Question
Some Cisco routers cause users to experience the receipt of multiple copies (sometimes 100’s) of a single e-mail?
It’s occurring from multiple external mailers and the
logs show the conversation timing out before NTMail receives a QUIT command. NTMail happily forwards the mail even though there has been no QUIT but the remote end sees the time out and continues to retry sending the message.
Answer
This may be caused where any mail server sits on a Cisco PIX firewall DMZ. The PIX software was upgraded to rev(5.2.3). It has a stateful inspection feature for SMTP which is enabled with the command “fixup protocol smtp 25”.
With this enabled we received intermittent winsock 10054
(connection reset by peer) errors. This resulted in multiple copies of the same message being received by recipients (sometimes hundreds of copies over a period of days). It has been verified that this problem does not occur with the older 5.0.1 Cisco code.
Keywords:Cisco, Routers, SMTP, timeout, DMZ, firewall