On 2011-12-09 19:57, Ralf Hildebrandt wrote:
* Jeroen Geilman<jer...@adaptr.nl>:
On 2011-12-08 09:53, Ralf Hildebrandt wrote:
Over the last few days I discussed SMTP delivery problems with a czech
site which was using Postfix and a CISCO ASA with "smtp protocol
fixup" enabled.
smtp fixup is evil and should have died out years ago.
No shit, sherlock :)
I am in no way implying that you did anything wrong!
It's just that I cringe every time I see this enabled and when I ask
after it the answer is usually a variant on "oh it's a security option
offered by a Cisco firewall, of course we enable it! Why not?"
Cisco themselves are mostly to blame for this by not disabling it by
default - unless they do so by now, I haven't kept up...
--
J.
