So I noticed today all was not well with my 506. In doing some routine maintenance on our network, I was told external connections to both the SMTP and FTP servers were getting 'scrambled'.
The outside interface of our 506 is connected to our ISP provided ADSL router (we have to use this apparently), and the inside intercace is connected to our network switch.
In doing a little research, I guess this is not uncommon when you have another inline firewall which also randomizes the packet. So Cisco recommends using the 'norandomseq' with the static command but cautions this may create a security hole.
How drastic is this security hole?
The 506 only runs upto version 6.3 of software. In version 6.3, the PIX does note support ESMTP, and therefore forces the mail servers to downgrade to SMTP.
As for the "scrambling" I would guess you are talking about how the PIX "masks" the SMTP banner with astrics (**************220*********).
This is by design. I would suggest you disable the SMTP fixup and see if that solves teh issue for you:
no fixup protocol smtp 25