This looks like the case. Some networks on prem going through the ASA
encounter banner with *****, will error out, while other networks on prem get
the nicely formatted Banner (not through ASA) will work (helo servername). I
am getting a list of vlans from network team that identify all the networks
that go through the ASA and validate with tests.
Was there a workaround, or the only resolution/option was to turn off ESMTP
inspection (whatever it's called) on the ASA?
-----Original Message-----
From: owner-postfix-us...@postfix.org <owner-postfix-us...@postfix.org> On
Behalf Of Viktor Dukhovni
Sent: Wednesday, June 9, 2021 6:15 PM
To: postfix-users@postfix.org
Subject: [NON-HA] Re: Need help with response to HELO, 502 5.5.2 Error
*** CAUTION: This email originated from outside the organization *** Do NOT
click links or open attachments unless you recognize the sender and know the
content is safe.
On Thu, Jun 10, 2021 at 02:59:02AM +0000, Apelin, Eulogio wrote:
> I am testing my mail server setup, when telnetting to port 25, I receive this
> interaction when I type 'helo myserver.com'
>
> 220
> *******************************************************************
This banner typicall results from a Cisco ESA firewall with SMTP inspection
enabled that is located between client and server.
The Cisco ESA adds no value in front of Postfix, just breaks SMTP.
Disable SMTP inspection on that device.
--
Viktor.
