×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

PIX515 slow SMTP performance

Unanswered Question
Jan 16th, 2003
User Badges:

I have PIX515 (IOS 6.22) with mail server in dmz.

No other network devices in dmz.

Clients from inside access dmz via dymanic NAT.

No static NAT and ACLs are applied.

POP3 and any other types of connections from inside to dmz mail server are fast, but SMTP slow ( mail server responses to 'Telnet <ip_addr> 25' over 5-10 sec). No errors are occured on both ethernet interfaces.

No problems with client performance and mail server when it moves to inside

segment.




  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
tvanginneken Thu, 01/16/2003 - 12:03
User Badges:
  • Silver, 250 points or more

Hi,


could you try disabling the smtp fixup protocol and see if it makes any difference?


Kind Regards,

Tom

chrclark Thu, 01/16/2003 - 13:37
User Badges:
  • Cisco Employee,

Try permitting IDENT. Some SMTP hosts try to verify who is sending the e-mail before the accept it. Then it will give up and accept the e-mai anyway. Maybe you could disable that option on the SMTP host.

gfullage Thu, 01/16/2003 - 15:55
User Badges:
  • Cisco Employee,

If the initial connection takes 5-10 seconds to come back, but then after that the response is "normal", then as the previous person said, this is probably an IDENT problem. The best way is to disable your SMTP server from doing this, but if you're not sure how to do that, you can tell the PIX to send an RST back to the mail server if it sees it by doing:


> service resetinbound


http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_62/cmdref/s.htm#1045404

Actions

This Discussion