Home page logo

firewall-wizards logo Firewall Wizards mailing list archives

Re: RE:Exchange Server 2000 and Cisco Pix (Christoph Puetz)
From: John Adams <jna () retina net>
Date: Thu, 24 May 2001 18:39:01 -0400 (EDT)

On Thu, 24 May 2001, Smith, Gary (SCOTAM) wrote:



no fixup protocol smtp 25

to your configuration file.

The Mailguard facility in the PIX _sounds_ like a good idea but it seems to
break every SMTP MTA that I ever tried it with.

We have had no problems using fixup with qmail and sendmail. Because of
the insecurity of the exchange server, we typically place a qmail host out
on the edge, harden that host, and place an appropriate smtproute to it to
forward to exchange. 

For users sending mail through the smtp part of exchange, we force them to
use VPN or webmail. You really don't want exchange exposed to the
Internet, but that's my opinion.


Message: 4
Date: Mon, 21 May 2001 09:54:39 -0700 (PDT)
From: Christoph Puetz <puetzc () yahoo com>
Reply-To: puetz () mho net
To: firewall-wizards () nfr com
Subject: [fw-wiz] Exchange Server 2000 and Cisco Pix

Hello wizards,

I have a newly installed Exchange Server 2000 behind
my Pix and did receive an error from a mail client
when trying to connect to the Exchange server.
Microsoft refers to Cisco without really being
specific - at least I could not find the solution at
Cisco's web page. Anyone here knows what I have to do?

Here's MS solution (Article ID: Q295164) for the

To resolve this issue, disable SMTP inspection on the
firewall. If you do not know the command to disable
SMTP inspection, contact Cisco." 

Is this the fixup command I have to use and disable

Thanks for your help in advance!

Information contained herein is the sole responsibility of the Individual
sending the message. No responsibility is admitted by Scottish Amicable
for any loss or damage incurred through use of the email. In addition, no 
statement should be construed as giving investment advice within or
outside the United Kingdom.
An email reply to this address may be subject to interception or monitoring 
for operational reasons or for lawful business practices.
firewall-wizards mailing list
firewall-wizards () nfr com

J. Adams                                        http://www.retina.net/~jna
... and god divided the light from the darkness, and god called the
light day and the darkness he called night... and god created man, and
man created machine; and machine, machine created music, and the
machine saw everything it had made, and it said, "Behold."

firewall-wizards mailing list
firewall-wizards () nfr com

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]