cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1830
Views
5
Helpful
4
Replies

mailguard feature on PIX firewall

amit_kango
Level 1
Level 1

Hi Friends,

we have our SMTP server in DMZ behind the PIX firewall. this SMTP server uses ESMTP feature. with this default fixup protocol smtp 25 command enabled some of mails are not getting delivered.

if I turn off the mailguard feature on firewall will their any security threat ? If yes then what are the other option where in my mailguard feature is on and at same time mails are getting deliver.

thank you

Amit

1 Accepted Solution

Accepted Solutions

I don't have the technical aspects handy right now, but the mailguard or inspection for smtp basically controls the smtp transactions making sure they are appropiate and according to smtp behavior.

It does provide security because it looks deeper into layer 7 information to make sure smtp is behaving the way it should.

If you remove the protection, smtp will continue to work.

The problem is that there will no longer be layer 7 inspection going on to make sure the application is acting appropiately.

Hope it helps.


Federico.

View solution in original post

4 Replies 4

Hi Amit,

The fixup protocol smtp 25 basically inspects the smtp traffic through the PIX.

If you remove it, then (assuming port 25 is allowed), no additional inspection will be done on smtp packets.

An alternative (if having a PIX that's not a 501 or 506E) is to migrate the fixup to the MPF configuration to inspect ESMTP.

Hope it helps.


Federico.

Thank you Federico. But if i dont want to use MPF configuration and disable the mailguard feature then what will be security threat. will intruder attack the mail server and make way into our environment?

I don't have the technical aspects handy right now, but the mailguard or inspection for smtp basically controls the smtp transactions making sure they are appropiate and according to smtp behavior.

It does provide security because it looks deeper into layer 7 information to make sure smtp is behaving the way it should.

If you remove the protection, smtp will continue to work.

The problem is that there will no longer be layer 7 inspection going on to make sure the application is acting appropiately.

Hope it helps.


Federico.

Thank you Sir it helps

Review Cisco Networking for a $25 gift card