[Raw Msg Headers][Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Cisco PIX ORCPT scrambling..
> We are seeing this error again and again with each remote system having
> a CISCO PIX firewall. Does anyone know if this is an issue that has been
> raised with Cisco? Do they know about it? Do they have a bug id
> associated with this? Does anyone know the PIX commands to turn off the
> DSN from the EHLO capability reports until Cisco can fix this?
I did raise some ruckus on IETF working group about this
a month (or two) back.
I have had words from multiple sources in cisco that it has
been fixed. I am yet to see.
Perhaps it is the matter of slow deployment...
Hmm.. Cisco pages do not (easily) yield out manuals,
nor software release notes.
The original design allowed only RFC-821 specified protocol.
To my knowledge the PIX engineers made a mistake by just
plainly listing "EHLO" as accepted alias to "HELO" (or something
similar), and NOT filtering responses in the return path.
The workaround (as I mention on that page) is to disable
the MailGuard facility. How you do it, I don't know.
/Matti Aarnio <email@example.com>