08-30-2007 12:06 AM - edited 03-11-2019 04:04 AM
Hello,
Is there some documentation on what exactly the default esmtp inspect map does? I am unable to find any. I would like to create an own esmtp inspect map but would like to base it on the default map.
By the way. Cisco's default esmtp inspect map covers the hostname in the ehlo command. This is a violation of certain RFCs!
Kind regards,
Rutger
08-30-2007 09:06 AM
08-30-2007 10:30 PM
Thanks!
This describes how to create an esmpt inspect. What I am looking for is the values of the default esmpt inspect. What does it do to my esmpt traffic?
Kind regards,
Rutger
02-25-2011 07:48 AM
If you're using the default inspection, use sh run all policy-map _default_esmtp_map to show what the ASA is doing:
policy-map type inspect esmtp _default_esmtp_map
description Default ESMTP policy-map
parameters
mask-banner
no mail-relay
no special-character
no allow-tls
match cmd line length gt 512
drop-connection log
match cmd RCPT count gt 100
drop-connection log
match body line length gt 998
log
match header line length gt 998
drop-connection log
match sender-address length gt 320
drop-connection log
match MIME filename length gt 255
drop-connection log
match ehlo-reply-parameter others
mask
Greg
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: