Disable inspect esmtp on ASA 5505

Posted on 2009-05-26
Last Modified: 2013-11-16
We are having some problems with our ASA 5505 firewall sporadically dropping connections to our email server behind it. I was told that I should disable the inspect esmtp to see if that resolves the issue. Most emails are getting through but some mostly GMail emails connections are being dropped. Ok, I'm not a expert with Cisco Firewalls, but know how to get in and do some stuff. So step by step what is the command to disable esmtp and can this be done while users are on the network? If this doesn't work how do I put it back?
Question by:Djrobluv
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
LVL 33

Accepted Solution

MikeKane earned 250 total points
ID: 24475982
You can use either the GUI or the command line....

If you have access to ASDM GUI then:
Configuration --> Service Policy Rules -->  General/Global Policy --> Edit ---> Rule Actions --> Uncheck ESMTP
Click OK --> Apply --> Save

Or for the command line:
Use telnet, ssh, or via a direct console connection....   All depends on how it was setup.      Once you are connected:

(enter the enable password)
config t
no fixup protocol smtp 25
write mem

You can safely remove the fixup while users are connected....  


Expert Comment

ID: 24480550
If you do it by SSH or telnet, do a show run, go all the way to the bottom, you will see this:

policy-map global_policy
 class inspection_default
  inspect dns preset_dns_map
  inspect ftp
  inspect h323 h225
  inspect h323 ras
  inspect netbios
  inspect rsh
  inspect rtsp
  inspect skinny
  inspect esmtp
  inspect sqlnet
  inspect sunrpc
  inspect tftp
  inspect sip
  inspect xdmcp

in config mode type: (assuming you know how to get there)

policy-map global_policy (press enter)

then type
class inspection_default (press enter)

now type

no   inspect esmtp (press enter)


write (press enter)

now the esmtp inspect is disabled

Expert Comment

ID: 36425125

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
Powerful tools can do wonders, but only in the right hands.  Nowhere is this more obvious than with the cloud.
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

724 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question