Hi Casey, The SMTP filter doesn't do anything with POP3 connections. On the other hand, the POP3 filter does :) HTH< Tom Thomas W Shinder www.isaserver.org/shinder ISA Server and Beyond: http://tinyurl.com/1jq1 Configuring ISA Server: http://tinyurl.com/1llp -----Original Message----- From: Friese, Casey [mailto:cfriese@xxxxxxxxxxxxx] Sent: Friday, June 06, 2003 12:08 PM To: [ISAserver.org Discussion List] Subject: [isalist] SMTP Filter help http://www.ISAserver.org Greetings, I'm toying around with the SMTP Application filter for the first time and I'm picking up event logs but I'm not sure if they really indicate a problem for my situation. My ISA server is configured to accept POP3 connection for our sales reps and also to Allow outbound SMTP for them to send messages. Since I've enabled the smtp filter I'm seeing events of source SmtpEvt Unknown commands. The commands that are being received are AUTH commands which are usually (in my experience anyway) only used for IMAP. We don't have any clients using IMAP (if they are, they shouldn't be). Questions are this: 1. Is there any part of POP3 communication that uses the AUTH command (perhaps OT) and without AUTH listed as a valid command on the filter, I could be causing my pop clients problems? 2. If POP3 does need the AUTH command - What is the Max. Length that should be set when adding it in as a valid smtp command on the Filter? 3. If POP3 does not need the AUTH command and someone is trying to use it, is the connection attempt logged anywhere other than the Event Viewer? I want to be able to see where these attempt are coming from. Thank You, Casey Friese ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')