Community discussions

MikroTik App
 
nicopretorius
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 77
Joined: Mon Nov 15, 2004 9:49 am

MT e-mail client to Windows SMTP server behind PIX problem

Sat Jun 25, 2005 10:09 pm

I'm trying get my MT to do SMTP relaying via my Microsoft Win 2003 SMTP server that is behind a Cisco PIX Firewall.

I can send email from my MT with telnet i.e.
"/system telnet ip_of_smtp_server 25" without any problems.

However the MT email client refuses to sent email via this SMTP server and I just get the error message: “Error sending e-mail: error talking to server”

Altough the MT which gives me the problem connects via the Cisco PIX to the SMTP server, the FW rules are fine since I can send email via Telnet witout any problems. If I use a different MT that is on the same LAN as my Windows SMTP server I can send email via the MT client without any problems which shows my SMTP server does not have a problem.

The MT that is on the same LAN is however not configured as a hotspot whereas the one external to this network is configured as a hotspot.

If I configure the "external" MT to use a SMTP server (which runs Linux) at my ISP (therefore eliminating my SMTP server and my Cisco PIX) I don't get the above problem. The problem is not specific to 2.9. I get the same problem on 2.8.27.

The problem is therefore related to either the hotspot or the Cisco PIX or a combination of both. The Cisco PIX runs PIX OS 6.3(4)

Has anybody else experienced this type of problem?
 
nicopretorius
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 77
Joined: Mon Nov 15, 2004 9:49 am

SMTP fixup causes the problem

Sat Jun 25, 2005 10:26 pm

Ok I found something. The problem is related to the SMTP fixup setting on the PIX. If I disable the fixup for smtp on the PIX my problem is solved.

I however don't understanbd why the PIX smtp fixup stops the MT email client?
 
nicopretorius
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 77
Joined: Mon Nov 15, 2004 9:49 am

fixup protocol restricts mail servers to receiving the seven

Sat Jun 25, 2005 10:41 pm

Below is an extract from the Cisco PIX documenation, which provides more detail about the TSMTP fixup command:

The fixup protocol smtp command enables the Mail Guard feature. This restricts mail servers to receiving the seven minimal commands defined in RFC 821, section 4.5.1 (HELO, MAIL, RCPT, DATA, RSET, NOOP, and QUIT). All other commands are rejected.

Does anybody know which "other commands" the MT email client use that the PIX will reject in addition to the commands listed above?
 
changeip
Forum Guru
Forum Guru
Posts: 3833
Joined: Fri May 28, 2004 5:22 pm

Sun Jun 26, 2005 4:52 am

EHLO ?

Run a packet sniff and see the conversation. If Cisco is blocking EHLO you will have many more problems down the road as well ...

Sam
 
savage
Forum Guru
Forum Guru
Posts: 1264
Joined: Mon Oct 18, 2004 12:07 am
Location: Cape Town, South Africa
Contact:

Re: SMTP fixup causes the problem

Mon Jun 27, 2005 11:08 pm

Ok I found something. The problem is related to the SMTP fixup setting on the PIX. If I disable the fixup for smtp on the PIX my problem is solved.

I however don't understanbd why the PIX smtp fixup stops the MT email client?
That's a known and common problem on the PIX. It affects allot more email clients than just MT :) It's almost always one of the first things we disable on our PIXes.

Who is online

Users browsing this forum: d4n12, Google [Bot], Josephny, mtkpac and 51 guests