The . and <cr> issue you speak of is an outlook problem. Outlook does not encode attachments under certain circumstances properly and violates RFC 822 standards.
Most mail systems have added a patch to support and accept broken or non-RFC 822
compliant mail attachments. Imail, sendmail, postfix, as well as most firewall vendors have addresses this issue. But understand they are fixing a Microsoft bug (failure to be RFC 822 compliant) not fixing their bug. Cisco was slow in fixing this by comparison to others. I happen to support lots of PIXs and even though I might praise CyberGuard, we still are predominantly a Cisco shop.
Cisco may have fixed the SMTP bug in the releases you state, but I will bet they break it again in a future release. This has happened two many times now for me to think otherwise.
At 11/21/2001 09:00 PM, Paul D. Robertson wrote:
On Wed, 21 Nov 2001, Brian Ford wrote:
> SMTP. If you use it you need a SMTP compliant mail implementation. PIX
> then intercepts and scrubs certain commands and data that appear in those
> connections as per RFC 821.
>
> Postfix and other implementations work with fixup. Some Exchange
"...work fine with fixup if the PIX isn't running ancient software."
That's important because someone was just complaining about the dot
bug w/PIX and Postfix on Postfux-users in the last ~48 hours at a site
they don't control who couldn't understand that their expensive PIX has a
bug and not the other guy's cheap Postfix ;)
Heck it's raised in the Postfix FAQ:
Cisco PIX "fixup protocol smtp" bug
The Cisco PIX firewall has a bug when running software older than version
5.2(4) or 6.0(1).
The bug ID is CSCds90792. The "fixup protocol smtp" feature does not
correctly handle the case where the "." and the "CRLF" at the end of mail
are sent in separate packets.
Paul
-----------------------------------------------------------------------------
Paul D. Robertson "My statements in this message are personal opinions
[EMAIL PROTECTED] which may have no basis whatsoever in fact."
_______________________________________________
Firewalls mailing list
[EMAIL PROTECTED]
http://lists.gnac.net/mailman/listinfo/firewalls
--
Gregg Rosenberg - N9NNO RICIS, Inc.
Chief Technology Officer 708-444-2690 Voice
[EMAIL PROTECTED] 708-444-2697 Fax
http://www.ricis.com - 866-RICIS-77 Toll Free
"When you love the work you do, you will never work a day in your life."
Support anti-Spam legislation. Join the fight at www.cauce.org
