I have PIX 515 w/5.3(1) IOS running and I ran into a problem with SMTP
connectivity between two Exchange servers. I have the FW opened up to allow
SMTP between Server 1 and Server 2 and everything seemed okay. Now here is
the freaky problem. Server 1 receives inbound email just fine, but its
outbound email to Server 2 will sit in the queue for a random amount of time
before being sent. I hooked up a Sniffer between Server 1 and the FW and
the majority of the traffic between the two servers showed "No Response".
When I decoded the traffic it looked like Server 1 was sending a reset
(RSET) to Server 2 and that is what was causing the problem. After some
research on CCO I found an incompatibility with older PIX IOS versions and
the "Mailguard" feature. It seems that the Mailguard feature didn't support
"ESMTP", which these Exchange servers are using. I thought I had found the
problem until I did a little bit more digging and found that this was fixed
in IOS 5.2(2) and later with the new support of RFC 1869 for SMTP Service
Extensions. So this shouldn't be an issue. The thing that is throwing me
off is that A.) Inbound email to Server 1 has no problem. B.) The server
admin setup a test servers and both inbound and outbound traffic worked fine
through the PIX. C.) Server 2 isn't having any problems getting through the
FW. Now here is the kicker...D.) When I disabled "Mailguard" everything is
said to be working normally!!
I might be paranoid, but I'm starting to think the Exchange guys made some
changes on Server 1 and are trying to lead me to believe that it was my FW,
but I'm having a hard time dealing with that. The whole denial thing of
nothing ever going wrong with Cisco :-|, and the fact that I wasn't involved
in the final stage of the troubleshooting. I don't trust many people.
Anyway....if anyone has ever run into this problem or something similar I
would like to hear your story.
TIA for all and any responses to my incoherent pleas for mercy!
Eric
_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com
_________________________________
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
