hi, am very new to configuring pix firewall's so forgive me if it a silly mistake, i think ive misconfigured my acl because i have already turned off mailguard (no fixup smtp) and i am still not able to send/recieve any email from my internal exchange server(10.35.104.106) but i have access to the internet.
here's my config:
Went through the logs and config and noticed a strange thing. Check the following syslog message-
%PIX-7-710005: UDP request discarded from 10.35.104.106/28536 to inside:10.35.104.100/domain
10.35.104.106 is trying to send domain traffic to 10.35.104.100. Now if I've checked your config correctly, 10.35.104.100 is the IP address of inside interface of PIX .. right? Is the mail server set to contact PIX's inside interface IP for DNS resolution? If so, please have it point to a legitimate DNS server because PIX cannot do name resolutions. Please reset the mail server to use a DNS server like 22.214.171.124 and then check if mails flow out.