«

There is one particular outside mail server we're having trouble
sending to. Basically, our server (Groupwise) does an EHLO, and the
other server offers STARTTLS. Our server sends a STARTTLS, sends a few
bytes of encrypted data, and then the other server sends a RST.

If we try a test server outside the PIX, everything is fine.

I've looked at "no fixup protocol smtp 25" and "no inspect esmtp" and
those already seem to be in place.

Could the pix be doing something with the certificate? Could esmtp
inspection still be on?

Thanks!