We have recently replaced our premise router with an ASR. We established a Zone Based Firewall since reflexive ACLs are no longer supported. The problem we are having now is that SMTP traffic is SLOW. External mail coming in with no attachments seems o.k. but when adding an attachment it can take hours. In fact the last test took 13 hours to make it through. At first we thought it was the Ironport but when talking with Cisco they said that it looks fine and normally the symptoms present themselves when there is packet inspection before the mail hits the Ironport. Is there a way for SMTP to bypass the inspection policy but still be allowed through?