[Raw Msg Headers][Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Cisco PIX ORCPT scrambling..

To: TrevorPaquette@mcc.net (Paquette Trevor)
Subject: Re: Cisco PIX ORCPT scrambling..
From: mea@nic.funet.fi
Date: Mon, 13 Apr 1998 20:23:55 +0300 (EET DST)
Cc: zmailer@nic.funet.fi
In-Reply-To: <C925EB174777D111BAA50060083DB80E30564C@a01ex001.mcc.net> from "Paquette, Trevor" at Apr 13, 98 10:19:14 am

> We are seeing this error again and again with each remote system having
> a CISCO PIX firewall. Does anyone know if this is an issue that has been
> raised with Cisco? Do they know about it? Do they have a bug id
> associated with this? Does anyone know the PIX commands to turn off the
> DSN from the EHLO capability reports until Cisco can fix this?

	I did raise some ruckus on IETF working group about this
	a month (or two) back.

	I have had words from multiple sources in cisco that it has
	been fixed.  I am yet to see.

		http://www.zmailer.org/cisco-pix.html

	Perhaps it is the matter of slow deployment...
	Hmm.. Cisco pages do not (easily) yield out manuals,
	nor software release notes.

	The original design allowed only RFC-821 specified protocol.
	To my knowledge the PIX engineers made a mistake by just
	plainly listing "EHLO" as accepted alias to "HELO" (or something
	similar), and NOT filtering responses in the return path.

	The workaround (as I mention on that page) is to disable
	the MailGuard facility.   How you do it, I don't know.

	/Matti Aarnio <mea@nic.funet.fi>

References:
- Cisco PIX ORCPT scrambling..
  - From: "Paquette, Trevor" <TrevorPaquette@mcc.net>

Prev by Date: Cisco PIX ORCPT scrambling..
Next by Date: smtp error reports correct?
Prev by thread: Cisco PIX ORCPT scrambling..
Next by thread: smtp error reports correct?
Index(es):
- Date
- Thread