06-07-2012 10:54 PM - edited 03-11-2019 04:17 PM
Hi guys,
I have an issue with a Cisco ASA 5520. It seems to block some emails incoming from some recipients. The sender's mail server clearly reports my ASA as cause of the problem (see attached image).
Unfortunately I have not the logs about that event and the time frame to close this issue is very narrow.
Do you know what could be the cause of the problem?
Thanks,
Dario
06-07-2012 11:09 PM
Hi
ASA can block some emails incoming from some recipients if they do use non standart dangerous smtp commands.
you can disable this
conf t
policy-map global_policy
class inspection_default
no inspect esmtp
exi
wr
and enable again
conf t
policy-map global_policy
class inspection_default
inspect esmtp
exi
wr
06-07-2012 11:16 PM
Hi ttemirgaliyev,
What should it change if I perform this operation? Does it clean a table of not trusted senders?
Thanks,
Dario
06-08-2012 01:50 AM
it disables and enables protocol smtp inspection.
protocol smtp inspection means that ASA allows only six standard smtp commands,
protecting from dangerous non-standard smtp commands.
there is no table of trusted/not trusted senders
06-08-2012 04:18 AM
He's just showing you how to disable the inspection globally to allow those email servers to deliver to your server. If indeed that is the cause of the delay then it will resolve your problem, if it's not the cause then you can re enable the global inspection.
If that has resolved the problem then what you should do is create a separate policy map against a group of trusted servers and disable the inspection on only those servers - then at least you are still protected
06-13-2012 10:15 PM
Thanks guys.
I've disabled and enabled again and the problem has not appeared again. I would so create a separate policy map for that particular server.
Do you know the IOS sintax to do it?
Thanks,
Dario
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: