Announcement

Collapse
No announcement yet.

PIX blocking only some emails

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • PIX blocking only some emails

    Hi,

    For some reason emails from some senders don't seem to be able to reach the server (SBS 2003). Checking the PIX logs, it looks like the traffic from the sender's IP address is being blocked. Most emails get through okay it's just a few domains that aren't.

    I'm no PIX expert so here's the config....any ideas?

    asdm image flash:/pdm
    no asdm history enable
    : Saved
    :
    PIX Version 7.2(1)
    !
    hostname CovertFW
    domain-name covertmedia.co.uk
    enable password VrwIzR66sj0GMx7C encrypted
    names
    name x.x.x.21 serv01 description SBS Server
    !
    interface Ethernet0
    nameif Outside
    security-level 0
    ip address dhcp setroute
    !
    interface Ethernet1
    nameif inside
    security-level 100
    ip address x.x.x.2 255.255.255.0
    !
    passwd **** encrypted
    ftp mode passive
    dns domain-lookup Outside
    dns server-group DefaultDNS
    name-server 62.6.40.178
    name-server 194.72.9.38
    domain-name ###.co.uk
    access-list inside_access_out extended permit ip any any
    access-list smtp_in extended permit tcp any interface Outside eq smtp
    access-list smtp_in extended permit tcp any interface Outside eq https
    pager lines 24
    logging enable
    logging asdm informational
    mtu Outside 1500
    mtu inside 1500
    no failover
    monitor-interface Outside
    monitor-interface inside
    asdm image flash:/pdm
    no asdm history enable
    arp timeout 14400
    global (Outside) 101 interface
    nat (inside) 101 0.0.0.0 0.0.0.0
    static (inside,Outside) tcp interface smtp serv01 smtp netmask 255.255.255.255
    static (inside,Outside) tcp interface https serv01 https netmask 255.255.255.255
    access-group smtp_in in interface Outside
    access-group inside_access_out out interface inside
    timeout xlate 3:00:00
    timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
    timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
    timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
    timeout uauth 0:05:00 absolute
    http server enable
    http serv01 255.255.255.255 inside
    no snmp-server location
    no snmp-server contact
    snmp-server enable traps snmp authentication linkup linkdown coldstart
    telnet timeout 5
    ssh timeout 5
    console timeout 0
    !
    class-map inspection_default
    match default-inspection-traffic
    !
    !
    policy-map type inspect dns preset_dns_map
    parameters
    message-length maximum 4096
    policy-map global_policy
    class inspection_default
    inspect ftp
    inspect h323 h225
    inspect h323 ras
    inspect netbios
    inspect rsh
    inspect rtsp
    inspect skinny
    inspect esmtp
    inspect sqlnet
    inspect sunrpc
    inspect tftp
    inspect sip
    inspect xdmcp
    inspect dns preset_dns_map
    !
    service-policy global_policy global
    prompt hostname context
    Cryptochecksum:ae3ccba8913940d2e946b309cdfcd597
    : end

  • #2
    Re: PIX blocking only some emails

    Hi Chief007.,

    I am sorry that there has been no response on this post for some time.

    Are you still having this issue?

    Getting SMTP (port 25) through a PIX is pretty basic. I would think that either it would work or it wouldn't. Your config looks like it should work.

    Thus, I wonder if there is something else blocking it.

    I would ask this-
    1) are there any anti-spam filters that could be in the way?
    2) has your domain been blacklisted by some anti-spam database (like sorbes)
    3) have you run the mail test automated tools from somewhere like http://www.dnsreport.com/ ? It may diagnose a SMTP issue that is causing this.

    Let us know how it is going and I will try to be much more responsive.

    Thanks!
    David
    David Davis - Petri Forums Moderator & Video Training Author
    Train Signal - The Global Leader in IT Video Training
    TrainSignalTraining.com - Free IT Training Products
    Personal Websites: HappyRouter.com & VMwareVideos.com

    Comment


    • #3
      Re: PIX blocking only some emails

      It was a bit odd but as I remember it the last thing I tried was opening up smtp to the exchange server address as well as the inside interface and it seemed to work again for the addresses that were failing. Then a week later the company using the server folded and that was that. (I'm okay in the parent company btw).

      Comment


      • #4
        Re: PIX blocking only some emails

        Hi Chief,

        I am glad to hear that you found a way to get it working AND that you didn't get laid off

        Thanks for the post & if you have more issues, as always, please post em' here.

        All the best to you,
        David Davis - Petri Forums Moderator & Video Training Author
        Train Signal - The Global Leader in IT Video Training
        TrainSignalTraining.com - Free IT Training Products
        Personal Websites: HappyRouter.com & VMwareVideos.com

        Comment

        Working...
        X