Loading ...
Sorry, an error occurred while loading the content.

Re: Another SMTP protocol breakage by ASA

Expand Messages
  • Ralf Hildebrandt
    ... Updated. -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de A well managed
    Message 1 of 3 , Apr 27, 2009
    • 0 Attachment
      * Mark Martinec <Mark.Martinec+postfix@...>:
      > Ralf, here is another one for your list of Cisco PIX and ASA
      > problems with inspection of a SMTP protocol (actually, parsing
      > of a mail header section):
      >
      > http://www.arschkrebs.de/postfix/postfix_cisco_pix_bugs.shtml
      >
      >
      >
      > CSCsy28792
      > SMTP session disconnects due to improper parsing of a DKIM header field by ASA
      >
      > Problem description:
      > SMTP session is disconnected during DATA phase of a SMTP transaction
      > for mail messages with a DKIM signature, where the start of a string
      > "content-type" or "content-transfer-encoding" in a tag's value of
      > an "h" tag of a DKIM signature happens to fall on a packet boundary
      > at a start of a packet. The session is dropped with the next packet
      > containing a Content-Type or Content-Transfer-Encoding header field.
      >
      > Platform:
      > ASA5580-40
      > Cisco Adaptive Security Appliance Software Version 8.1(2)

      Updated.

      --
      Ralf Hildebrandt
      Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155
      http://www.computerbeschimpfung.de
      A well managed mailserver has an empty queue. Instead of spending effort on
      priority queueing, make the system drain the queue faster for all mail...
    Your message has been successfully submitted and would be delivered to recipients shortly.