Exchange issues through PIX

[Donachie]

I am migrating our network. Our users will now access their mail from a different subnet - sperated by a PIX.

The rules allow all IP traffic between the subnet with the desktops and the subnet with the exchange server.

Lients that have been migrated to the new desktop zone are experiencing intermittent hanging of the mail application - lasts for up to 30 seconds.

Anyone ever experienced this before?

 

[wybnormal]

Did you try to turn off the fix-up for SMTP?


"The fixup protocol smtp command enables the Mail Guard feature, which only lets mail servers receive the RFC 821, section 4.5.1 commands of HELO, MAIL,RCPT, DATA, RSET, NOOP, and QUIT. All other commands are rejected with the
"500 command unrecognized" reply code. As of version 5.1 and later, the fixup protocol smtp command changes the
characters in the SMTP banner to asterisks except for the "2", "0", "0 " characters. Carriage return (CR) and linefeed (LF) characters are ignored. In version 4.4, all characters in the SMTP banner are converted to asterisks."

If I recall, there is a specific fix up for using exchange which uses an extended set of commands that the normal SMTP servers do not use.

MikeS

http://www.packetattack.com

http://www.packetpress.net

Home of the book "Network Security Using Linux"

 

[Donachie]

Thanks Mike, I did some research into this and looks like it probably is what is causing the issues. I ran the no fixup command for smtp this morning and so far so good.

thanks again.