Our ASA is running code 8.0.4 and our smtp mail inbound and outbound working fine, then it was broken. Check the ASA and the inspect esmtp is on by default and this working before. The mail library was updated and nothing is working. Researched and found out that by removing inspect esmtp and mail is working again. I would like to keep the inspect esmtp on for security purpose but need to find a work around solution. Please let me know if there is a work around for this.
Kindly understand the functionality of 'inspect esmtp' first.
Please visit the following link for information on the same:
Assuming the receiving MTA is indicating that it supports Binary Chunking, and that implies that the binary data (BDAT) verb is also supported. However, the ASA does not support the BDAT verb and will XXXX it out. When the receiving MTA gets the Xed out command, it will send back a 500 (Unrecognized command) to the sending MTA. The sending MTA (in the case of Microsoft) then Resets (RSET) the connection. This causes mails to be unable to be sent. The problem here is with the ASA. This can be clearly seen by applying captures on the outside interface of the firewall with an error code of 500.
To rectify this please make a custom esmtp policy map like one configured in the below given example:
policy-map type inspect esmtp _default_esmtp_map
match ehlo-reply-parameter others
Please apply this policy map on the outside interface. This will ensure esmtp inspection being turned on and also allowing BDAT connection to pass through the firewall masking them instead of Xing them.
Hope this helps!