On 17 Jan 2011, at 13:17, Peter Bowyer wrote:
> The PIX issue that I remember cropping up (not for me, I wouldn't
> touch one with someone else's bargepole) was around the PIX masking
> out some ESMTP capabilities - possibly STARTTLS. I guess it masks them
> because it knows it's going to break them - a proxy such as the PIX
> acts would almost certainly break STARTTLS....
From memory - we do use the things, but standing instructions are to
switch off SMTP f**up features - this is basically the case.
Additionally the initial SMTP banner (ie 220 hostname ....) has large
chunks ****'d out so many systems won't try ESMTP since the ESMTP
part of the banner has been removed.
> The solution was to turn off the SMTP fixup feature. Or trash the PIX.
Either of those work well. ASAs do suffer similar issues. Unfortunately
I can't get at one to test against at the moment.
Nigel.
--
[ Nigel Metheringham Nigel.Metheringham@??? ]
[ - Comments in this message are my own and not ITO opinion/policy - ]
