At 07:20 AM 3/29/2004, Rob Nelson wrote:
when smtp fixup is on (default on many older pixes, i gather that there may be some improvements on newer pixes), the smtp banner is mostly obscured by * characters. the intent is a classic security by obscurity play, to hide the type and verison of the MTA behind the pix.
Okay, so this is a problem when an SMTP server is hosted behind the PIX? I thought the fixup statements were for outbound connections, and with it on right now I get the full banner from SMTP servers. I don't host an SMTP server myself, so can't check that.
SMTP fixup is for hosts behind the firewall. That is after all what it's trying to protect (in theory) by mangling the SMTP protocol. :) Vinny Abello Network Engineer Server Management vinny@tellurian.com (973)300-9211 x 125 (973)940-6125 (Direct) PGP Key Fingerprint: 3BC5 9A48 FC78 03D3 82E0 E935 5325 FBCB 0100 977A Tellurian Networks - The Ultimate Internet Connection http://www.tellurian.com (888)TELLURIAN There are 10 kinds of people in the world. Those who understand binary and those that don't.