PSS ID Number: 275575
Article Last Modified on 11/19/2003
The information in this article applies to:
- Microsoft Windows 2000 Server
- Microsoft Exchange Server 5.5
- Microsoft Exchange 2000 Server
This article was previously published under Q275575
SYMPTOMS
The Exchange Server 5.5, Exchange 2000, or the Microsoft Internet Information Services (IIS) SMTP service is configured to allow relay for clients that authenticate. A client, such as Outlook Express, tries to send Simple Mail Transfer Protocol (SMTP) mail, and is unable to. The error message is one or more of the following:
-or-
-or-
Other possible symptoms are:
- If you attempt to telnet to the Exchange Server Internet Mail Service, it responds with a series of asterisks (*) where the host name is expected. For example:
250 *********************
- If you issue the Extended SMTP (ESMTP) command, EHLO, the response is similar to the following:
500 Unrecognized command
CAUSE
Check for the presence of a Cisco PIX router. The Cisco PIX router has software called MailGuard or MailHost on, by default. However, it is not called that in the default installation. Instead, it is called "FIXUP PROTOCOL SMTP 25."
This software can prevent ESMTP commands such as EHLO. Because you cannot initiate an ESMTP conversation with the Exchange Server computer, it cannot issue the ESMTP command, AUTH, which, therefore, prevents the client from authenticating to the Exchange Server computer, and mail relay does not work.
RESOLUTION
Disable the Mail Guard feature on the Cisco PIX firewall. For additional information, contact Cisco.
MORE INFORMATION
Mail Guard allows connections to an internal e-mail host through Transport Control Protocol (TCP) port 25 only. It logs all SMTP activity and allows only the minimum SMTP server commands found in Request for Comments (RFC) 821, Section 4.5.1.
For additional information, click the article number below to view the article in the Microsoft Knowledge Base:
190366 XFOR: Cannot Reply to Messages Through a Cisco PIX Firewall
The third-party products that are discussed in this article are manufactured by companies that are independent of Microsoft. Microsoft makes no warranty, implied or otherwise, regarding the performance or reliability of these products.
For information about how to contact Cisco, click the appropriate article number in the following list to view the article in the Microsoft Knowledge Base:
65416 Hardware and Software Third-Party Vendor Contact List, A-K
60781 Hardware and Software Third-Party Vendor Contact List, L-P
60782 Hardware and Software Third-Party Vendor Contact List, Q-Z
Microsoft provides third-party contact information to help you find technical support. This contact information may change without notice. Microsoft does not guarantee the accuracy of this third-party contact information.
Keywords: kbprb KB275575
Technology: kbExchange2000Search kbExchange2000Serv kbExchange2000ServSearch kbExchange550 kbExchangeSearch kbwin2000Search kbwin2000Serv kbwin2000ServSearch kbZNotKeyword2