Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
duplicated messages
- Thread starter JMDIAS
- Start date
- Thread starter
- #3
You won't like this then!!
I had the same problem. Basically, it's an issue with the mailguard feature on the pix and RFC compliance. It took a very long time to get to the bottom of this so I have taken a few paragraphs from various emails I received around the time of the problem. Basically, a Pix software upgrade fixed the problem.
"The problem with mailguard is that it hides any header information behind Xs and will only display the numbers 0 and 2, if you manually make an SMTP connection to the mailguard service running on the PIX firewall and try to run any of the standard 7 commands that should be enabled on it HELO, MAIL, RCPT, DATA, RSET, NOOP, and QUIT it will drop your connection, although it will not tell you that the connection has been dropped (this is considered a security feature). If you check 4.2, 4.3 and 4.5.1 of RFC 821 it will explain return codes for SMTP, all of the above mail severs don't reply with the standard reply codes therefore are not RFC compliant.
The following article explains how to configure mailguard correctly
There is an issue with mailguard on Cisco PIX firewall logged on Cisco's site Bug Id : CSCds90792 this has to do with multiple deliveries of the same message."
"Exchange servers that are attached to Cisco PIX firewall appliances may be running into a problem with Mailguard, the firewall's SMTP protocol filtering feature. Mailguard blocks Extended SMTP commands and allows only basic SMTP, a feature that is designed to protect poorly designed mail servers from being hacked. If your Exchange 5.5 or 2000 installation has the most recent set of updates, it probably doesn't need Mailguard, so you can turn it off. Barring that, it is also possible to eliminate the problem by upgrading to the latest version of PIX, which corrects Cisco bug # CSCds90792."
As these quotes say, you can either upgrade the Pix or shut off Mailguard. If your exchange server and OS is hardened and the rest of your network security is good then you can do without the Mailguard feature.
Hope this helps!
Mia
I had the same problem. Basically, it's an issue with the mailguard feature on the pix and RFC compliance. It took a very long time to get to the bottom of this so I have taken a few paragraphs from various emails I received around the time of the problem. Basically, a Pix software upgrade fixed the problem.
"The problem with mailguard is that it hides any header information behind Xs and will only display the numbers 0 and 2, if you manually make an SMTP connection to the mailguard service running on the PIX firewall and try to run any of the standard 7 commands that should be enabled on it HELO, MAIL, RCPT, DATA, RSET, NOOP, and QUIT it will drop your connection, although it will not tell you that the connection has been dropped (this is considered a security feature). If you check 4.2, 4.3 and 4.5.1 of RFC 821 it will explain return codes for SMTP, all of the above mail severs don't reply with the standard reply codes therefore are not RFC compliant.
The following article explains how to configure mailguard correctly
There is an issue with mailguard on Cisco PIX firewall logged on Cisco's site Bug Id : CSCds90792 this has to do with multiple deliveries of the same message."
"Exchange servers that are attached to Cisco PIX firewall appliances may be running into a problem with Mailguard, the firewall's SMTP protocol filtering feature. Mailguard blocks Extended SMTP commands and allows only basic SMTP, a feature that is designed to protect poorly designed mail servers from being hacked. If your Exchange 5.5 or 2000 installation has the most recent set of updates, it probably doesn't need Mailguard, so you can turn it off. Barring that, it is also possible to eliminate the problem by upgrading to the latest version of PIX, which corrects Cisco bug # CSCds90792."
As these quotes say, you can either upgrade the Pix or shut off Mailguard. If your exchange server and OS is hardened and the rest of your network security is good then you can do without the Mailguard feature.
Hope this helps!
Mia
- Status
Similar threads
- Locked
- Question
- Locked
- Question