Damian Myerscough wrote: > Hello Brian, > > How could you tell this was a CISCO "Fixup" problem? I am just > curious. >
Cisco smtp fixup replaces banners and ESMTP options with * or X characters. This can disable some useful features that administrators actually do want. This is always the first thing to check when outside ESMTP features don't seem to work right. > 2009/7/21 Brian Evans - Postfix List <grkni...@scent-team.com>: > >> postmaster at thessaloniki dot gr wrote: >> >>> Hi there >>> >>> I have a weird problem with postfix 2.3 regarding TLS configuration. >>> Although the certificates are correctly installed and verified, the >>> STARTTLS command is offered >>> only on hosts on the same network with the mail server. >>> Hosts that access the mail server outside the internal network and >>> issue the EHLO commad they do not get the STARTTLS >>> on the server's reply. >>> >>> Mail server is behind proxy with a public IP that the server doesn't >>> know, and a private IP (server is aware of). >>> Port 25 is publicly accessible. >>> >> Another Cisco "Fixup" casualty. >> >> grkni...@mx1 ~ $ telnet smtp.thessaloniki.gr 25 >> 220 ********************************** >> Banner replaced by * >> EHLO scent-team.com >> 250-smtp.thessaloniki.gr >> 250-PIPELINING >> 250-SIZE 10240000 >> 250-ETRN >> 250-XXXXXXXA >> ESMTP keyword blocked
