[Top] [All Lists]

Re: who makes the firewall that puts asterisks in the initial greeting?

2001-08-12 10:25:43

--On 08/11/2001 11:11 AM -0400 Keith Moore <moore(_at_)cs(_dot_)utk(_dot_)edu> 

perhaps instead of asterisks, the banner should be replaced with 

220-This SMTP session is being munged by a cisco firewall that is
220-installed at x.y.z.  If something breaks, the problem is likely
220-to be in the firewall, rather than your mail client or the server.
220-If you don't like this, contact our marketing department
220-and they'll explain to you that things are really supposed to be
220-this way.  Of course they're all lying bastards, but it's easier
220 to believe them than it is to stop selling buggy products.

With my cisco hat on:

- I know of historically three issues with the PIX:
  1 The greeting message
  2 (Proper) ESMTP handling
  3 Problem with terminating '.' in the data command when the bytes
    CR,LF,.,CR,LF ends up across a packet boundary

Number 3 is fixed in a release of the software released in june. People
should definitly upgrade. Fixed releases are 5.3(2) and 6.0(1).

Number 1 and 2 are still on my list...

I'll keep you updated, and I am happy if all of you (privately) keep me
updated on your experiences. I know you are unhappy, I am unhappy myself,
but people writing the code seems to now be able to "do the right thing".

So regardless of how bad you feel, if you have time to write down what you
have found, send it to me personally.


Patrik Fältström <paf(_at_)cisco(_dot_)com>                         Cisco 
Consulting Engineer                                  Office of the CSO
Phone: (Stockholm) +46-8-6859131            (San Jose) +1-408-525-8509
        PGP: 2DFC AAF6 16F0 F276 7843  2DC1 BC79 51D9 7D25 B8DC