Re: [Exim] delivery stalls

Top Page
Delete this message
Reply to this message
Author: Suresh Ramasubramanian
Date:  
To: exim users
Subject: Re: [Exim] delivery stalls
John Ward [exim-users] <04/07/01 14:25 +0200>:
> hmm... if i had a beer for every asshole who thinks that they now how pix's
> work.. i'd be permanently pissed


Thanks - but you do realize that the problem with most pixes is that they
have incompetent people behind them :( Like the kiddie^H^H^H^H^H^H junior
admin at our upstream's NOC (where we have a few boxen colo'd), who sees a
lot of port 22 traffic, panics and firewalls port 22.

The pix in general is a good piece of software ... but mailguard sucks. As
for admins who disable a perfectly good and secure, ESMTP capable mailserver
by putting a pix in front of it (and from what I can see, a Pix only does
plain vanilla smtp ...) - grrr...

People don't seem to read what Cisco says ... this is from one of their
advisories about Mailguard

> The Mailguard feature is intended to help protect weakly secured mail
> servers. The workaround for this issue is to secure the mail servers
> themselves, or upgrade to fixed PIX firewall code.


--
Suresh Ramasubramanian <--> mallet <at> efn <dot> org
EMail Sturmbannfuhrer, Lower Middle Class Unix Sysadmin