Pix 515E - Inbound SMTP 106015 drops on outside interface

dclee · ‎10-02-2008

We are currently running a Pix 515E 6.3(5), no failover mode. I am getting alot of drops on the outside interface on SMTP port. The error is 106015 Deny TCP (no connection) from IP_addr/port to IP_addr/port flags. I have researched the error and it appears that this is a malformed smtp packet that is getting discarded. Is this usual behaviour or is this something I should be looking at ?

I am dropping this traffic from a wide range of public IP's.

Any help would be appreciated.

Cheers

Dave

dkraut · ‎10-02-2008

Do you have fixup protocol smtp 25 enabled? If so, try disabling it as it has been known to cause a lot of trouble. >>

no fixup protocol smtp 25

dclee · ‎10-02-2008

I do have the fixup protocol enabled.

Can i just enter the no fixup command without affecting the mail flow, or is this something that should be done afterhours ?

Cheers

Dave

suschoud · ‎10-02-2008

you can run this command during production hours.It just puts a lot of constraints on what smtp commands can pass through f/w.Removing these constraints ( fixup ) would not affect the mail flow.

Regards,

Sushil