SMTP Auth .. something is filtering my email
Tony Hoyle
and the internet is proxying the email and removing the EHLO commands
from the data stream, stopping it working.
>From a known working (can use ESMTP to other servers with it)
connection I type:
$ telnet mail 25
220 mail ESMTP Postfix (Debian/GNU)
EHLO myhost
502 5.5.2 Error: command not recognized
What the mail host sees is:
XXXX myhost
.. something has replaced EHLO with XXXX!!
The only thing I have found that may do this is a misconfigured cisco
pix - but I have no such device... I'm stumped. Does A&A have a pix
lurking somewhere in the loop?
Tony
Tony Hoyle
>
> The only thing I have found that may do this is a misconfigured cisco
> pix - but I have no such device... I'm stumped. Does A&A have a pix
> lurking somewhere in the loop?
>
option set to disable esmtp.. first I knew it even supported anything
like that at all! So it's not just the pix that does it. Must have
been like that for months...
Tony
Tony Hoyle
and the internet is proxying the email and removing the EHLO commands
from the data stream, stopping it working.
>From a known working (can use ESMTP to other servers with it)
connection I type:
$ telnet mail 25
220 mail ESMTP Postfix (Debian/GNU)
EHLO myhost
502 5.5.2 Error: command not recognized
What the mail host sees is:
XXXX myhost
.. something has replaced EHLO with XXXX!!
The only thing I have found that may do this is a misconfigured cisco
pix - but I have no such device... I'm stumped. Does A&A have a pix
lurking somewhere in the loop?
Tony
Tony Hoyle
Rev Adrian Kennard
It may be a dumb question, but why on earth would that be a feature of
anything?
Thomas Sandford
news:4653f78d$0$647$5a6a...@news.aaisp.net.uk...
Its not a feature, its a "feature".
--
Thomas Sandford
Matthias Scheler
I assume that's a Cisco 877?
> The default config has an option set to disable esmtp..
What is the command? I've never noticed that my 877W breaks ESMTP but
I would like to make sure that it doesn't.
Kind regards
--
Matthias Scheler http://zhadum.org.uk/
Matthias Scheler
Rev Adrian Kennard <a...@k.gg> writes:
> It may be a dumb question, but why on earth would that be a feature of
> anything?
I guess they want to prevent SMTP clients from using "STARTLS" to be
able to monitor the traffic on the SMTP connection. It is a really
bad idea to do that of course but that never stopped Cisco.
Kind regards
P.S. Are there any other A-DSL routers compatible with BT's server which
support IPv6 and IPv4 routing and NAT at the time? When I bought
my 877W it seemed to be the only box capable of doing that.
Tony Hoyle
> In article <46534103$0$646$5a6a...@news.aaisp.net.uk>, Tony Hoyle
> <t...@nodomain.org> writes:
>> After I got home it turned out to be the 877.
>
> I assume that's a Cisco 877?
>
>> The default config has an option set to disable esmtp..
>
> What is the command? I've never noticed that my 877W breaks ESMTP but
> I would like to make sure that it doesn't.
It's in the ip inspect options.. SDM by default sets up a config with
'ip inspect smtp' which automatically stops esmtp passing through the router,
so just do a 'no ip inspect name <name> smtp' (I switched them all off except the generic
tcp/udp ones that are needed to make the firewall work, and ftp so active ftp works).
Tony
Andrew Hodgson
wrote:
Thanks for the heads up that these routers do this as well as the
ASA/PIX - it took me two months to convince the security experts at
work that this needed disabling - actually I was able to prove it was
damaging a PHP based app which used its own mail functions, and we
disabled it on the PIX.
The later PIX/ASA (probably from 7.x) do allow ESMTP through, but it
still breaks various parts of the protocol.
Thanks.
Andrew.