[c-nsp] PIX error using fixup smtp

Hudson Delbert J Contr 61 CS/SCBN Delbert.Hudson at LOSANGELES.AF.MIL
Fri Nov 12 10:45:45 EST 2004 

anybody happen to READ the PIX manuals???

it is explicitly explained why this happens?

hate to say this but rtfm flks.

-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net]On Behalf Of Paul Stewart
Sent: Wednesday, November 10, 2004 5:35 PM
To: 'Brian Feeny'; cisco-nsp at puck.nether.net
Subject: RE: [c-nsp] PIX error using fixup smtp


Yes... Happens to us when running mail servers behind PIX.. We end up
turning off fixup on SMTP.. Perhaps better answer but that's what we
always do

Paul


-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Brian Feeny
Sent: Wednesday, November 10, 2004 5:32 PM
To: 'cisco-nsp at puck.nether.net'
Subject: [c-nsp] PIX error using fixup smtp




I have a PIX running 6.3(3) and it has fixup smtp enabled.

When a remote client tries to send an unsupported command, such as  
EHLO, i am seeing
the mailserver drop the connection immediatly.  On the pix the  
following is logged:

pixfirewall# smtp_response: (192.168.1.9/25 -> 207.254.193.98/56062)
smtp_cmd: (192.168.1.9/25 <- 207.254.193.98/56062)
         smtp_cmd: initial cmd = ehlo , enter reply mode
         smtp: nullify <ehlo > command
smtp_response: (192.168.1.9/25 -> 207.254.193.98/56062)
         entering command mode
out-of-order segment (192.168.1.9/25 -> 207.254.193.98/56062)
          received = 68131394, expected = 68131367
pixfirewall# smtp_response: (192.168.1.9/25 -> 199.181.134.30/53591)
smtp_cmd: (192.168.1.9/25 <- 199.181.134.30/53591)
         smtp_cmd: initial cmd = ehlo , enter reply mode
         smtp: nullify <ehlo > command
smtp_response: (192.168.1.9/25 -> 199.181.134.30/53591)
         entering command mode
out-of-order segment (192.168.1.9/25 -> 199.181.134.30/53591)
          received = 68136337, expected = 68136310
smtp_cmd: (192.168.1.9/25 <- 199.181.134.30/53591)
         smtp_cmd: cmd = helo  entering reply mode
out-of-order segment (192.168.1.9/25 <- 199.181.134.30/53591)
          received = 3280724322, expected = 3280724291
         rollback next sequence 3280724322 by 31 bytes
         packet: <>
out-of-order segment (192.168.1.9/25 <- 199.181.134.30/53591)
          received = 3280724322, expected = 3280724291


The Mail server software is 4D WebStar (runs on mac osx).  Does anyone  
know of any issues with the pix code
that may be happening here?  This is a PIX501.


Brian



------------------------------------------------------------------------

------
Brian Feeny, CCIE #8036, CISSP    	e: signal at shreve.net
Network Engineer           			p: 318.213.4709
ShreveNet Inc.             			f: 318.221.6612

_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

More information about the cisco-nsp mailing list