> > email via POP but cannot send via SMTP.  I've found numerous articles
> > discussing issues with M$ Exchange server / ESMTP and the Cisco PIX
> > Mailguard feature (fixup protocol smtp 25) which I do have enabled.  I
> > do not know for sure if BellSouth is using Exchange but it seems likely
> > given the fact that our Notes server and all clients inside and out are
> > working fine traversing the same firewall.  Microsoft's answer appears
> > to be, turn off the PIX Mailguard feature (no fixup protocol SMTP 25) as
> > noted here >
> > 
> > http://support.microsoft.com/?kbid=320027
> > 
> > Not willing to blindly follow the M$ sheeple, I have to wonder what if
> > any security risk does turning off the PIX Mailguard create?  Is there a
> > better solution?
> > 
> > Thx!  David@Rocketmail.com
> 
> David,
> 
> If the SMTP connection is from inside to outside, then the fixup should
> not come into play. 
> 
> -what does sniffer capture of the SMTP session attempt show?
> -relaying issue?
> -can you telnet to server on port 25 and issue commands? 
> 
> 
> Rik Bain
0
Reply David 1/9/2004 2:26:50 PM
comp.dcom.sys.cisco 25166 articles. 24 followers. Post

2 Replies
389 Views

Similar Articles

[PageSpeed] 15


  • Permalink
  • submit to reddit
  • Email
  • Follow


Reply:

Similar Artilces:

PIX MailGuard "fixup protocol smtp" and Exchange Server?
I've googled this one to death but cannot find the info I need. I have an IT user that is attempting to send and receive test email via Outlook Express to/from their ISP from within our internal network, which includes a (PIX 515 v6.3.3). This user can receive their test email via POP but cannot send via SMTP. I've found numerous articles discussing issues with M$ Exchange server / ESMTP and the Cisco PIX Mailguard feature (fixup protocol smtp 25) which I do have enabled. I do not know for sure if BellSouth is using Exchange but it seems likely given the fact that our Notes server...