Ben Nagy wrote: [..]
> > The PIX, for example, doesn't support ESMTP at all. Not even a little > bit. I wouldn't surprise me if CBAC doesn't either. That doesn't really > make it a firewall issue, though, since any mail server that _requires_ > ESMTP for inbound mail from the general Internet is broken, IMHO. CBAC will not allow ESMTP either, AFAIK. If logging is enabled, it will log ESMTP attempts. We front-end our GroupWise & Exchange with Solaris running TrendMicros's AV product. > The problem you're referring to is common, and extremely hard to pin > down the first time it's encountered. It normally occurs on outbound > mail, though, unless one is running a mailserver which uses the ident > mechanism (and has it enabled) - Exchange is not one of those. [..] Again, logging on the PIX will show the ident attempts, if there are any. We've started openeing up ident on every IP that has SMTP open, just because of the mail servers that still use ident. [..] ----------------------------------------- Michael Janke Minnesota State Colleges and Universities ----------------------------------------- _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
