Mail blocked if not HTML [Postfix]

Prev: header_checks REJECT
Next: System Command on Client Restriction Rejection

From: "James R. Marcus" on 1 Jul 2010 19:02

For the ASA:

af-cam-primary# conf t
af-cam-primary(config)# class-map inspection_default
af-cam-primary(config-cmap)# class inspection_default
af-cam-primary(config-cmap)# no fixup protocol smtp 25

I believe these are the defaults. Do I need to do esmtp too?

thanks,
James

On Jul 1, 2010, at 6:51 PM, Matt Hayes wrote:

On 07/01/2010 06:50 PM, James R. Marcus wrote:
Yes. Well actually an ASA 5520

James

On Jul 1, 2010, at 6:34 PM, Ralf Hildebrandt wrote:

* James R. Marcus <jmarcus(a)edhance.com<mailto:jmarcus(a)edhance.com> <mailto:jmarcus(a)edhance.com>>:
Sorry I didn't post them before I was just trying to do a sanity
check. Here they are:

---------------
Postfix Logs
---------------
Jun 23 16:48:10 relay0 postfix/smtp[30504]: 5ED4F114BBC:
to=<sales(a)2co.com<mailto:sales(a)2co.com>>,
relay=mail.2co.com[64.128.185.221]:25, delay=0.98,
delays=0.01/0.01/0.33/0.62, dsn=4.4.2, status=deferred (lost
connection with mail.2co.com[64.128.185.221] while sending end of
data -- message may
Jun 23 18:02:08 relay0 postfix/smtp[1638]: 5ED4F114BBC: enabling PIX
<CRLF>.<CRLF> workaround for mail.2co.com[64.128.185.221]:25
Jun 23 18:02:18 relay0 postfix/smtp[1638]: 5ED4F114BBC:
to=<sales(a)2co.com<mailto:sales(a)2co.com>>,
relay=mail.2co.com[64.128.185.221]:25, delay=4449,
delays=4438/0.03/0.34/10, dsn=4.4.2, status=deferred (lost connection
with mail.2co.com[64.128.185.221] while sending end of data --
message may be
Jun 23 19:25:27 relay0 postfix/smtp[3204]: 5ED4F114BBC: enabling PIX
<CRLF>.<CRLF> workaround for mail.2co.com[64.128.185.221]:25
Jun 23 19:25:37 relay0 postfix/smtp[3204]: 5ED4F114BBC:
to=<sales(a)2co.com<mailto:sales(a)2co.com>>,
relay=mail.2co.com[64.128.185.221]:25, delay=9448,
delays=9438/0.02/0.08/10, dsn=4.4.2, status=deferred (lost connection
with mail.2co.com[64.128.185.221] while sending end of data --
message may be
Jun 23 22:12:08 relay0 postfix/smtp[6277]: 5ED4F114BBC: enabling PIX
<CRLF>.<CRLF> workaround for mail.2co.com[64.128.185.221]:25
Jun 23 22:12:18 relay0 postfix/smtp[6277]: 5ED4F114BBC:
to=<sales(a)2co.com<mailto:sales(a)2co.com>>,
relay=mail.2co.com[64.128.185.221]:25, delay=19449,
delays=19438/0.09/0.22/10, dsn=4.4.2, status=deferred (lost
connection with mail.2co.com[64.128.185.221] while sending end of
data -- message may b

Is the CISCO PIX in your organization?

--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Netzwerk
Charité - Universitätsmedizin Berlin
Campus Benjamin Franklin
Hindenburgdamm 30 | D-12203 Berlin
Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962
ralf.hildebrandt(a)charite.de<mailto:ralf.hildebrandt(a)charite.de> <mailto:ralf.hildebrandt(a)charite.de> |
http://www.charite.de

:: James R. Marcus | Director, IT Operations
:: Edhance | jmarcus(a)edhance.com<mailto:jmarcus(a)edhance.com> <x-msg://103/jmarcus(a)edhance.com>
:: v: 617-475-5360 | m: 914-772-8533
:: web: www.edhance.com<http://www.edhance.com> <http://www.edhance.com/>

ASA:

config t
no inspect smtp

-Matt

:: James R. Marcus | Director, IT Operations
:: Edhance | jmarcus(a)edhance.com<x-msg://103/jmarcus(a)edhance.com>
:: v: 617-475-5360 | m: 914-772-8533
:: web: www.edhance.com<http://www.edhance.com/>

From: Matt Hayes on 1 Jul 2010 19:07

On 07/01/2010 07:02 PM, James R. Marcus wrote:
> For the ASA:
>
> af-cam-primary# conf t
> af-cam-primary(config)# class-map inspection_default
> af-cam-primary(config-cmap)# class inspection_default
> af-cam-primary(config-cmap)# no fixup protocol smtp 25
>

I believe its: no inspect smtp

Most ASAs I've worked on the smtp inspect is on automatically.

-Matt

From: "James R. Marcus" on 1 Jul 2010 19:29

no inspect smtp didn't work for me.

James
On Jul 1, 2010, at 7:07 PM, Matt Hayes wrote:

On 07/01/2010 07:02 PM, James R. Marcus wrote:
For the ASA:

af-cam-primary# conf t
af-cam-primary(config)# class-map inspection_default
af-cam-primary(config-cmap)# class inspection_default
af-cam-primary(config-cmap)# no fixup protocol smtp 25

I believe its: no inspect smtp

Most ASAs I've worked on the smtp inspect is on automatically.

-Matt

:: James R. Marcus | Director, IT Operations
:: Edhance | jmarcus(a)edhance.com<x-msg://103/jmarcus(a)edhance.com>
:: v: 617-475-5360 | m: 914-772-8533
:: web: www.edhance.com<http://www.edhance.com/>

From: Matt Hayes on 1 Jul 2010 21:33

On 07/01/2010 07:29 PM, James R. Marcus wrote:
> no inspect smtp didn't work for me.
>

So you tried it and it didn't work or you ran the command and it wasn't
correct?

-Matt

From: Noel Jones on 1 Jul 2010 21:57

On 7/1/2010 5:54 PM, James R. Marcus wrote:
> No it is not just one host it is many.

Ah. Apparently your firewall is breaking the mail
transaction. You either need to tell the firewall to not
interfere with SMTP, or fix it so it at least doesn't break
SMTP.

If you're not sure how to do this, check with your vendor or a
support forum for your firewall.

-- Noel Jones

First | Prev | Next | Last
Pages: 1 2 3 4
Prev: header_checks REJECT
Next: System Command on Client Restriction Rejection