Andy- Check the basics on the PIX. It has been our experience that one of a couple of these conditions (or a combination of) on the PIX can generate such a message:
1. A missing or misconfigured rule that should be allowing SMTP traffic to the dmz mail server from the outside interface to the dmz interface, i.e.: access-list dmz_inbound permit tcp any host 216.120.112.35 eq smtp 2. A missing or misconfigured static NAT translation from the outside interface address to the inside interface address, i.e.: static (dmz,outside) 216.120.112.35 <dmzserverIP> netmask 255.255.255.255 0 0 Also, it is documented that SMTP fixup on the PIX and iMail don't get along together very well: http://support.ipswitch.com/kb/IM-20000707-DM02.htm Hope this helps! Pat Thompson, MCSE IT Director Accelerated Imaging, Inc. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Andy Tripp Sent: Thursday, March 18, 2004 4:50 PM To: [EMAIL PROTECTED] Subject: [IMail Forum] Cisco Pix - Imail 'Mail From' Looking through the pix logs I came across this 106023: Deny tcp src outside:67.115.18.116/1705 dst dmz:216.120.112.35/25 by acc ess-group "acl_out" The 67... Is our corporate lan, while the 216. is another mail server we operate. On the 67 I have allowed relaying from the 216 ip address. The only spam checks we have is to verify 'mail from'. Is this what I am seeing on the pix? TIA- Andy To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
