The Cisco PIX rears its ugly head yet again. http://www.spamresource.com/2009/12/receiving-duplicate-list-messages.html
Cheers, Al -- Al Iverson www.aliverson.com (312)725-0130 On Thu, May 5, 2016 at 8:00 PM, Steve Atkins <st...@blighty.com> wrote: > >> On May 5, 2016, at 5:08 PM, Todd Herr <toddmh...@gmail.com> wrote: >> >> Forgive me if this is off topic, but I don't know where else to turn. >> >> I've got a customer who's having trouble sending mail to two domains with >> nothing obvious (to me) in common save for one thing; both domain's primary >> MXen look to be sitting behind Cisco PIX devices with Mailguard turned on. I >> know this because of the greeting I get from both: >> >> 220 ******************************************************************* >> >> Now, everything I can find about these devices says that they only allow >> seven SMTP commands: >> >> HELO, MAIL, RCPT, DATA, RSET, NOOP, QUIT >> >> And they're supposed to respond with OK to everything else. These two >> domains, again not obviously related, mail servers in different /8s, don't >> even do that, though; both of them are responding in unsuspected ways even >> to commands from the above list, to wit: >> >> RSET >> 500 Syntax error, command unrecognized >> QUIT >> 500 Syntax error, command unrecognized >> >> I've never wrangled one of these beasts (haven't even *seen* evidence of one >> in many years) so I'd like to ask you fine folks if you've ever seen >> anything like this from one of these, and what it means for their >> configuration? I mean, is this a common bug/misconfiguration, or have I just >> hit the lottery? > > I've seen them do that when they get out of sequence. Are you doing the > transaction above by hand (and with a real HELO and so on), or is it from MTA > logs? > > Also, if you're seeing connections drop during data there were several nasty > PIX traffic inspection bugs that triggered on DKIM signed mail that would > cause that. I have CSCsy28792, CSCsi01498, and CSCsh33982 bugs in my notes on > that. > > Cheers, > Steve > _______________________________________________ > mailop mailing list > mailop@mailop.org > https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop _______________________________________________ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
