Re: [exim] Exim and auth behind Cisco kit?

Top Page
This message is part of the following thread:
M+++\the complete thread tree sorted by date
MMMMMPeter Bowyer at <-
MJakob Hirsch at ->
Delete this message
Reply to this message
Author: Renaud Allard
Date:  
To: David
CC: exim-users
Subject: Re: [exim] Exim and auth behind Cisco kit?


David wrote:

>
> The 550 is expected, because no AUTH was attempted. As I understand
> it AUTH is only accepted after EHLO anyway. Connecting to
> localhost:25 using nc on the server shows a proper initial 220 and
> accepts 'EHLO test', advertising AUTH PLAIN LOGIN.
>
> An nmap scan from outside shows that port 25 is "Cisco PIX sanatized
> smtpd" which I find interesting. Could it be that the above is
> explained by some strange behaviour of the router or firewall? If so,
> can somebody suggest how to stop it interfering with my SMTP sessions?

Cisco Pix smtp "fixup" protocol is broken in many ways. You probably
want to just disable it. It has been also suggested to put AUTH on port
587, which is indeed wise. But you should still disable the
malfunctionning Cisco smtp, as it not only blocks AUTH, but also every
extension (like SIZE, STARTTLS,...). Also following RFC2821, "recent"
SMTP implementations MUST speak ESMTP.
This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] Exim and auth behind Cisco kit?Re: [exim] Exim and auth behind Cisco kit?->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)