ip inspect name FastEthernet_0_0 smtp

Discussion in 'Cisco' started by Rik Bain, Nov 11, 2003.

  1. Rik Bain

    Rik Bain Guest

    On Tue, 11 Nov 2003 19:43:21 +0600, Brian Bergin wrote:

    > Does anyone know if
    >
    > ip inspect name FastEthernet_0_0 smtp
    >
    > needs removed from a Cisco firewall running 12.3(1a) with IPFW if their
    > SMTP server is ESTMP? Kind of like you have to remove the SMTP Fixup on
    > a PIX, or is it ok to have it in IOS just not PIX OS? Thanks...
    >
    > Thanks...
    > Brian Bergin
    >
    > I can be reached via e-mail at
    > cisco_dot_news_at_comcept_dot_net.
    >
    > Please post replies to the group so all may benefit.


    SMTP inspection is limited to the RFC 821 command set, and can be
    problematic for ESMTP servers, so basically, yes.

    Rik Bain
     
    Rik Bain, Nov 11, 2003
    #1
    1. Advertising

  2. Rik Bain

    Brian Bergin Guest

    Does anyone know if

    ip inspect name FastEthernet_0_0 smtp

    needs removed from a Cisco firewall running 12.3(1a) with IPFW if their SMTP
    server is ESTMP? Kind of like you have to remove the SMTP Fixup on a PIX, or is
    it ok to have it in IOS just not PIX OS? Thanks...

    Thanks...
    Brian Bergin

    I can be reached via e-mail at
    cisco_dot_news_at_comcept_dot_net.

    Please post replies to the group so all may benefit.
     
    Brian Bergin, Nov 11, 2003
    #2
    1. Advertising

  3. You don't need to remove the inpection, but will need to add a permit
    statement on your Inbound ACL

    Claude

    --



    *****to e-mail me directly remove NOSPAM in e-mail address*******

    "Brian Bergin" <_domain> wrote in message
    news:...
    > Does anyone know if
    >
    > ip inspect name FastEthernet_0_0 smtp
    >
    > needs removed from a Cisco firewall running 12.3(1a) with IPFW if their

    SMTP
    > server is ESTMP? Kind of like you have to remove the SMTP Fixup on a PIX,

    or is
    > it ok to have it in IOS just not PIX OS? Thanks...
    >
    > Thanks...
    > Brian Bergin
    >
    > I can be reached via e-mail at
    > cisco_dot_news_at_comcept_dot_net.
    >
    > Please post replies to the group so all may benefit.
     
    Claude LeFort, Nov 11, 2003
    #3
  4. Rik Bain

    Andre Beck Guest

    Brian Bergin <_domain> writes:
    > Does anyone know if
    >
    > ip inspect name FastEthernet_0_0 smtp
    >
    > needs removed from a Cisco firewall running 12.3(1a) with IPFW if their SMTP
    > server is ESTMP?


    ESMTP provides fallback to SMTP, so strictly speaking, it is not required.

    > Kind of like you have to remove the SMTP Fixup on a PIX, or is
    > it ok to have it in IOS just not PIX OS? Thanks...


    I admit I don't know about 12.3, but at least in 12.1, the SMTP inspector
    of CBAC is that broken, you must remove it to be able to talk to certain
    MTAs. This was because it could not cope with SMTP responses that spread
    over multiple TCP segments.

    --
    The _S_anta _C_laus _O_peration
    or "how to turn a complete illusion into a neverending money source"

    -> Andre "ABPSoft" Beck +++ ABP-RIPE +++ Dresden, Germany, Spacetime <-
     
    Andre Beck, Nov 12, 2003
    #4
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Russ Johnson
    Replies:
    1
    Views:
    584
    Walter Roberson
    Oct 16, 2003
  2. didier
    Replies:
    1
    Views:
    9,227
    Didier
    Jan 18, 2004
  3. Didier
    Replies:
    0
    Views:
    1,077
    Didier
    Jan 27, 2004
  4. Jog Dial

    problems with inspect CBAC

    Jog Dial, Oct 14, 2004, in forum: Cisco
    Replies:
    2
    Views:
    730
    Jog Dial
    Oct 15, 2004
  5. *** HAWK

    Host Name of Hotmail SMTP Server

    *** HAWK, Jul 12, 2003, in forum: Computer Support
    Replies:
    1
    Views:
    25,680
    Ava Keech
    Jul 12, 2003
Loading...

Share This Page