On Sat, Mar 22, 2008 at 12:44 PM, Jake S <jake at asmessaging dot com> wrote:
> That smtp conversation is what a Cisco PIX firewall does with smtp fixup
> enabled. The "220 *********" gives it away.
Yep, that definitely looks like there is a PIX somewhere, the SMTP
fixup does just that. Unless the poster did that to obfuscate the
output, though that doesn't appear to be the case. Depending on the
SMTP fixup config on a PIX, it can stop certain things like STARTTLS.
m0n0wall doesn't have any capabilities of treating port 25 traffic
differently from port 23 or 2525 or any other port traffic. This has
to be either a PIX somewhere on your network (seems unlikely), or more
likely something on your ISP's network where they're transparently
proxying SMTP traffic on your new IP space when they didn't on your