Mail Guard
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-29-2008 12:49 AM - edited 03-11-2019 06:50 AM
We had power maintenance last weekend and had to shutdown our 6513 switch. When we powered up, we discovered we could no longer send and receive emails to external users. Microsoft came in to say we had a problem with the mailguard on our firewall module. How do I deal with that? Cisco documentations say we should disable mailguard. If right, how do I do this?
- Labels:
-
NGFW Firewalls

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-29-2008 08:18 AM
no fixup protocol smtp
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-17-2010 06:12 AM
is it possible to keep the mailguard smtp inspection enabled but to bypass for specific hosts?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-17-2010 07:30 AM
Hi Matt,
Yes, you can apply any inspection to match any traffic defined in an ACL. However, I would disagree in the previous poster that disabling mail inspection is the correct course of action.
If you want to inspect email traffic just to a mail server at 10.1.1.1, the configuration you would use is below:
access-list email extended permit tcp any host 10.1.1.1 eq smtp
!
class-map email-class
match access-list email
!
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect rsh
inspect rtsp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect xdmcp
inspect sip
inspect netbios
inspect tftp
inspect ip-options
inspect h323 h225 omar
inspect h323 ras
class email-class
inspect esmtp
!
service-policy global_policy global
Sincerely,
David.
