SMTP Filter help
- From: "Friese, Casey" <cfriese@xxxxxxxxxxxxx>
- To: <isalist@xxxxxxxxxxxxx>
- Date: Fri, 6 Jun 2003 13:08:28 -0400
Greetings,
I'm toying around with the SMTP Application filter for the first time and I'm
picking up event logs but I'm not sure if they really indicate a problem for my
situation.
My ISA server is configured to accept POP3 connection for our sales reps and
also to Allow outbound SMTP for them to send messages. Since I've enabled the
smtp filter I'm seeing events of source SmtpEvt Unknown commands. The commands
that are being received are AUTH commands which are usually (in my experience
anyway) only used for IMAP. We don't have any clients using IMAP (if they are,
they shouldn't be).
Questions are this:
1. Is there any part of POP3 communication that uses the AUTH command (perhaps
OT) and without AUTH listed as a valid command on the filter, I could be
causing my pop clients problems?
2. If POP3 does need the AUTH command - What is the Max. Length that should be
set when adding it in as a valid smtp command on the Filter?
3. If POP3 does not need the AUTH command and someone is trying to use it, is
the connection attempt logged anywhere other than the Event Viewer? I want to
be able to see where these attempt are coming from.
Thank You,
Casey Friese
Other related posts:
