ASA default esmtp inspect map

Unanswered Question
Aug 30th, 2007
User Badges:


Is there some documentation on what exactly the default esmtp inspect map does? I am unable to find any. I would like to create an own esmtp inspect map but would like to base it on the default map.

By the way. Cisco's default esmtp inspect map covers the hostname in the ehlo command. This is a violation of certain RFCs!

Kind regards,


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Rutger Blom Thu, 08/30/2007 - 22:30
User Badges:


This describes how to create an esmpt inspect. What I am looking for is the values of the default esmpt inspect. What does it do to my esmpt traffic?

Kind regards,


gregbeifuss Fri, 02/25/2011 - 07:48
User Badges:

If you're using the default inspection, use sh run all policy-map _default_esmtp_map to show what the ASA is doing:

policy-map type inspect esmtp _default_esmtp_map
description Default ESMTP policy-map
  no mail-relay
  no special-character
  no allow-tls
match cmd line length gt 512
  drop-connection log
match cmd RCPT count gt 100
  drop-connection log
match body line length gt 998
match header line length gt 998
  drop-connection log
match sender-address length gt 320
  drop-connection log
match MIME filename length gt 255
  drop-connection log
match ehlo-reply-parameter others



This Discussion