ESMTP specifies
service extensions to the original SMTP protocol for sending e-mail messages that support graphics, audio, and video files,
and text in various national languages. Although an ESMTP session is similar to SMTP, there is one difference??”the EHLO
command. An ESMTP client supporting ESMTP protocol starts a connection by issuing the EHLO command instead of the
HELO command used in standard SMTP. (Refer to RFC 1869, "SMTP Service Extensions," for further details.)
The enhanced SMTP inspection engine adds support for ESMTP, Post Office Protocol 3 (POP3), and Internet Message Access
Protocol (IMAP) in addition to the standard SMTP protocol. Advanced application inspection prevents protocol masquerading
and enforcing strict RFC compliance.
To configure SMTP/ESMTP inspection, use the ip inspect name inspection-name {smtp | esmtp } command from the
global configuration mode along with other required parameters. (Refer to steps defined earlier in the section "Configuring
CBAC .") This feature was introduced in IOS Version 12.3(14)T.
Firewall ACL Bypass
Before the implementation of the Firewall ACL Bypass feature, a packet was subject to processing for three searches
(inbound ACL, outbound ACL, and the session table of the firewall).
Pages:
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231