I use the IIS mail relay agent which comes with the IIS 4.0 Option Pack. it's not bad as far as mail relay's go. no bells and whistles, but it gets the job done. it sits quite neatly on the WWW server in our DMZ, and most people install it without ever knowing they've done it (try telneting to port 25 on most IIS 4.0 boxes and you will get the daemon answering!). as a matter of fact, it used to be one of those Microsoft bloat-ware components that annoyed the crap out of me because I couldn't figure our how to *not* install it. it can handle mail on behalf of multiple domains, and has anti-relay features - it can even do masquerading. Craig/ -----Original Message----- From: Ryan Finnesey [mailto:[EMAIL PROTECTED]] Sent: Wednesday, June 21, 2000 11:10 AM To: '[EMAIL PROTECTED]' Cc: '[EMAIL PROTECTED]' Subject: RE: [FW1] 4.1 smtp security server not fully rfc821 compliant, <# @[]> 'invalid address syntax' Is this the same thing has Mail Prory in Firewall 4.1. Because I am running 4.0 soon to be 4.1 on a Sun box. I need something to take the mail from the Internet and pass it to the Exchange Server that is on the LAN. What is the best thing to use ? Ryan V. Finnesey Network Administrator @tmosphere Interactive 1375 Broadway, 11th floor New York, NY 10018 212 827 2507 phone 212 827 2525 fax [EMAIL PROTECTED] -----Original Message----- From: Olaf Selke [mailto:[EMAIL PROTECTED]] Sent: Tuesday, June 20, 2000 2:23 PM To: [EMAIL PROTECTED] Subject: [FW1] 4.1 smtp security server not fully rfc821 compliant, <#@[]> 'invalid address syntax' platform: 4.1 SP1+Hotfix 41603 [VPN + DES + STRONG], Solaris 7 hi list, it looks like the fw-1 smtp security server isn't fully RFC821 compliant. Mails with a sender address <#@[]> are accepted by the smtp security server with a reply code '250 Ok'. This means according RFC821 everything is fine: "250 Requested mail action okay, completed". Nevertheless they are not delivered to the final destination by the fw-1 mail dequeuer. The trouble is caused by the fw-1 mail dequeuer which logs "failed: 553 Invalid address syntax" and drops the mail silently! This means bounces (<#@[]> usually are bounces) do vanish on the firewall system without notice. My customer doesn't really like the idea that mails are vanishing on his firewall system. <#@[]> is supposed to be a valid address. Attached you'll find some verbatim stuff documenting in more detail what I'm talking about. Olaf -- Olaf Selke, [EMAIL PROTECTED], voice +49 5241 80-7069 ======= the sender <#@[]> is accepted and confirmed with code 250 ====== root@mx [/] >>telnet internal 25 Trying ... Connected to internal.mediaways.net. Escape character is '^]'. 220 CheckPoint FireWall-1 secure SMTP server mail from: <#@[]> 250 <#@[]>... Sender ok rcpt to: <[EMAIL PROTECTED]> 250 <[EMAIL PROTECTED] Recipient ok data 354 Enter mail, end with "." on a line by itself test with <#@[]> . 250 Ok quit 221 Closing connection Connection closed by foreign host. === the mail is placed into the spool dir, good ========== 19:38:03 accept firewall >daemon proto tcp src mx.mediaways.net dst internal.mediaways.net service smtp s_port 61123 agent mail server orig_from <#@[]> orig_to <[EMAIL PROTECTED]> rule 19 === the mail can't be dequeued and is dropped silently, that's very very bad! 19:38:34 reject firewall >daemon proto tcp src mx.mediaways.net dst internal.mediaways.net service smtp s_port 61123 agent mail dequeuer orig_from <#@[]> orig_to <[EMAIL PROTECTED]> from <#@[]> to <[EMAIL PROTECTED]> rule 19 reason <mail from: <#@[]>> failed: 553 Invalid address syntax ============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== ============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
