Re: [exim] state.gov users cannot send to my exim mail serve…

Top Page
Delete this message
Reply to this message
Author: Nigel Metheringham
Date:  
CC: exim users
Subject: Re: [exim] state.gov users cannot send to my exim mail server
On 24 Mar 2011, at 10:54, Graeme Fowler <graeme@???> wrote:

> But your MX servers seem to be behind a Cisco PIX device, with the Cisco
> "SMTP Fixup" switched on. This is well known to break ESMTP regularly.


In fact it's designed to break ESMTP - because they need to prevent the negotiation of TLS which would break the devices ability to fiddle with the protocol. PIX (or ASA) Smtp fixup appears to provide no security enhancements over sane configuration and adds all the Cisco bugs to the mix. It really needs to be removed from a production network.

Nigel



[Sent from a mobile device - apologies for brevity and spelling]