On Thu, 22 Nov 2001, Gregory D. Rosenberg wrote: > The . and <cr> issue you speak of is an outlook problem. Outlook does not > encode attachments under certain circumstances properly and violates RFC > 822 standards.
Sorry, but no, this isn't an encoding problem, it's an SMTP problem. It's not an RFC822 problem- it's not the format of the message that has the issue, it's the SMTP conversation (RFC 821) but it's a transport layer issue, not an application layer issue, so 821 doesn't even cover it, since it's a stack transport layer issue, not an application transport layer issue. > Most mail systems have added a patch to support and accept broken or > non-RFC 822 The DATA section of an SMTP conversation has to end in <CRLF>.<CRLF>- PIX had problems with the . and final <CRLF> appearing in seperate packets- it's a fairly typical packet filter state bug that's not an issue with stack implementations like proxies and other mail servers because they get a TCP stream, not individual TCP packets to work on. > compliant mail attachments. Imail, sendmail, postfix, as well as most > firewall vendors have addresses this issue. But understand they are fixing > a Microsoft bug (failure to be RFC 822 compliant) not fixing their bug. > Cisco was slow in fixing this by comparison to others. I happen to support > lots of PIXs and even though I might praise CyberGuard, we still are > predominantly a Cisco shop. >From the fix notes: 20010529 Workaround: old PIX firewall code messes up when the final ".<CR><LF>" at the end of DATA spans a packet boundary. When Postfix detects PIX SMTP fixup mode, Postfix flushes the output buffers before sending the final ".<CR><LF>". File: smtp/smtp_proto.c. Quite obviously the SMTP code is generated by the MTA, not the MUA- so in this case, Microsoft happens to be free of blame. > > Cisco may have fixed the SMTP bug in the releases you state, but I will bet > they break it again in a future release. This has happened two many times > now for me to think otherwise. I'll take that bet. Brian can cover me ;) Paul ----------------------------------------------------------------------------- Paul D. Robertson "My statements in this message are personal opinions [EMAIL PROTECTED] which may have no basis whatsoever in fact." _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
