Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Disable esmtp Inspection for Specific Host

Hello.  Is it possible to disable esmtp inspection for a specific INSIDE host with use of a policy-map?  If so, could you provide an example configuration.

VIP Green

Yes it is possible.  You

Yes it is possible.  You could do something like the following:

access-list ESMTP deny ip host any
access-list ESMTP permit ip any

class-map CMAP
match access-list ESMTP

policy-map PMAP
class CMAP
inspect esmtp

service-policy PMAP interface inside


Please remember to select a correct answer and rate helpful posts


Please remember to rate and select a correct answer
New Member

Hi! In this case, besides


In this case, besides those commands wouldn´t be necessary to disable default esmtp inspection from the by-default global-policy as well?? Like this:

policy-map global_policy
class inspection_default
no inspect esmtp


thanks in advance

VIP Green

You can disable default esmtp

You can disable default esmtp inspection like that, but cer43tcent wants to disable it for a single or specific internal addresses.  So for that you would need to define the addresses to be excluded and then define all the other addresses that are to be inspected.


Please remember to rate and select a correct answer
CreatePlease to create content