On Wed, 21 Nov 2001, Brian Ford wrote: > SMTP. If you use it you need a SMTP compliant mail implementation. PIX > then intercepts and scrubs certain commands and data that appear in those > connections as per RFC 821. > > Postfix and other implementations work with fixup. Some Exchange
"...work fine with fixup if the PIX isn't running ancient software." That's important because someone was just complaining about the dot bug w/PIX and Postfix on Postfux-users in the last ~48 hours at a site they don't control who couldn't understand that their expensive PIX has a bug and not the other guy's cheap Postfix ;) Heck it's raised in the Postfix FAQ: Cisco PIX "fixup protocol smtp" bug The Cisco PIX firewall has a bug when running software older than version 5.2(4) or 6.0(1). The bug ID is CSCds90792. The "fixup protocol smtp" feature does not correctly handle the case where the "." and the "CRLF" at the end of mail are sent in separate packets. Paul ----------------------------------------------------------------------------- Paul D. Robertson "My statements in this message are personal opinions [EMAIL PROTECTED] which may have no basis whatsoever in fact." _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
