RE: SMTP Filter help

• From: "Thomas W Shinder" <tshinder@xxxxxxxxxxxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Fri, 6 Jun 2003 12:32:10 -0500

Hi Casey,

The SMTP filter doesn't do anything with POP3 connections. On the other
hand, the POP3 filter does :)

HTH<
Tom

Thomas W Shinder 
www.isaserver.org/shinder 
ISA Server and Beyond: http://tinyurl.com/1jq1 
Configuring ISA Server: http://tinyurl.com/1llp 



-----Original Message-----
From: Friese, Casey [mailto:cfriese@xxxxxxxxxxxxx] 
Sent: Friday, June 06, 2003 12:08 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] SMTP Filter help


http://www.ISAserver.org


Greetings,

I'm toying around with the SMTP Application filter for the first time
and I'm picking up event logs but I'm not sure if they really indicate a
problem for my situation.

My ISA server is configured to accept POP3 connection for our sales reps
and also to Allow outbound SMTP for them to send messages.  Since I've
enabled the smtp filter I'm seeing events of source SmtpEvt Unknown
commands.  The commands that are being received are AUTH commands which
are usually (in my experience anyway) only used for IMAP.  We don't have
any clients using IMAP (if they are, they shouldn't be).

Questions are this:

1. Is there any part of POP3 communication that uses the AUTH command
(perhaps OT) and without AUTH listed as a valid command on the filter, I
could be causing my pop clients problems?

2. If POP3 does need the AUTH command - What is the Max. Length that
should be set when adding it in as a valid smtp command on the Filter?

3. If POP3 does not need the AUTH command and someone is trying to use
it, is the connection attempt logged anywhere other than the Event
Viewer?  I want to be able to see where these attempt are coming from.  

Thank You,
Casey Friese




------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')

Other related posts:

• » SMTP Filter help
• » RE: SMTP Filter help

1. Home
2. isalist
3. Archive
4. 06-2003

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---