Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: FWTK and smap/smapd

From: "Charles W. Swiger" <chuck () codefab com>
Date: Wed, 17 Jul 2002 14:46:58 -0400
On Wednesday, July 17, 2002, at 01:07  PM, Rick Murphy wrote:
[ ... ]
That's the real difference between smap/smapd and postfix - postfix is a complete mail delivery agent. Smap isn't, and so relies on something else (sendmail, postfix, etc.) for delivery.
MTAs like sendmail do not perform local delivery, either. That's what an LDA like procmail or /usr/lib/mail.local is for. Better yet, use a LMTP-capable LDA, so that you gain per-address error handling when sending to multiple recipients.
To focus more on topics more relevant for this list, one of the biggest problems certain firewalls and mail proxies have is that they break the SMTP protocol. For example, Cisco's PIX (with MailGuard?) attempts to proxy SMTP and breaks the state machine defined in RFC-821 or -822, as well as preventing ESMTP and violating the SMTP banner requirements. 

Doing 'no fixup protocol 25' on your Cisco fixes it.

-Chuck
Chuck Swiger | chuck () codefab com | All your packets are belong to us. -------------+-------------------+----------------------------------- 
       "The human race's favorite method for being in control of the facts
        is to ignore them."  -Celia Green

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: