MSS inconsistencies on SMTP communication

Unanswered Question
Jul 28th, 2008
User Badges:

Getting a FLOOD, huge flood of

" reason: MSS exceeded, MSS 1300, data 1360" on Port 25

running Pix 7.0.4 code.

What is up with this? Have seen some of these in the past, but nothing like the 1 to 3 every second. I think someone is trying to run a SMTP exploit on my port 25. I am not getting these on port 80. Also have not had this huge amount of MSS reject in the past.


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Farrukh Haroon Mon, 07/28/2008 - 11:13
User Badges:
  • Red, 2250 points or more

This is rarely caused by exploits, this usually problems with the TCP settings on the server/client etc. Have a look at:

As you see Cisco has changed the default from 'deny' to 'allow' due to excessive user complaints starting from release 7.2(4)



dmooreami Mon, 07/28/2008 - 11:19
User Badges:

Tech note applies to http sites. I am having an issue with port 25 inbound. My quesiton is can I apply the same to port 25 to bypass the MSS messages.


This Discussion