Pix 515E - Inbound SMTP 106015 drops on outside interface

Unanswered Question

We are currently running a Pix 515E 6.3(5), no failover mode. I am getting alot of drops on the outside interface on SMTP port. The error is 106015 Deny TCP (no connection) from IP_addr/port to IP_addr/port flags. I have researched the error and it appears that this is a malformed smtp packet that is getting discarded. Is this usual behaviour or is this something I should be looking at ?

I am dropping this traffic from a wide range of public IP's.

Any help would be appreciated.

Cheers

Dave

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
dkraut Thu, 10/02/2008 - 11:28

Do you have fixup protocol smtp 25 enabled? If so, try disabling it as it has been known to cause a lot of trouble. >>

no fixup protocol smtp 25

suschoud Thu, 10/02/2008 - 12:27

you can run this command during production hours.It just puts a lot of constraints on what smtp commands can pass through f/w.Removing these constraints ( fixup ) would not affect the mail flow.

Regards,

Sushil

Actions

This Discussion