Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

Asa5505 still obfuscating mail banner with no inspect esmtp

I've tried it all.  no inspect esmtp.  no policy map.  inspect esmtp tls with banner obfuscate off. i'm out of ideas.  i always get 220 ******** when telnetting to mail server from outside.  tried 8.2.1.11 and 8.0.5.  any ideas?

exchange 2010

cable modem -> asa5505 -> sa540 (router mode) -> mail server via static map policy for port 25 on asa5505

internal same subnet and different subnets works fine.  works fine across site to site vpn.  just get stupid banner when i access from outside.

policy map nat ip address is different than outside interface address.  have other policy nats using 443 an 80 and they work fine.

help.  thanks.

2 REPLIES
Cisco Employee

Re: Asa5505 still obfuscating mail banner with no inspect esmtp

Without ESMTP inspection the ASA should not proxy for SMTP.

Can you do a packet capture in and out https://supportforums.cisco.com/docs/DOC-1222 and see if indeed the ASA proxies and changes these smtp packets?

PK

Community Member

Re: Asa5505 still obfuscating mail banner with no inspect esmtp

It turns out the servers / pc's was testing from were behind asa's with inspect esmtp turned on. there was nothing wrong with my asa's, for future reference.

1421
Views
0
Helpful
2
Replies
CreatePlease to create content