SMTP Fixup Issue

From Roaring Penguin
Revision as of 13:20, 15 March 2016 by MCoyne (talk | contribs)

Jump to: navigation, search

This is also referred to as SMTP Inspection and is a feature on Cisco firewalls. Unfortunately it causes what are often hard to diagnose blocking of email passing through the firewall and is considered a useless anti-spam feature by most. The following article contains more detail:

https://blogs.it.ox.ac.uk/networks/2009/11/26/cisco-firewall-smtp-fixup-considered-harmful/

To determine if this feature is in the mail delivery path for your mail server go to an external computer and open a terminal window. Then telnet to your mail server on port 25 as shown below:

  root@colo4(~)# telnet server.at.some.domain 25
  Trying 1.2.3.4...
  Connected to server.at.some.domain.
  Escape character is '^]'.
  220 *************************************************************************************************

The long line of "*" is the indicator of the feature being in place. We strongly recommend that the feature be disabled on the firewall.