Re: Another SMTP protocol breakage by ASA
- * Mark Martinec <Mark.Martinec+postfix@...>:
> Ralf, here is another one for your list of Cisco PIX and ASAUpdated.
> problems with inspection of a SMTP protocol (actually, parsing
> of a mail header section):
> SMTP session disconnects due to improper parsing of a DKIM header field by ASA
> Problem description:
> SMTP session is disconnected during DATA phase of a SMTP transaction
> for mail messages with a DKIM signature, where the start of a string
> "content-type" or "content-transfer-encoding" in a tag's value of
> an "h" tag of a DKIM signature happens to fall on a packet boundary
> at a start of a packet. The session is dropped with the next packet
> containing a Content-Type or Content-Transfer-Encoding header field.
> Cisco Adaptive Security Appliance Software Version 8.1(2)
Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155
A well managed mailserver has an empty queue. Instead of spending effort on
priority queueing, make the system drain the queue faster for all mail...