This used to happen with certain series of Cisco firewall products, but has been seen a lot latter at some other firewall product as well... Possibly firewall makers do make the same mistakes over and over again...
ZMailer just happens to be a MTA that extensively uses ORCPT data in SMTP transactions.
People are seeing problems with error reports of following style
This is a collection of reports about email delivery
process concerning a message you originated:
<smtp domain.com user@domain.com 60001>: ...\
<<- RCPT To:<user@domain.com> ORCPT=rfc822;user@domain.com
->> 501 <user@domain.com>... Syntax error in ORCPT parameter value (this is abnormal, investigate!)
This has been seen to occur with smtp recipient systems running
MS Exchange 5.5, and sendmail 8.8.8. It would
also occur with ZMailer at the receiving end.
The error occurs with all SMTP servers that declare DSN-capability in their responses to the EHLO-command, while the cisco PIX firewall is running MailGuard function.
If the error is present in your current firewall configuration, you can test it easily by contacting your designated mailhost from OUTSIDE, and using TELNET to do following protocol transaction:
$ telnet your.mail.host 25
220 your.mail.host ...
EHLO fubar
250-your.mail.host ...
250 DSN
MAIL FROM:<nobody@nic.funet.fi>
250 ok
RCPT TO:<you@your.domain> ORCPT=rfc822;you@your.domain
... here appears either error report, or an ok
250 ok
If you get an error report, your fine Cisco PIX is one of those that have faulty software version.
We have no definite knowledge of when cisco will fix the bug, but apparently it has not happened in software versions that have been released before March 1998.
However, there is a work-around:
Disable MailGuard function and let your SMTP mailer receive
email directly from the world.
Matti Aarnio <matti.aarnio@zmailer.org>, 9-Apr-1998, 16-Apr-1998, 18-Jan-2006