Date: Wed, 4 Dec 2002 16:12:02 +0100 From: Dean Strik <dean@stack.nl> To: Markus Stumpf <maex-lists-freebsd-net@Space.Net> Cc: freebsd-net@freebsd.org Subject: Re: FreeBSD <-> PIX IP comm problem - no ACK received Message-ID: <20021204151201.GA98370@dragon.stack.nl> In-Reply-To: <20021204160439.A66263@Space.Net> References: <20021204160439.A66263@Space.Net>
next in thread | previous in thread | raw e-mail | index | archive | help
Markus Stumpf wrote: > Problem: > I have an email message that is 3374 Bytes. It should be sent via SMTP > to another server that is behind a PIX Firewall. > The communiction gets tricky at the end of the message, because instead of > CR LF "." CR LF > packet N contains > data CR LF "." CR > and the following packet would only contain > LF > so far so good, but the problem is > a) the PIX does never ACK packet N > b) packet N+1 never gets out despite the fact that it could be sent > according to the window size. This is a known problem with PIXes. The solution is to either disable the PIX SMTP firewall or to upgrade the OS to at least 5.2(4) or 6.0(1). Indeed this only happens if the '.' is in one packet and the CR/LF in the next. I think Postfix has a workaround for this; don't know about other software. -- Dean C. Strik Eindhoven University of Technology dean@stack.nl | dean@ipnet6.org | http://www.ipnet6.org/ "This isn't right. This isn't even wrong." -- Wolfgang Pauli To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20021204151201.GA98370>