Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1832
Views
5
Helpful
4
Replies

mailguard feature on PIX firewall

Go to solution
amit_kango
Level 1
Level 1

‎03-18-2011 06:40 PM - edited ‎03-11-2019 01:09 PM

Hi Friends,

we have our SMTP server in DMZ behind the PIX firewall. this SMTP server uses ESMTP feature. with this default fixup protocol smtp 25 command enabled some of mails are not getting delivered.

if I turn off the mailguard feature on firewall will their any security threat ? If yes then what are the other option where in my mailguard feature is on and at same time mails are getting deliver.

thank you

Amit

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Federico Coto Fajardo
VIP Alumni
VIP Alumni
In response to amit_kango

‎03-21-2011 06:23 AM

I don't have the technical aspects handy right now, but the mailguard or inspection for smtp basically controls the smtp transactions making sure they are appropiate and according to smtp behavior.

It does provide security because it looks deeper into layer 7 information to make sure smtp is behaving the way it should.

If you remove the protection, smtp will continue to work.

The problem is that there will no longer be layer 7 inspection going on to make sure the application is acting appropiately.

Hope it helps.


Federico.

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Federico Coto Fajardo
VIP Alumni
VIP Alumni

‎03-18-2011 07:35 PM

Hi Amit,

The fixup protocol smtp 25 basically inspects the smtp traffic through the PIX.

If you remove it, then (assuming port 25 is allowed), no additional inspection will be done on smtp packets.

An alternative (if having a PIX that's not a 501 or 506E) is to migrate the fixup to the MPF configuration to inspect ESMTP.

Hope it helps.


Federico.

Go to solution
amit_kango
Level 1
Level 1
In response to Federico Coto Fajardo

‎03-19-2011 10:34 AM

Thank you Federico. But if i dont want to use MPF configuration and disable the mailguard feature then what will be security threat. will intruder attack the mail server and make way into our environment?

0 Helpful

Go to solution
Federico Coto Fajardo
VIP Alumni
VIP Alumni
In response to amit_kango

‎03-21-2011 06:23 AM

I don't have the technical aspects handy right now, but the mailguard or inspection for smtp basically controls the smtp transactions making sure they are appropiate and according to smtp behavior.

It does provide security because it looks deeper into layer 7 information to make sure smtp is behaving the way it should.

If you remove the protection, smtp will continue to work.

The problem is that there will no longer be layer 7 inspection going on to make sure the application is acting appropiately.

Hope it helps.


Federico.

0 Helpful

Go to solution
amit_kango
Level 1
Level 1
In response to Federico Coto Fajardo

‎03-25-2011 04:42 AM

Thank you Sir it helps

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card