Re: [Exim] Re: Read errors and Mailman

On Mon, 10 Jun 2002, Derrick 'dman' Hudson wrote:

> | That gives me enough to at least talk to them about it. I was wondering if
> | I was somehow listed on the RBL.
> |
> | > Mailguard offers nothing but a false sense of security at the expense of
> | > ESMTP and reliable mail delivery.
> |
> | Is there a way to configure Exim at all to communicate with this?
>
> I'm not sure. Before I read the rest of the queue I decided to play
> with the server via telnet. It gives some interesting responses (eg
> the banner and the helo reply), and seems to just hang if you give it
> a whole bunch of "unimplemented" commands. That looks like a really
> bad implementation to me, and correlates with Tabor's explanation. A
> little more playing ... "ehlo" is unimplemented; a newline in a
> command causes the hang.

The PIX isnt actually an MTA, its just a TCP-level filter/proxy. While
Cisco makes a damn fine router (IOS blows ANYthing from any other router
vendor away), the PIX SMTP 'protection' is utter shit. A fairly good
indicator that a site is behind a PIX is that the perfectly good SMTP
banner send by the server will be turned into a big long string full of
asterisks with a few characters (the 220 code, mostly) interspersed.

The way to fix the problem is to turn off the SMTP 'protection' in the
PIX. (as someone previously noted, the command is "no fixup protocol
smtp' - you can give this to the PIX admin in they they are clueless or
dont want to sepdn time figuring out how to do this)