From owner-freebsd-net  Wed Dec  4  7:12:11 2002
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 7B69C37B401
	for <freebsd-net@freebsd.org>; Wed,  4 Dec 2002 07:12:10 -0800 (PST)
Received: from skynet.stack.nl (skynet.stack.nl [131.155.140.225])
	by mx1.FreeBSD.org (Postfix) with ESMTP id BF83B43EA9
	for <freebsd-net@freebsd.org>; Wed,  4 Dec 2002 07:12:09 -0800 (PST)
	(envelope-from dean@dragon.stack.nl)
Received: by skynet.stack.nl (Postfix, from userid 65534)
	id 5DAE74018; Wed,  4 Dec 2002 16:14:12 +0100 (CET)
Received: from dragon.stack.nl (dragon.stack.nl [2001:610:1108:5011:207:e9ff:fe09:230])
	by skynet.stack.nl (Postfix) with ESMTP
	id 5E9CA4012; Wed,  4 Dec 2002 16:14:06 +0100 (CET)
Received: by dragon.stack.nl (Postfix, from userid 1600)
	id 22D4C9895; Wed,  4 Dec 2002 16:12:02 +0100 (CET)
Date: Wed, 4 Dec 2002 16:12:02 +0100
From: Dean Strik <dean@stack.nl>
To: Markus Stumpf <maex-lists-freebsd-net@Space.Net>
Cc: freebsd-net@freebsd.org
Subject: Re: FreeBSD <-> PIX IP comm problem - no ACK received
Message-ID: <20021204151201.GA98370@dragon.stack.nl>
References: <20021204160439.A66263@Space.Net>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20021204160439.A66263@Space.Net>
X-Editor: VIM Rulez! http://www.vim.org/
X-MUD: Outerspace - telnet://mud.stack.nl:3333
X-Really: Yes
User-Agent: Mutt/1.5.1i
X-Spam-Status: No, hits=-3.3 required=8.0
	tests=IN_REP_TO,QUOTED_EMAIL_TEXT,REFERENCES,
	      SIGNATURE_SHORT_DENSE,SPAM_PHRASE_00_01,USER_AGENT,
	      USER_AGENT_MUTT
	version=2.43
X-Spam-Level: 
Sender: owner-freebsd-net@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-net.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-net>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-net>
X-Loop: FreeBSD.org

Markus Stumpf wrote:
> Problem:
> I have an email message that is 3374 Bytes. It should be sent via SMTP
> to another server that is behind a PIX Firewall.
> The communiction gets tricky at the end of the message, because instead of
>     CR LF "." CR LF
> packet N contains
>     data CR LF "." CR
> and the following packet would only contain
>     LF
> so far so good, but the problem is
> a) the PIX does never ACK packet N
> b) packet N+1 never gets out despite the fact that it could be sent
>    according to the window size.

This is a known problem with PIXes. The solution is to either disable
the PIX SMTP firewall or to upgrade the OS to at least 5.2(4) or 6.0(1).

Indeed this only happens if the '.' is in one packet and the CR/LF in
the next.

I think Postfix has a workaround for this; don't know about other
software.

-- 
Dean C. Strik             Eindhoven University of Technology
dean@stack.nl  |  dean@ipnet6.org  |  http://www.ipnet6.org/
"This isn't right. This isn't even wrong." -- Wolfgang Pauli

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message