>We're installing a Cisco Pix firewall with "MailGuard" feature that is >suppose to clean-up and filter SMTP commands.
turn it off. > I am trying to verify that >limiting SMTP to these commands will not affect our Imail Server. pix and other SMTP "firewallls" can't do SMTP AUTH, or even ESMTP level, and generally don't pass SMTP AUTH to the mailbox server. Your roamers can't. >Here is the description of the feature: > >"These seven minimum-required commands are: HELO, MAIL, RCPT, DATA, RSET, >NOOP, and QUIT. ha, see? no SMTP AUTH. > Other commands, such as KILL, WIZ, and so forth, are >intercepted by the PIX and they are never sent to the mail server on the >inside of your network. nor is SMTP AUTH > The PIX responds with an "OK" to even denied >commands, so attackers would not know that their attempts are being >thwarted." clever buggers, aren't they? If you want serious, rather than "marketing buzzword", SMTP defense, use an SMTP proxy like IMGate. Len www.menandmice.com/DNS-training : DNS Training BIND8NT.MEIway.com : ISC BIND for NT4 & W2K IMGate.MEIway.com : Build free, hi-perf, anti-abuse mail gateways Please visit http://www.ipswitch.com/support/mailing-lists.html to be removed from this list. An Archive of this list is available at: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Please visit the Knowledge Base for answers to frequently asked questions: http://www.ipswitch.com/support/IMail/
