Ask the Expert

Cisco PIX firewall causing Exchange connectivity problems

I'm running Exchange 5.5, and a certain host (EXTRANET2) needs to send mail out via SMTP. My IMC/SMTP servers are HOCON01 and ZABRYH02. Both are configured to allow SMTP connections from EXTRANET2.

When testing for connectivity, I start a telnet session from EXTRANET2 to HOCON01 on port 25, and instead of receiving the usual greeting as expected:

220 zabryh02.medscheme.com ESMTP Server (Microsoft Exchange Internet Mail Service 5.5.2657.72)

I get an apparently malformed greeting message:

220 *****0**********************************************************************
*****2*************

It seems like the connection is made, since it was not rejected, but no SMTP functionality is available. It does the same thing whether I'm connecting to HOCON01 or ZABRYH01. Other hosts can connect to HOCON01 and ZABRYH02 successfully.

EXTRANET2 is running Windows 2003 Enterprise Edition SP1 and HOCON01 and ZABRYH02 Windows 2000 Standard Edition SP4.

Do you have any ideas?

    Requires Free Membership to View

Yes, I have seen this many times over the years. This looks to me to be a classic Cisco PIX firewall SMTP banner, because the Mailguard feature is enabled on the firewall.

Have a look at Microsoft Knowledge Base article 320027, Cannot send or receive e-mail messages behind a Cisco PIX firewall, which describes the behavior you're seeing. Follow the instructions to turn off Mailguard and your problem will go away.


Do you have comments on this Ask the Expert Q&A? Let us know.
Related information from SearchExchange.com:

  • Expert Advice: Error: 'You do not have permission to send to this recipient'
  • Tip: Firewall policies and SMTP line lengths
  • Resource Center: Firewall tips and resources

  • This was first published in January 2006

    There are Comments. Add yours.

     
    TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

    REGISTER or login:

    Forgot Password?
    By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
    Sort by: OldestNewest

    Forgot Password?

    No problem! Submit your e-mail address below. We'll send you an email containing your password.

    Your password has been sent to: