[c-nsp] PIX error using fixup smtp
Brian Feeny
signal at shreve.net
Wed Nov 10 17:31:35 EST 2004
I have a PIX running 6.3(3) and it has fixup smtp enabled.
When a remote client tries to send an unsupported command, such as
EHLO, i am seeing
the mailserver drop the connection immediatly. On the pix the
following is logged:
pixfirewall# smtp_response: (192.168.1.9/25 -> 207.254.193.98/56062)
smtp_cmd: (192.168.1.9/25 <- 207.254.193.98/56062)
smtp_cmd: initial cmd = ehlo , enter reply mode
smtp: nullify <ehlo > command
smtp_response: (192.168.1.9/25 -> 207.254.193.98/56062)
entering command mode
out-of-order segment (192.168.1.9/25 -> 207.254.193.98/56062)
received = 68131394, expected = 68131367
pixfirewall# smtp_response: (192.168.1.9/25 -> 199.181.134.30/53591)
smtp_cmd: (192.168.1.9/25 <- 199.181.134.30/53591)
smtp_cmd: initial cmd = ehlo , enter reply mode
smtp: nullify <ehlo > command
smtp_response: (192.168.1.9/25 -> 199.181.134.30/53591)
entering command mode
out-of-order segment (192.168.1.9/25 -> 199.181.134.30/53591)
received = 68136337, expected = 68136310
smtp_cmd: (192.168.1.9/25 <- 199.181.134.30/53591)
smtp_cmd: cmd = helo entering reply mode
out-of-order segment (192.168.1.9/25 <- 199.181.134.30/53591)
received = 3280724322, expected = 3280724291
rollback next sequence 3280724322 by 31 bytes
packet: <>
out-of-order segment (192.168.1.9/25 <- 199.181.134.30/53591)
received = 3280724322, expected = 3280724291
The Mail server software is 4D WebStar (runs on mac osx). Does anyone
know of any issues with the pix code
that may be happening here? This is a PIX501.
Brian
------------------------------------------------------------------------
------
Brian Feeny, CCIE #8036, CISSP e: signal at shreve.net
Network Engineer p: 318.213.4709
ShreveNet Inc. f: 318.221.6612
-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 186 bytes
Desc: This is a digitally signed message part
Url : https://puck.nether.net/pipermail/cisco-nsp/attachments/20041110/e94d84e0/PGP.bin
More information about the cisco-nsp
mailing list