Re: CISCO breaks DKIM on their ASA/PIX (again)

On 2011-12-08 09:53, Ralf Hildebrandt wrote: Over the last few days I discussed SMTP delivery problems with a czech site which was using Postfix and a CISCO ASA with smtp protocol fixup enabled. smtp fixup is evil and should have died out years ago. People who still use it have no clue how to

Re: CISCO breaks DKIM on their ASA/PIX (again)

* Jeroen Geilman jer...@adaptr.nl: On 2011-12-08 09:53, Ralf Hildebrandt wrote: Over the last few days I discussed SMTP delivery problems with a czech site which was using Postfix and a CISCO ASA with smtp protocol fixup enabled. smtp fixup is evil and should have died out years ago. No

Re: CISCO breaks DKIM on their ASA/PIX (again)

On 2011-12-09 19:57, Ralf Hildebrandt wrote: * Jeroen Geilmanjer...@adaptr.nl: On 2011-12-08 09:53, Ralf Hildebrandt wrote: Over the last few days I discussed SMTP delivery problems with a czech site which was using Postfix and a CISCO ASA with smtp protocol fixup enabled. smtp fixup is evil

RE: CISCO breaks DKIM on their ASA/PIX (again)

...@postfix.org] En nombre de Jeroen Geilman Enviado el: viernes, 09 de diciembre de 2011 01:02 p.m. Para: postfix-users@postfix.org Asunto: Re: CISCO breaks DKIM on their ASA/PIX (again) On 2011-12-09 19:57, Ralf Hildebrandt wrote: * Jeroen Geilmanjer...@adaptr.nl: On 2011-12-08 09:53, Ralf Hildebrandt wrote

Re: CISCO breaks DKIM on their ASA/PIX (again)

Alfonso Alejandro Reyes Jimenez: As far as I know it just limit the commands that you can send to the mail server, you just have to be sure if you are using ESMTP or SMTP. Here's the link explaining how it works. Well, that is how it is supposed to work. In reality, the code has a history of

Re: CISCO breaks DKIM on their ASA/PIX (again)

* Jeroen Geilman jer...@adaptr.nl: I am in no way implying that you did anything wrong! I wholeheartedly agree with your last posting :) It's just that I cringe every time I see this enabled and when I ask after it the answer is usually a variant on oh it's a security option offered by a

CISCO breaks DKIM on their ASA/PIX (again)

Over the last few days I discussed SMTP delivery problems with a czech site which was using Postfix and a CISCO ASA with smtp protocol fixup enabled. I was able to work around the delivery problems by stripping the DKIM headers on outgoing mails (as so often). Some interesting info got out:

Re: CISCO breaks DKIM on their ASA/PIX (again)

Hi, Ralf, On 12/8/11 9:53 AM, Ralf Hildebrandt wrote: Over the last few days I discussed SMTP delivery problems with a czech site which was using Postfix and a CISCO ASA with smtp protocol fixup enabled. I was able to work around the delivery problems by stripping the DKIM headers on outgoing

Re: CISCO breaks DKIM on their ASA/PIX (again)

* Rolf E. Sonneveld r.e.sonnev...@sonnection.nl: I was able to work around the delivery problems by stripping the DKIM headers on outgoing mails (as so often). Do you mean a Cisco ASA/PIX firewall with 'smtp protocol fixup' effectively blocks _any_ message carrying a DKIM-signature header?

Re: CISCO breaks DKIM on their ASA/PIX (again)

Am 08.12.2011 09:53, schrieb Ralf Hildebrandt: Over the last few days I discussed SMTP delivery problems with a czech site which was using Postfix and a CISCO ASA with smtp protocol fixup enabled. I was able to work around the delivery problems by stripping the DKIM headers on outgoing