11-08-2004 09:22 AM - edited 02-20-2020 11:44 PM
I just added smtp commands to my PIX with an exhcange server behind it. Originally I tried testing this by doing a telnet from a remote PC. telent 24.x.x.x smtp
to see if it would go through. The response I got was an encrypted/jumbled message like this: 220 ************************************
***********2**0*2********
Although my exchange mail is working fine (so it is not a big deal) I just wanted to know if this was something that the PIX does by default and why? Thanks.
11-08-2004 03:16 PM
Yes, the PIX is adding all the asterisks to mask the type of mail server you have, it's part of the SMTP "fixup" within the PIX.
If this is an exchange server you may want to turn this off, since the fixup will only (currently) allow SMTP to work through to your server, not ESMTP (it limits the commands that are allowed to pass through). Most people using Exchange want to use ESMTP for its added functionality, and so you have to turn the fixup off. Of course you lose some protection of your SMTP server but if it up to date with patches, etc, then you should be fine.
To turn the fixup off do the following:
no fixup protocol smtp 25
See http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_sw/v_63/cmdref/df.htm#wp1067379 for more details on the fixup's.
11-09-2004 05:08 AM
Greg, thanks so much explaining this. Great help!!!
sm
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide