It could be the sending mail server is trying to do the Ident service.
Check the PIX log for TCP port number 113 being denied. I've found slow
mail service happens as the remote SMTP server tries to do a Ident TCP
session (note: there's no TCP three way handshake) and then succeeds when
the mailserver does not respond in a certain amount of time.
See the following Cisco link: http://www.cisco.com/warp/customer/110/2.html
Timothy Mark Jones
Network Engineer
[EMAIL PROTECTED]
Cisco CCNA, CCNP, CCDA, CCDP
Ficomp, Inc.
Web: www.ficomp.com
""Joseph"" <[EMAIL PROTECTED]> wrote in message
8oj33e$2nb$[EMAIL PROTECTED]">news:8oj33e$2nb$[EMAIL PROTECTED]...
> Dear Sir:
>
> One of our customer use the PIX Firewall515 version 5.12 with
6-interfaces.
> He use three interfaes: Internal, External and DMZ, and everything seem
> well.
>
> Only one problem: The SMTP mail server in DMZ and PIX handle SMTP (TCP/25)
> performance very bad........every smtp session delay more then 10sec in
PIX.
>
> Thank you very much for your attention and kindness help. Look forward to
> hearing from you soon.
>
> Joseph Chuang
>
>
>
>
>
> ___________________________________
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>
___________________________________
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
