[windows2000] OT - IDP
- From: "Farrugia, Paul" <pfarrugia@xxxxxxxxxxxx>
- To: <windows2000@xxxxxxxxxxxxx>
- Date: Thu, 23 Dec 2004 09:20:21 -0500
Hello,
Does anyone use the NetScreen IDP appliance or I guess any appliance? We
just installed one and are having some problems with some outside email.
Basically the IDP is blocking certain messages (both sending and
receiving) by default because of suspected attacks. Here are some of the
messages that I am seeing in the logs:
SMTP Buffer Overflow: Command Line
This protocol anomaly is a text line (in the command section, before the
DATA command) in an SMTP connection that is too long. This may indicate
a buffer overflow attempt.
SMTP Unfinished Multipart Msg
This protocol anomaly is an SMTP message with a MIME multipart boundary
that exceeds actual multipart data (all data is processed but unfinished
boundary delimiters exist).
They are both listed as attacks therefore causing the connections to be
dropped.
This only happens for some outside addresses. I do know that we receive
email from yahoo accounts, Comcast accounts and this list without any
problems. Is this something that I should have to fix on my end? It
seems to me that the IDP is doing its job and it may be a configuration
on the outside servers. How should I go about getting around this?
Thanks in advance and happy holidays!
Paul.
Other related posts:
