### auth/30_exim4-config_examples
plain:
driver = plaintext
public_name = PLAIN
client_send = "${if !eq{$tls_cipher}{}{\
^${extract{1}{::}\
{${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}}\
^${extract{2}{::}\
{${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}}\
}fail}"
login:
driver = plaintext
public_name = LOGIN
client_send = "${if !eq{$tls_cipher}{}{}fail}\
: ${extract{1}{::}\
{${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}} \
: ${extract{2}{::}\
{${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}}"
### transport/30_exim4-config_remote_smtp
remote_smtp:
debug_print = "T: remote_smtp for [EMAIL PROTECTED]"
driver = smtp
hosts_try_auth = DCsmarthost
### CONFDIR/passwd.client
smtp.1und1.com:m12345678-9:beispielpasswort
http://www.mail-archive.com/debian-user-german@lists.debian.org/msg67453.html
Those days we faced the problem that we recived a mail with approx 150 recipients.
Somewhere in the communication it seams that a mail address is broken by the asa.
On the Outside of the ASA you see following in the trace:
Inside E-Mail Server (Blue) mail.example.com
Outside E-Mail Server (Red) mail.asdf.com
220-mail.example.com ESMTP Server [Wed, 18 Aug 2010 10:30:58 +0200]
220-Ready to recycle your bits, but we don't want
220 your unsolicited or bulk e-mail (ie: spam)
EHLO mail.asdf.com
250-mail.example.com Hello mail.asdf.com [192.168.0.1]
250-SIZE 4194304
250-PIPELINING
250-AUTH PLAIN LOGIN CRAM-MD5 NTLM
250-STARTTLS
250 HELP
MAIL FROM:<asdf@asdf.com> SIZE=42157
RCPT TO:<user1@example.com>
<output omited>
RCPT TO:<user20@example.com>
RCPT TO:<user21@
250 OK
example.com>
RCPT TO:<user22@example.com>
RCPT TO:<user23@example.com>
RCPT TO:<user24@example.com>
<output omited>
250 Accepted
<output omited>
250 Accepted
501 <user21@XXXXXXXXXXXXXX: '>' missing at end of address
250 Accepted
250 Accepted
250 Accepted
On the Inside of the ASA you see following in the trace:
Inside E-Mail Server (Blue) mail.example.com
Outside E-Mail Server (Red) mail.asdf.com
220-mail.example.com ESMTP Server [Wed, 18 Aug 2010 10:30:58 +0200]
220-Ready to recycle your bits, but we don't want
220 your unsolicited or bulk e-mail (ie: spam)
EHLO mail.asdf.com
250-mail.example.com Hello mail.asdf.com [192.168.0.1]
250-SIZE 4194304
250-PIPELINING
250-AUTH PLAIN LOGIN CRAM-MD5 NTLM
250-STARTTLS
250 HELP
MAIL FROM:<asdf@asdf.com> SIZE=42157
RCPT TO:<user1@example.com>
<output omited>
RCPT TO:<user20@example.com>
RCPT TO:<user21@ 250 OK
XXXXXXXXXXXXXX
RCPT TO:<user22@example.com>
RCPT TO:<user23@example.com>
RCPT TO:<user24@example.com>
<output omited>
250 Accepted
<output omited>
250 Accepted
501 <user21@XXXXXXXXXXXXXX: '>' missing at end of address
250 Accepted
250 Accepted
250 Accepted
This is a little bit strange so i will ask the Guys from Cisco if this is a known feature or a bug.
For the Momemt we have disabled the esmtp fixup, on monday we will do future analysis.
If you feel this helps a bit or may be not ? Please leave a comment.
We recently bought so new Firewalls to replace to aged Cisco PIX515e with some new Gear. We decided to use Ciscos new Firewall flagship the Cisco ASA Devices. Everything was fine after the replacement, we transfered the configuration from the old boxes to the new with the help of the Cisco Security Manager.
Later that day there was complains about e-mails are not delivered properly.
On the Cisco PIX with Software 6.2 we had implemented following:
no fixup smtp
For the ASA5510 we had to implement following
policy-map type inspect esmtp esmtp_pmap
parameters
allow-tls action log
policy-map global_policy
class inspection_default
no inspect esmtp
inspect esmtp esmtp_pmap
exit
exit
If you feel this helps a bit or may be not ? Please leave a comment.
The worst day diving is better than the best day working:-)