Disable inspect esmtp on ASA 5505

We are having some problems with our ASA 5505 firewall sporadically dropping connections to our email server behind it. I was told that I should disable the inspect esmtp to see if that resolves the issue. Most emails are getting through but some mostly GMail emails connections are being dropped. Ok, I'm not a expert with Cisco Firewalls, but know how to get in and do some stuff. So step by step what is the command to disable esmtp and can this be done while users are on the network? If this doesn't work how do I put it back?
DjrobluvAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

MikeKaneCommented:
You can use either the GUI or the command line....

If you have access to ASDM GUI then:
Configuration --> Service Policy Rules -->  General/Global Policy --> Edit ---> Rule Actions --> Uncheck ESMTP
Click OK --> Apply --> Save

Or for the command line:
Use telnet, ssh, or via a direct console connection....   All depends on how it was setup.      Once you are connected:

enable
(enter the enable password)
config t
no fixup protocol smtp 25
exit
write mem

You can safely remove the fixup while users are connected....  


0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Markus BraunCEOCommented:
If you do it by SSH or telnet, do a show run, go all the way to the bottom, you will see this:

policy-map global_policy
 class inspection_default
  inspect dns preset_dns_map
  inspect ftp
  inspect h323 h225
  inspect h323 ras
  inspect netbios
  inspect rsh
  inspect rtsp
  inspect skinny
  inspect esmtp
  inspect sqlnet
  inspect sunrpc
  inspect tftp
  inspect sip
  inspect xdmcp

in config mode type: (assuming you know how to get there)

policy-map global_policy (press enter)

then type
class inspection_default (press enter)

now type

no   inspect esmtp (press enter)

type

write (press enter)

now the esmtp inspect is disabled
0
snyderkvCommented:
Thanks
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Anti-Virus Apps

From novice to tech pro — start learning today.