cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
5669
Views
0
Helpful
6
Replies

SMTP telnet obscured Banner 220 **** ESMTP - no inspect ESMPT and Fixup not working

davidfield
Level 3
Level 3
6 Replies 6

davidfield
Level 3
Level 3

I've tried to apply a PolicyMap/Class Map for the Mailserver source IP address to not match ESMTP for the internal IP 192.168.150.3 .  No change.

 

access-list ESMTP deny ip host 192.168.150.3 any
access-list ESMTP permit ip 192.168.150.0 255.255.255.0 any

class-map CMAP
match access-list ESMTP

policy-map PMAP
class CMAP
inspect esmtp

service-policy PMAP interface inside

 

 

Hi @davidfield

Sorry if I miss something. I understood that you are trying hard disable inspect for smtp but what is your problem? I assume that smtp service is not working but can you give more information about the environment and the problem?

 

 

-If I helped you somehow, please, rate it as useful.-

Hi Flavio,

 

SMTP traffic is passing to the Server but the ASA is interfering with the contents.

 

I don't manage the Mailserver and this being a new Firewall and Exchange server the Server guys are refusing to accept the network Firewall config as Operational for handover until they see the banner.  I've advised them that the inspection just restricts less used commands and the banner from being read but they will not have it.  


What we see at the moment when telneting to IP on port 25

telnet 59.147.41.134 25                     - not the real IP addr

220 ************************************************************

 

500 5.3.3 Unrecognized command
500 5.3.3 Unrecognized command

 

Regards

David

I am not exchange expert by no means but I think you did your job with firewall so maybe is time to think in something else.

 For example, looking at Microsoft docs, I read this:

Numeric Code: 5.3.3

Possible Cause: The Exchange 2000 remote server or the Exchange 2003 remote server is out of disk storage to hold mail. This problem occurs most frequently when the sending server sends mail that includes binary DATA (BDAT). This code may also indicate an SMTP protocol error.

"

 

-If I helped you somehow, please, rate it as useful.-

Thanks Flavio, I think it is the Firewall. On the local LAN I can telnet on smtp 25 onto their mail server and get the banner. Only from outside Public internet I hit the problem. Thanks for your input. Another set of eyes on it is helpful.

Has anyone else got an insight as to what could be the cause

Dave

I had this exact same problem, and when I REMOVED the "fixup protocol smtp 25" parameter, it fixed the issue.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: