|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: Follow up on EHLO, 502, HELO, 503 Duplicate HELO/EHLO sequence
From: Christopher Hoover (ch
murgatroid.com)Date: Fri Feb 25 2000 - 16:18:16 CST
- Next message: Wietse Venema: "Re: changing timeouts"
- Previous message: Marco d'Itri: "Re: /etc/mailname"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
fyi -
my problem was indeed a bogosity in a cisco router between my host and the
rest of the world. beware: this incredibly broken behavior, i believe, is
in currently shipping products -- see details below.
-ch
The reject EHLO problem is apparently a known problem with the Cisco PIX
Firewall Mail Guard "feature":
Cisco PIX v4.2 Release Notes:
http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_v42/pixrn420.h
tm#xtocid1236623
[...]
Mail Guard Feature
This feature is only compliant with the RFC 821 section 4.5.1 commands. The
RFC 1651 EHLO command returns a "500 command unrecognized" reply code.
[...]
See also:
http://www.help.com/cgi-perl/reply/3/325/330?sidx=434383&midx=1530568&page=5
&from=http://www.help.com
Mail Guard is enabled in the default configuration for PIX Firewall with the
fixup protocol smtp 25 command. To disable Mail Guard, you must explicitly
use the no fixup protocol smtp 25 command
This bug may be fixed in some later release such as 4.2(5) :
CSCdk22371
The Mail Guard feature now works correctly when sending an SMTP EHLO
command to an MS Exchange server. Previously, the MS Exchange server would
hang upon receipt of the EHLO command through the PIX Firewall. The Mail
Guard feature is enabled on the PIX Firewall with the fixup protocol smtp
command. Also refer to bug fix CSCdk09763 for further EHLO improvements.
------
Christopher Hoover E-Cumulate, Inc., Co-Founder
+1-408-348-0304 voice mailto:chmurgatroid.com
+1-209-315-6378 facsimile http://www.e-cumulate.com
> -----Original Message-----
> From: Wietse Venema [mailto:wietseporcupine.org]
> Sent: Thursday, February 17, 2000 1:27 PM
> To: Christopher Hoover
> Cc: wietseporcupine.org
> Subject: Re: EHLO, 502, HELO, 503 Duplicate HELO/EHLO sequence
>
>
> Christopher Hoover:
> [Charset iso-8859-1 unsupported, filtering to ASCII...]
> >
> > I am running the stock smtpclient out of Simon Mudd's RPM. Simon claims
> > this is vanilla 19991231_pl04.
> >
> > I am seeing something different:
> >
> > [chplaya ~] % telnet 208.178.101.5 25
> > Trying 208.178.101.5...
> > Connected to 208.178.101.5.
> > Escape character is '^]'.
> > 220 smtp.well.com ESMTP Mail Relay Server watching your every
> move; Thu, 17
> > Feb 2000 13:08:11 -0800 (PST)
> > EHLO playa.e-cumulate.com
> > 502
> > HELO playa.e-cumulate.com
> > 250 smtp.well.com Hello [38.168.15.81], pleased to meet you
> > quit
> > 221 smtp.well.com closing connection
>
> I cannot reproduce the problem.
>
> Wietse
>
> Feb 17 16:22:43 spike postfix/smtp[20418]: <
> smtp.well.com[208.178.101.5]: 220 smtp.well.com ESMTP Mail Relay
> Server watching your every move; Thu, 17 Feb 2000 13:22:43 -0800 (PST)
> Feb 17 16:22:43 spike postfix/smtp[20418]: >
> smtp.well.com[208.178.101.5]: EHLO spike.porcupine.org
> Feb 17 16:22:44 spike postfix/smtp[20418]: <
> smtp.well.com[208.178.101.5]: 250-smtp.well.com Hello
> umbilical.porcupine.org [168.100.189.1], pleased to meet you
> Feb 17 16:22:44 spike postfix/smtp[20418]: <
> smtp.well.com[208.178.101.5]: 250-EXPN
> Feb 17 16:22:44 spike postfix/smtp[20418]: <
> smtp.well.com[208.178.101.5]: 250-VERB
> Feb 17 16:22:44 spike postfix/smtp[20418]: <
> smtp.well.com[208.178.101.5]: 250-8BITMIME
> etc...
>
- text/x-vcard attachment: Christopher_E_Hoover.vcf
- Next message: Wietse Venema: "Re: changing timeouts"
- Previous message: Marco d'Itri: "Re: /etc/mailname"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]