Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

PIX mailguard and killing mail session

Problem with mailserver communication through a PIX with mailguard (fixup smtp) enabled. Running 6.1(2) version on test PIX but we see the same problem on a PIX running 5.1(?)

debug fixup report -->

---------------------

smtp_cmd: (w05857/25 <- 15.162.121.94/3253)

smtp_cmd: initial cmd = helo , enter reply mode

smtp_response: (w05857/25 -> 15.162.121.94/3253)

entering command mode

smtp_response: (w05857/25 -> 15.162.121.94/3253)

ERR: reply in cmd mode

ERROR: killing smtp session

packet: <250?nwserv02?bro?cpqcorp?net?Hello?aberant??pleased?to?meet?you

\r\n>

Can't not find any additional information about above mentioned error messages !

Disabling the fixup smtp solves the problem.

1 REPLY
Cisco Employee

Re: PIX mailguard and killing mail session

The SMTP fixup doesn't just * out the banner and only allow the 7 standard SMTP commands, it also ensures that those commands are input in the correct order. What you're seeing with the error:

ERR: reply in cmd mode

is that the PIX is seeing something from this server when it shouldn't be, so I'd suggest that this server is not following the RFC correctly.

Can you, from a command prompt, telnet to this server on port 25, and when you get connected manually enter the following exactly as written (with the fixup off):

helo cpqcorp.com

mail from: test@cpqcorp.com

rcpt to:

data

this is a test message

.

quit

Then cut/paste the output of all this back here, we'll see what the mail server is replying with exactly and what the PIX doesn't like about it.

133
Views
0
Helpful
1
Replies