Cisco PIX 8.x 解決寄信收件人過多時會被防火牆檔掉之問題
The default SMTP Inspection policy blocks messages that match one of the following conditions:Method line length greater than 512 bytes
More than 100 recipient email addresses set
Body line length greater than 998 bytes
Header line length greater than 998 bytes
Sender email address length greater than 320 bytes
Mime filename length greater than 255 bytes
如果寄信有超過以上限制就會被Firewall自動擋下來。
Block Example:
如果收件人數超過100人,則會被Firewall擋掉,並出現以下訊息:
ESMTP Classification: Dropped connection for ESMTP Request from inside:140.xxx.xxx.x/53034 to outside:140.xxx.xxx.xxx/25; matched Class 2: cmd RCPT count gt 100
解決方法:
將inspect esmtp直接關閉pix(config)#policy-map global_policy
pix(config-pmap)#class inspection_default
pix(config-pmap-c)#no inspect esmtp
pix(config-pmap-c)#exit
pix(config-pmap)#exitReference: http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00806745b8.shtml
頁:
[1]