Hello Brian, How could you tell this was a CISCO "Fixup" problem? I am just curious.
2009/7/21 Brian Evans - Postfix List <grkni...@scent-team.com>: > postmaster at thessaloniki dot gr wrote: >> Hi there >> >> I have a weird problem with postfix 2.3 regarding TLS configuration. >> Although the certificates are correctly installed and verified, the >> STARTTLS command is offered >> only on hosts on the same network with the mail server. >> Hosts that access the mail server outside the internal network and >> issue the EHLO commad they do not get the STARTTLS >> on the server's reply. >> >> Mail server is behind proxy with a public IP that the server doesn't >> know, and a private IP (server is aware of). >> Port 25 is publicly accessible. > Another Cisco "Fixup" casualty. > > grkni...@mx1 ~ $ telnet smtp.thessaloniki.gr 25 > Trying 84.205.252.93... > Connected to smtp.thessaloniki.gr. > Escape character is '^]'. > 220 ********************************** > EHLO scent-team.com > 250-smtp.thessaloniki.gr > 250-PIPELINING > 250-SIZE 10240000 > 250-ETRN > 250-XXXXXXXA > 250-ENHANCEDSTATUSCODES > 250-8BITMIME > 250 DSN > > Disable smtp fixup in your router. It breaks more things than solves. > -- Regards, Damian Myerscough
