Question
I have a Cisco PIX firewall in place. I am trying to force SMTP authentication so that remote users can relay through my server without having to open my server up to true relay. The problem is, no one outside my firewall can use SMTPAuth. Why is this?
Answer
This likely because your firewall is using the SMTP
Fixup protocol. This is stopping the EHLO command sent by the clients
being passed on to the server. As the EHLO command is rejected the clients
then correctly go on to use HELO and thus can not authenticate.
Disable fixup on your router and the clients will then be able to send the
EHLO Command correctly.
If your firewall is a Cisco PIX then you should be able to use the command:
no fixup protocol smtp 25
See Also:
- Cisco Routers causing SMTP time outs
- Why do other servers quit immediately when connecting to GMS?
- GMS and Cisco PIX firewalls
Keywords:PIX Cisco firewall EHLO HELO esmtp enhanced extended