cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
593
Views
0
Helpful
2
Replies

CBAC and SMTP AUTH?

cwillenbrock
Level 1
Level 1

I'm having trouble getting SMTP AUTH to work on our network, even across network segments that have no specific access-list rules between them. Perhaps there's something in the CBAC setting that prevents AUTH from working properly?

Initially...

Our mail server software with relay enabled for everybody...external clients sent message, and it goes through fine.

Disable relay...

external clients sent message, server replies with "relay not permitted" (expected, good)

Enabled AUTH on server and set clients to authenticate...

external cleints sent message, get back error message...

"Your server has unexpectedly terminated the connection. Possible causes for

this include server problems, network problems, or a long period of

inactivity. Account: 'me@mydomain.com', Server:

'mailserver.mydomain.com', Protocol: SMTP, Port: 25, Secure(SSL): No, Socket

Error: 10053, Error Number: 0x800CCC0F

Removed firewall and no longer had problem. External clients authenticate fine and mail is sent, and bad people can't relay mail through our server.

What in the firewall config prevents SMTP AUTH? We're using Cisco 2514 with 11.3

2 Replies 2

rrbleeker
Level 1
Level 1

The Cisco IOS firewall has a built-in feature that assures that snmp conforms to the recommendations listed in RFC 821, section 4.5.1. This section lists the commands that should be allowed through a firewall (HELO, MAIL, RCTP, DATA, RSET, NOOP and QUIT). The cisco IOS firewall is configured to allow only the above commands and disallow any other command. You can disable this feature by typing 'no ip inspect -name- smtp'. SNMP will still be allowed (if permitted by rules), but the IOS FW will not check for imbedded commands in SMTP.

I hope this helps.

That was exactly my problem. Thanks so much for your help.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: