Mailguard VLAN and Cisco SMTP fixup protocol

>> Tuesday, June 12, 2012

Mailguard VLAN and Cisco SMTP fixup protocol
Hello good morning everybody,

I believe that Cisco mailguard or SMTP fix up protocol is the combination with tagged traffic from ESX server and mailgurad.anyone experienced, that .1q tagged SMTP traffic.but on the other side from physical machines there are no issues with mail guard.

Any thoughts?

#2
10-07-2009

Jackson2
Member

Join Date: Apr 2008
Posts: 2,265
Re: Mailguard VLAN and Cisco SMTP fixup protocol
The Cisco Secure PIX firewall feature "mailguard" which controls SMTP commands to limited set of commands that can be bypassed.this irregularity can be used to bypass SMTP command filtering.Mailguard enables connections to an e-mail host through Transport Control Protocol (TCP) port 25 only. It logs all Simple Mail Transfer Protocol (SMTP) activity and allows only the minimum SMTP server commands found in Request for Comments (RFC) 821, Section 4.5.1. find out you have a valid reverse DNS on both the testing side and the destination

#3
10-07-2009

Techno01
Member

Join Date: Apr 2008
Posts: 2,268
Re: Mailguard VLAN and Cisco SMTP fixup protocol
The smtp fixup on the PIX should not be used if you need anything beyond the absolute minimum original SMTP commands.There is an RFC requirement that MTAs return '220 hostname' upon the initial connection. With the smtp fixup protocol enabled it returns 220. they are probably running a Cisco PIX firewall, which probably has a bug in it's software. This bug was patched in Cisco's version 5.2.4 and 5.2.5, but apparently still exists in older and newer versions

#4
10-07-2009

Trio
Member

Join Date: May 2008
Posts: 2,752
Re: Mailguard VLAN and Cisco SMTP fixup protocol
It depends on how much of an RFC lawyer.Disable the "SMTP fixup protocol" in the Cisco PIX configuration.which will allow our email servers to speak SMTP.basically system sends the end-of-message SMTP protocol sequence, but doesn't get a "message received" acknowledgment back from your system. The "bug" requires that the entire end-of-message sequence be contained within the same network packet, and not fragmented in multiple packets. Cisco's fix allows it to be fragmented.

Posted by LIZA at 2:25 AM

0 comments:

Post a Comment

Post a Comment

Subscribe to: Post Comments (Atom)

Read - Share - Comment

About This Blog

Share and Save

About Author