I recently installed IOS firewall software on our internet router and
started logging the messages to a syslog server. I'm getting a few
Error Message
%FW-3-SMTP_INVALID_COMMAND: Invalid SMTP command from initiator
The weird thing is the IP address of the initiator is that of my own email
server... Anyone seen this before? I looked it up on cisco.com and it said
nothing helpful because the initiator was my own email server.... Cisco
explanation below....
Explanation The CBAC code detected an invalid SMTP command in the inspected
SMTP connection. This message indicates that a suspicious violation was
detected that may be an attack to the mail server system. The command is
rejected and the connection is reset by the firewall immediately.
Recommended Action This message is for informational purposes only, but may
indicate a security problem.
The following is an example of this type of message:
%FW-4-SMTP_INVALID_COMMAND: Invalid SMTP command from initiator
(192.168.12.3:52419)
Thanks
Cory R Stull
CCNP, CCDA, MCSE, BNCS
Communications Concepts Unl.
262-814-7214
_________________________________
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
