Firewall Wizards mailing list archives
Re: POP3 and SMTP slow on Linux since we installed a PIX
From: Mike Barkett <mbarkett () digex net>
Date: Mon, 16 Aug 1999 11:01:43 -0400 (EDT)
Eric Vyncke wrote :
Dave, Most of the time, the problem is linked because recent sendmails are, by default, triggering an IDENT connection to the source of the SMTP session. PIX is blocking IDENT by default without sending an ICMP message back to the source (which is a secure behaviour in my biased experience) You may want to either authorize IDENT through the PIX (bad!) or have the PIX sends the ICMP message (via a sysopt configuration command). Hope this helps
Utilize the 'service resetinbound' command and verify DNS is allowed through, and you should be fine. The following excerpt is from: http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_v42/pix42cfg/pix42cmd.htm "The service resetinbound command provides a safer way to handle an IDENT connection through the PIX Firewall. Ranked in order of security from most secure to less secure are these methods for handling IDENT connections: 1. Use the service resetinbound command. 2. Use the established command with the permitto tcp 113 options. 3. Create a static and conduit to open TCP port 113." -MAB -- ,......................................... : Michael A. Barkett : Security Analyst/Team Lead, SMC (xXXXX) : mbarkett () digex net : 301.847.7180 ,.................... : FW./\/. : i n t e r m e d i a '....................' BUSINESS INTERNET
Current thread:
- POP3 and SMTP slow on Linux since we installed a PIX Salatino, Dave (Aug 13)
- Re: POP3 and SMTP slow on Linux since we installed a PIX Marcus J. Ranum (Aug 14)
- Re: POP3 and SMTP slow on Linux since we installed a PIX Siglite (Aug 14)
- Re: POP3 and SMTP slow on Linux since we installed a PIX Matt Dunn (Aug 14)
- Re: POP3 and SMTP slow on Linux since we installed a PIX Eric Vyncke (Aug 14)
- Re: POP3 and SMTP slow on Linux since we installed a PIX Mike Barkett (Aug 17)
- RE: POP3 and SMTP slow on Linux since we installed a PIX gordon . douglass (Aug 15)
- <Possible follow-ups>
- Re: POP3 and SMTP slow on Linux since we installed a PIX Robert Graham (Aug 14)
- RE: POP3 and SMTP slow on Linux since we installed a PIX Frank W. Keeney (Aug 17)
- RE: POP3 and SMTP slow on Linux since we installed a PIX sean . kelly (Aug 17)