Cisco fixup for SMTP (Mail Guard)

Mailman List Mirror (Read Only)
1

I am currently working on a high volume mail project. The question came up
whether or not the run Cisco's SMTP fixup protocol. I am looking for any
experiences good or bad. Please respond off list

Thanks
Shaun Bryant



2

I'll respond to the list, because I feel very strongly about this subject.

  IMO, cisco does nothing but seriously screw up the SMTP protocol. Under no circumstances whatsoever should you use anything from them that comes anywhere close to touching the SMTP protocol.

  Now, if you want to talk privately about what it takes to set up a "high volume mail project", I'll be glad to do so.

  However, I will also first recommend that you read the slides related to this subject that I have at <http://www.shub-internet.org/brad/papers/sendmail-tuning/> and <http://www.shub-internet.org/brad/papers/dihses/>. These are from invited talks that I did at SANE'98 AND LISA 2000.

  You may also be interested in the paper from Nick Christenson at <http://www.jetcafe.org/~npc/doc/performance_tuning.pdf>, and if you can afford to wait until the 20th of September, you could buy his book _Sendmail Performance Tuning_, ISBN 0321115708.

  Disclaimer: Nick was my co-author for my invited talk at LISA 2000, and I was a technical reviewer for his book.

3

Thus spake "Shaun Bryant" <sbryant@ThePit.org>

I am currently working on a high volume mail project. The question came up
whether or not the run Cisco's SMTP fixup protocol. I am looking for any
experiences good or bad.

Last time I looked, the "mail guard" feature replaces EHLO messages with NOOP
(among other things). Some ESMTP-capable mailers figure out what's going on
and retry with HELO, but others get confused and end up bouncing all mail going
through that path.

I don't know who decided EHLO is not a "safe" command, but (a) it's been
standard for many, many years, and (b) replacing it with NOOP does not have a
"safe" effect. Do not use this feature if you value mail reliability.

Please respond off list

Actually, this is far more on-topic than most NANOG drivel, so I'll respond here
:slight_smile:

S