Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Mail Guard

We had power maintenance last weekend and had to shutdown our 6513 switch. When we powered up, we discovered we could no longer send and receive emails to external users. Microsoft came in to say we had a problem with the mailguard on our firewall module. How do I deal with that? Cisco documentations say we should disable mailguard. If right, how do I do this?

3 REPLIES
Cisco Employee

Re: Mail Guard

no fixup protocol smtp

New Member

Re: Mail Guard

is it possible to keep the mailguard smtp inspection enabled but to bypass for specific hosts?

Silver

Re: Mail Guard

Hi Matt,

Yes, you can apply any inspection to match any traffic defined in an ACL.  However, I would disagree in the previous poster that disabling mail inspection is the correct course of action.

If you want to inspect email traffic just to a mail server at 10.1.1.1, the configuration you would use is below:


access-list email extended permit tcp any host 10.1.1.1 eq smtp
!
class-map email-class
match access-list email
!
policy-map global_policy
class inspection_default
  inspect dns preset_dns_map
  inspect ftp
  inspect rsh
  inspect rtsp
  inspect sqlnet
  inspect skinny 
  inspect sunrpc
  inspect xdmcp
  inspect sip 
  inspect netbios
  inspect tftp
  inspect ip-options
  inspect h323 h225 omar
  inspect h323 ras
class email-class
  inspect esmtp
!
service-policy global_policy global

Sincerely,


David.

206
Views
5
Helpful
3
Replies