Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1319
Views
0
Helpful
4
Replies

pix 6.1 fixup protocol smtp command help requested

jljamison
Level 1
Level 1

‎04-30-2002 10:46 AM - edited ‎02-20-2020 10:02 PM

Hi,

When I institute a fixup protocol smtp 25 on my pix 515/6.1, I can no longer

telnet to my smtp server and perform a sample smtp conversation

I have the pix's external interface as the global PAT/NAT address, and it is port forwarding smtp to an internal server.

When fixup protocol smtp is off, I can telnet in to the smtp server just fine, so the port forwarding is working, and the access list is as well.

However, when I turn on fixup protocol smtp 25, I get the banner with the characters rewritten with asterisks, but it doesn't respond to any of the commands I issue, including valid ones.

Any ideas?

Thanks

0 Helpful
4 Replies 4

jparrishrsi
Level 1
Level 1

‎05-01-2002 11:21 PM

Hello,

The idea with smtp fixup is to restrict the protocols command set to RFC compliant commands. Your questions really depends on what it is you are trying to accomplish by telneting to your smtp host from the outside and what commands you are running on the mailer service.

The fixup works to hide the type of smtp service that is presented to the outside world by removing or replacing the smtp banner that is displayed when telneting to port 25. If you are able to telnet to that port from the outside, than as far as the smtp service is concerned the outside world will be able to establish RFC compliant connections to your smtp host.

Hope this helps....

Jason Parrish

jparrish@rightsys.com

0 Helpful

jljamison
Level 1
Level 1
In response to jparrishrsi

‎05-02-2002 10:02 AM

hi Jason,

Thanks for the reply. I am attempting to do a basic SMTP conversation - e.g.

HELO fromdomain.com

MAIL From:<somebody@somedomain.com>

RCPT To:<user@insidedomain.com>

DATA

now is the time for all good men...

.

QUIT

----------

However basically nothing happens after the substituted banner output. I am concerned that if I turn the fixup command on for protocol SMTP that inbound mail will get stuck. I was hoping to verify the SMTP protocol manually before turning it over.

-John

0 Helpful

bz
Level 1
Level 1
In response to jljamison

‎05-02-2002 01:30 PM

I had the exact same problem. I had to turn mail guard off because mail wasn't coming in.

0 Helpful

jljamison
Level 1
Level 1

‎05-08-2002 01:07 PM

RESOLUTION

It appears that the SMTP traffic flows correctly with the fixup protocol smtp 25 command turned on, even though after doing so you cannot telnet to port 25 through the pix and perform a test SMTP dialogue

-John

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card