cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
298
Views
0
Helpful
3
Replies

PIX+Microsoft IIS SMTP

ramesh.krishnan
Level 1
Level 1

I have 2 mail servers running Imail on my network. Now i have got a customised application of my client to run on my network. My network is equpiied with cscpo pix 525 with IOS 6.1 .

The application sends mail from the IIS virtual SMTP server which directly relays tyhe m,ails to the domains. I get these mails to the outside domains like yahoo, hotmail etc. But im not getting the mails to domains inside the firewall.I send mails to my ID xxx@yahoo.com and it gets delivered. I send mail to xx@inside-firewall-domain.com , it will not get delivered. All my mails are confugured as follows:

eg: abc.com is my domain. I have pointed the mail to mail.abc.com which is inside my firewall.the respective alias entries also have been given in the firewall for this. when i ping mail.abc.com its pinging the internal IP.

is there anything which i need to do in the firewall or IIS SMTP for this to get solved.

can anyone help me out on this ?

thanks in advance.

ramesh

3 Replies 3

tvanginneken
Level 4
Level 4

I assume that the MX record for abc.com is pointing to mail.abc.com? And when you ping mail.abc.com it is resolved to an internal IP adres?

If that is true then the traffic is not going through the pix and is the problem related to you IIS smtp server.

Does the IIS SMTP server deliver the mail directly to the destination, or does it forward it's traffic to a 'forwarding' mail server that will take care of the delivery? If you use a 'forwarding' mail server of your provider to deliver the mail, that mail servers probabely does not know how to deliver mail to your @inside-firewall-domain.com.

If you still think that the pix is causing the problems, maybe you could enable syslog logging on the pix:

logging host inside

logging trap debug

logging on

(free syslog server at http://www.kiwisyslog.com)

Kind Regards,

Tom

the IIS is directly delivering the mails. Its not using any other server for this relay.

ramesh

Hi,

does the syslog messages from the pix show that the pix is blocking something?

Maybe you could sniff the traffic coming from your mailserver, that way you are sure that the mail server is actually sending the smtp data.

In case you don't have a sniffer yet:

http://www.ethereal.com/

Best Wishes,

Tom

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: