Pix 515 - upgrade from 635 to 722 - sendmail breaks

---

• From: "raider.adam@xxxxxxxxx" <raider.adam@xxxxxxxxx>
• Date: 23 Apr 2007 12:39:10 -0700

---

Hello,

I am having a problem that I can't seem to figure where to look.

My original setup is sendmail on Linux in a DMZ using a PIX 515 and
version 6.35. Everything works just dandy.

Last night I installed more RAM and upgraded the PIX to 7.22. I did
some testing and everything seemed to upgrade rather easily. The only
thing that seemed to have any significant effect is that users got
prompted when they initiated a VPN. No big deal. I created accounts.

Well, during the day I started getting complaints about email. I
checked into it and emails originating from within the network were
working fine. Emails coming from outside were not. I checked my
sendmail logs and I was receiving these messages:

Apr 23 15:35:01 ford sendmail[4208]: l3NIYkeR004208: SYSERR(root):
collect: read timeout on connection from m4.campaignmonitor.com,
from=<DaVitaatHome-wkui1hkltuky1r@xxxxxxxxxxxxxx>
Apr 23 15:35:10 ford sendmail[4235]: l3NIZ0Vt004235: SYSERR(root):
collect: read timeout on connection from cdaams01.thecreek.com,
from=<shop@xxxxxxxxxxxxxxxxxx>
Apr 23 15:38:30 ford sendmail[4657]: l3NIcKC5004657: SYSERR(root):
collect: read timeout on connection from VMTA03.S2U2.COM,
from=<staples-return.4890732994@xxxxxxxxxxxxxxxxxxx>
Apr 23 15:38:50 ford sendmail[4711]: l3NIccte004711: SYSERR(root):
collect: read timeout on connection from 142.41.globalpercept.com,
from=<10250657.7572314@xxxxxxxxxxxxxxxxx>

From what I seem to have found out is that they relate to the

connection being killed in mid stream.

After spending time trying to figure it out, I rolled back to 6.35.
Immediately email went back to normal.

Any ideas on what could be going on with the upgrade that is causing
this? Something with fixup and inspection?

Any leads would be greatly appreciated.

Adam

.

---

• Prev by Date: Cisco 837 - Port fowarding question - Remote desktop
• Next by Date: 1242AG and WPA-PSK?
• Previous by thread: Cisco 837 - Port fowarding question - Remote desktop
• Next by thread: Pix 515 - upgrade from 635 to 722 - sendmail breaks
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: PPTP Clients loose connection to cisco PIX 506E after a while.. ... A customer of mine have just gotten a new Cisco Pix 506E, ... I've heard is that they loose connection after a while, ... pdm location 213.179.57.7 255.255.255.255 outside ... timeout xlate 0:05:00 ... (comp.dcom.sys.cisco) Pix 515 - upgrade from 635 to 722 - sendmail breaks ... Last night I installed more RAM and upgraded the PIX to 7.22. ... sendmail logs and I was receiving these messages: ... read timeout on connection from m4.campaignmonitor.com, ... (comp.dcom.sys.cisco) TCP timeout ... I'm getting a lot of "sendmail: SYSERR: collect: read timeout on connection from" entries in the logs. ... (freebsd-questions) RE: "The connection was dropped by the remote host" ... I see the log entries showing the connection, the mail from, the mail to ... > server drops the connection with a timeout. ... > The problem has happend at the same time, to at least 3 servers all ... > fixup smtp as suggested by MS, and Cisco, although the pix is runnin on ... (microsoft.public.inetserver.iis.smtp_nntp) Re: VPN Timeout ... :I would like to set timeout on VPN connection on my PIX 515 firewall. ... There aren't really VPN timeouts on PIX, ... (comp.dcom.sys.cisco)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint

newsgroups.derkeiler.com  > Archive  > Comp  > comp.dcom.sys.cisco  > 2007-04