I have a ASA (PIX 7.X) with a Mailsweeper on my DMZ port.
I have a public IP for the above, statically translated (DMZ,Outside) public IP, real IP mask etc.
My access-list permits SMTP in from the Internet to the public IP and I am seeing lots of hits.
When I look at the logging on ASDM I notice a lot of FIN packets. The session connects and then 2 x seconds later (or less) tears down. The number of bytes transferred = 0 each time. So far I have not received any e-mail but it seems their are lots of attempts.
I hadn't enabled DNS requests from this server via my DMZ inbound access-list which I have rectified but still nothing. My immediate thought was reverse DNS - i.e. the Mailsweeper was trying to validate the request coming in to it but I am not sure if I am clutching at straws.
The domain name is managed by a 3rd party company, not the ISP where the server is located. I am thinking that I need to inform the ISP to add a reverse lookup to their DNS to make this all work.
I cannot think what else this could be and will Google for more answers. For now would anyone have a idea.
I have ESMTP fixup on, which I turned off, then back on again. Stuck at the moment scratching my head.
Any help would be appreciated.
Regards
Darren