Now when i looked 2nd time i recognized this string... TLRMTVNTUAABAAAAB4IA0AAAAAAAAAAAAAAAAAAAAAA= I used this for implementation of NTLM authentication in HTTP filter Proxy-Authorization: NTLM TlRMTVNTUAABAAAAB7IIgAgACAAmAAAABgAGACAAAABTQU5EUk9HRklNQUxUQX== So i guess this was part of some authenitacion in smtp which was disassembled by smtp filter wrongly L ´ L M S S P ' Ð translated to 8bit Regards David N. Farinic -----Original Message----- From: Jay Apolinario [mailto:japolinario@xxxxxxxxxxx] Sent: Thursday, January 09, 2003 4.26 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: SMTP Filter STARTTLS Issue http://www.ISAserver.org Thank you very much. I got event viewer like: TLRMTVNTUAABAAAAB4IA0AAAAAAAAAAAAAAAAAAAAAA= in hex with message saying invalid SMTP Command. I tried to add this Smtp COMMAND somehow I don't know what is the command and what is the parameter. Where can I get a table of SMTP commands with their attributes like length, parameter... etc? Also I get hex strings that do not tell the Smtp command but says exceeded length. -----Original Message----- From: Edward Sullivan [mailto:esullivan@xxxxxxx] Sent: Thursday, January 09, 2003 9:46 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: SMTP Filter STARTTLS Issue http://www.ISAserver.org RFC1869 is what you are looking for. http://www.ietf.org/rfc/rfc1869.txt Cheers. -----Original Message----- From: Jay Apolinario [mailto:japolinario@xxxxxxxxxxx] Sent: Thursday, January 09, 2003 8:21 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: SMTP Filter STARTTLS Issue http://www.ISAserver.org Hello Everybody. I keep getting smtpevnt errors in the eventlog such as length error, unknown commands. I have modified the length error in trial & error and it works. With regards to SMTP commands, where can I find a publication of all SMTP commands. Thank you in advance. -----Original Message----- From: Deus, Attonbitus [mailto:Thor@xxxxxxxxxxxxxxx] Sent: Wednesday, January 08, 2003 6:13 PM To: [ISAserver.org Discussion List] Subject: [isalist] SMTP Filter STARTTLS Issue http://www.ISAserver.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Well, I was hoping that the updated SMTP fitler in Feature Pack 1 would fix the issues with using the filter where one uses secure SMTP, but it does not look like it does. When using STARTTLS to send, the client first does a EHLO, issues a STARTTLS, and does another EHLO. With the SMTP filter enabled, the second EHLO fails- this is true with a Eudora client or an OE client. Anyone using secure SMTP with the filter on and have it working???? AD -----BEGIN PGP SIGNATURE----- Version: PGP 7.1 iQA/AwUBPhywgYhsmyD15h5gEQL+/gCgnC7Tn4bRVIbzJ2SOzZbyPGGi5oUAn3ih ORHFOxxfSYopf6/UQ/EXUKSe =xoGh -----END PGP SIGNATURE----- ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Exchange Server Resource Site: http://www.msexchange.org/ Windows Security Resource Site: http://www.windowsecurity.com/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: japolinario@xxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Exchange Server Resource Site: http://www.msexchange.org/ Windows Security Resource Site: http://www.windowsecurity.com/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: esullivan@xxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Exchange Server Resource Site: http://www.msexchange.org/ Windows Security Resource Site: http://www.windowsecurity.com/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: japolinario@xxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Exchange Server Resource Site: http://www.msexchange.org/ Windows Security Resource Site: http://www.windowsecurity.com/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: davidf@xxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') This mail was content checked for malicious code and viruses by GFI MailSecurity. GFI MailSecurity provides email content checking, exploit detection and anti-virus for Exchange & SMTP servers. Spam, viruses, dangerous attachments and offensive content are removed automatically. Key features include: Multiple virus engines; Email content & attachment checking; Exploit shield - email intrusion detection & defence; Email threats engine - analyses & defuses HTML scripts, .exe files & more. In addition to GFI MailSecurity, GFI also produces the GFI FAXmaker fax server & GFI LANguard network security product ranges. For more information on our products, please visit http://www.gfi.com. This disclaimer was sent by GFI MailEssentials for Exchange/SMTP.