garbled SMTP banner

[wallst32]

I have an Exchange server on the inside interface of a 515. It has a static NAT address to communicate with the outside interface. Port 25 to the Exchange server is open to the outside.

From an outside machine, if I telnet to the Exchange server on port 25, sometimes I get a readable SMTP banner, and sometimes I get garbled text. Regardless of what the output is, SMTP mail flow is fine.

Any ideas on why I'm getting garbled text sometimes? This behavoir does not happen when the environment is not firewalled.

TIA

 

[tbissett]

Have you tried disabling fixup smtp and seeing if you still get the garbled stuff? The command would be:
no fixup protocol smtp 25

fixup smtp is the PIX mailguard feature. It only allows a very strict set of smtp commands in the name of security. Some people say too strict, particularly for Exchange servers. Others say it should be that way.

I'm not recommending one way or the other, but does disabling it get rid of the garbled stuff?

 

[wallst32]

Tbisset - "no fixup protocol smtp 25" did the trick. Thanks for the tip.

 

[yizhar]

HI.

This is by design (if you get many asterix ********).
The idea is to hide info about your mail server from the attackers.

I have implemented several pix devices with Exchange behind them (Exc 5.5 or 2000) and never needed to disable the fixup smtp. So if mail flow is fine, I suggest that you re-enable this feature.

Bye


Yizhar Hurwitz

http://come.to/yizhar

http://teachers.sivan.co.il/yizhar