At first glance I was about to dump this as being an OT mail (Exchange server) issue however, I seem to recall a similar problem some time ago.
I think the reason why your internal email is getting bounced is because when IDENT/auth lookups (port 113 udp/tcp authentication) are enabled, your firewall is probably denying the IDENT lookups to your internal hosts. Check for the rejected port 113 traffic to your internal hosts in your syslog, this should clear things up.. Cheers.. Marc >>> "Prathabacimman.M" <[EMAIL PROTECTED]> 01/07 9:56 PM >>> Thanks to Henry Sieff Adding more to the above problem yesterday we solved the problem but temporarily. As we remove "ip inspect name 'name' smtp" things have started moving smoothly. But our situation forces us to implement smtp monitoring. How to go about it.. Prathabacimman.M (call me prathab) Hi, I have a got a very peculiar problem with Cisco IOS Firewall 21.4 on Cisco 2621 Router. Our mail server recides on the DMZ and We have got CBAC and Access lists enabled on the Router. There's no problem with the traffic except SMTP. When the authentication is enabled for SMTP relay on our Exchange Server, the internet clients are unable to send mails thru the server. The mails get bounced. When the authentication is removed the server is vulnerable to open relay. There's certainly a problem with the router/image/CBAC/ACL but we cannot identify where it lies. Can any one help me in troubleshooting. Prathabacimman.M _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
