Cisco fixup for SMTP (Mail Guard)
I am currently working on a high volume mail project. The question came up whether or not the run Cisco's SMTP fixup protocol. I am looking for any experiences good or bad. Please respond off list Thanks Shaun Bryant ------------------------------------- Shaun Bryant E-Mail: sbryant@thepit.org **** The biggest problems happen when one of the little things that we take for granted stops working for a second **** They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety.-Benjamin Franklin, Historical Review of Pennsylvania. -------------------------------------
At 10:42 AM -0700 2002/08/03, Shaun Bryant wrote:
I am currently working on a high volume mail project. The question came up whether or not the run Cisco's SMTP fixup protocol. I am looking for any experiences good or bad. Please respond off list
I'll respond to the list, because I feel very strongly about this subject. IMO, cisco does nothing but seriously screw up the SMTP protocol. Under no circumstances whatsoever should you use anything from them that comes anywhere close to touching the SMTP protocol. Now, if you want to talk privately about what it takes to set up a "high volume mail project", I'll be glad to do so. However, I will also first recommend that you read the slides related to this subject that I have at <http://www.shub-internet.org/brad/papers/sendmail-tuning/> and <http://www.shub-internet.org/brad/papers/dihses/>. These are from invited talks that I did at SANE'98 AND LISA 2000. You may also be interested in the paper from Nick Christenson at <http://www.jetcafe.org/~npc/doc/performance_tuning.pdf>, and if you can afford to wait until the 20th of September, you could buy his book _Sendmail Performance Tuning_, ISBN 0321115708. Disclaimer: Nick was my co-author for my invited talk at LISA 2000, and I was a technical reviewer for his book. -- Brad Knowles, <brad.knowles@skynet.be> "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." -Benjamin Franklin, Historical Review of Pennsylvania. GCS/IT d+(-) s:+(++)>: a C++(+++)$ UMBSHI++++$ P+>++ L+ !E W+++(--) N+ !w--- O- M++ V PS++(+++) PE- Y+(++) PGP>+++ t+(+++) 5++(+++) X++(+++) R+(+++) tv+(+++) b+(++++) DI+(++++) D+(++) G+(++++) e++>++++ h--- r---(+++)* z(+++)
Thus spake "Shaun Bryant" <sbryant@ThePit.org>
I am currently working on a high volume mail project. The question came up whether or not the run Cisco's SMTP fixup protocol. I am looking for any experiences good or bad.
Last time I looked, the "mail guard" feature replaces EHLO messages with NOOP (among other things). Some ESMTP-capable mailers figure out what's going on and retry with HELO, but others get confused and end up bouncing all mail going through that path. I don't know who decided EHLO is not a "safe" command, but (a) it's been standard for many, many years, and (b) replacing it with NOOP does not have a "safe" effect. Do not use this feature if you value mail reliability.
Please respond off list
Actually, this is far more on-topic than most NANOG drivel, so I'll respond here :) S
participants (3)
-
Brad Knowles
-
Shaun Bryant
-
Stephen Sprunk