05-16-2008 10:56 AM - edited 03-09-2019 08:43 PM
Hi, I have a PIX 515E and a Windows SMTP Server in a DMZ, and I need send to some customers encrypted emails using TLS. I read in a Cisco documentation that I need enable it if use inspect esmtp:
policy-map type inspect esmtp esmtp_tls_enable
parameters
allow-tls
!
policy-map global_policy
class inspection_default
inspect esmtp esmtp_tls_enable
Now, when I do it, TLS work fine and I can send encrypted email but for unknown reason I can't send o receive non encrypted emails from other customers.
We can help me with this issue?
Thanks,
Solved! Go to Solution.
05-23-2008 02:03 PM
05-17-2008 07:12 PM
I think the issue here is with the some EHLO parameter which is not supported by ASA. Try adding following commands-
policy-map type inspect esmtp esmtp_tls_enable
match ehlo-reply-parameter others
mask
Clear the mail server connections through ASA and check if mails work now.
How this helps.
Regards,
Vibhor.
05-23-2008 06:56 AM
Hi Victor, thanks for your reply, I've done it and it work fine. Now I can send emails using TLS and regular emails.
The final configuration is:
policy-map type inspect esmtp esmtp_tls_enable
parameters
allow-tls
match ehlo-reply-parameter others
mask
!
policy-map global_policy
class inspection_default
inspect esmtp esmtp_tls_enable
Best regards,
05-23-2008 02:03 PM
I'm glad, could help you.
Regards,
Vibhor.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide