I set up my ASA-5520 (PIX) with the obvious rule to allow incoming SMTP traffic. Additionally, I have a rule the permits any traffic from the mail server to the Internet.
My problem is that the firewall is behaving like a wise guy, distorting SMTP dialogs, by replacing some lines with a bunch of Xs, followed by a sequential alphabetic letter.
Let's examine the dialogs telneting from server A to B, and then from server B to A.
The following lines:
EHLO abc.com
250-postino.example.com Hello
formatting link
[12.34.56.78], pleased to meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-EXPN
250-VERB
250-8BITMIME
250-SIZE
250-DSN
250-ETRN
250-DELIVERBY
250 HELP
are transliterated into:
250-ENHANCEDSTATUSCODES 250-PIPELINING 250-XXXA 250-XXXB 250-8BITMIME 250-SIZE 250-DSN 250-ETRN 250-XXXXXXXXC 250 XXXDWhile in the opposite direction the regular dialog:
250-ENHANCEDSTATUSCODES 250-PIPELINING 250-8BITMIME 250-SIZE 250-DSN 250-ETRN 250-AUTH GSSAPI DIGEST-MD5 CRAM-MD5 250-DELIVERBY 250 HELPBecomes mutated into:
250-ENHANCEDSTATUSCODES 250-PIPELINING 250-8BITMIME 250-SIZE 250-DSN 250-ETRN 250-AUTH GSSAPI DIGEST-MD5 CRAM-MD5 250-XXXXXXXXA 250 XXXBWhat is going on here?
Suggestions?
-Ramon