Why can't I use ESMTP commands through my PIX firewall?

  1. Home
  2. Knowledge Base
  3. GMS
  4. Why can't I use ESMTP commands through my PIX firewall?

Question

I have a Cisco PIX firewall in place. I am trying to force SMTP authentication so that remote users can relay through my server without having to open my server up to true relay. The problem is, no one outside my firewall can use SMTPAuth. Why is this?

Answer

This likely because your firewall is using the SMTP
Fixup protocol. This is stopping the EHLO command sent by the clients
being passed on to the server. As the EHLO command is rejected the clients
then correctly go on to use HELO and thus can not authenticate.

Disable fixup on your router and the clients will then be able to send the
EHLO Command correctly.

If your firewall is a Cisco PIX then you should be able to use the command:

no fixup protocol smtp 25

See Also:

Keywords:PIX Cisco firewall EHLO HELO esmtp enhanced extended

Was this article helpful?

Related Articles