Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Cisco SMTP application inspection modifies Exchange traffic: why?

Posted on 2010-01-07
7
Medium Priority
?
906 Views
Last Modified: 2012-06-27
I get an error sending mail to Hotmail-based servers from my Exchange 2007 (SBS 2008) server only when SMTP application inspection is enabled on my Cisco 881W router. Mail sent to other domains (eg. Gmail, Yahoo, etc) accept with no problem. Hotmail returns "#500 Unrecognized command ##"

If SMTP application inspection is disabled, mail is delivered immediately to Hotmail with no problems.

Can someone clarify *why* this is an issue. It is my understanding that "inspection" should imply that no modification is taking place.

Thanks for any help, I'm really confused by this..
0
Comment
Question by:Chief_Architect
  • 3
  • 3
6 Comments
 

Author Comment

by:Chief_Architect
ID: 26206227
I forgot to mention this appears to be a known issue as evidenced here: http://social.technet.microsoft.com/Forums/en/exchangesvrtransport/thread/2f166392-315f-44b4-914d-24686f15c708
0
 
LVL 16

Expert Comment

by:memo_tnt
ID: 26206293
hi

you are answering your self

you need to disable SMTP packet inspection or you'll see some serious mail delays/failures as you face now with hotmail. check Cisco's article here:


http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00800941c8.shtml

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a008067cf3b.shtml
0
 

Author Comment

by:Chief_Architect
ID: 26206363
Thank you for the quick response. I'm trying to understand why this is an issue with a pretty new router (Cisco 881W wireless router) running the latest IOS release (15.0).

What I'm looking for is an explanation of why this is a problem in the first place. ESMTP has been around for a long time. Is Cisco not sticking to protocol correctly? Is this because Microsoft's Exchange server violates protocol?

Also, the links you mention only refer to PIX firewalls, which I don't have. Do they behave the same way?
0
The Lifecycle Approach to Managing Security Policy

Managing application connectivity and security policies can be achieved more effectively when following a framework that automates repeatable processes and ensures that the right activities are performed in the right order.

 
LVL 16

Expert Comment

by:memo_tnt
ID: 26209270
yes it's the same behavior as cisco mentioned that , hence it's a firewall issue same like other devices ..


0
 
LVL 16

Expert Comment

by:memo_tnt
ID: 26559577
Hi
 
 please update status regarding this issue ..
 
 is it solved ??
0
 

Accepted Solution

by:
Chief_Architect earned 0 total points
ID: 26559855
I solved this before *posting* the question. I just wanted to know if someone else could verify that there is indeed a bug in Cisco's IOS that causes SMTP application inspection to corrupt outgoing packets which is the behavior I believe I'm seeing, or else explain to me why inspection modifies packets if it's not a bug.

Right now, the *only* way to solve the issue is to disable SMTP application inspection.

I expect to eventually hear back from the Cisco technicians I've contacted about this problem that it is a bug and may be fixed in a future IOS version.
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In the world of WAN, QoS is a pretty important topic for most, if not all, networks. Some WAN technologies have QoS mechanisms built in, but others, such as some L2 WAN's, don't have QoS control in the provider cloud.
Shadow IT is coming out of the shadows as more businesses are choosing cloud-based applications. It is now a multi-cloud world for most organizations. Simultaneously, most businesses have yet to consolidate with one cloud provider or define an offic…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

577 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question