Support Support Downloads Knowledge Base Apex Support Portal Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

Error in event log: "smtp parse cmd error with code -1"

0

0

Article ID: KB10080 KB Last Updated: 23 Aug 2010Version: 3.0
Summary:
The following error may be reported in the event log: "smtp parse cmd error with code -1"
Symptoms:

Symptom:

  • The following error is reported in the event log: "smtp parse cmd error with code -1"

Below are reasons for the "smtp parse cmd error with code -1" error message:

1.  Both Anti-Virus and Anti-Spam use the same SMTP parser to validate SMTP traffic at the application level. If the firewall sees a SMTP command that is not supported, the error "smtp parse cmd error with code -1" will be logged and the packet corresponding to this message is dropped by the firewall.

2.  Currently, Extended SMTP (ESMTP) is not supported. As such, ESMTP commands such as BDAT and XEXCH50 will result in the error and dropped packets.



Solution:
The SMTP parser on Juniper firewalls only supports the following commands:

HELO, EHLO, MAIL, RCPT, DATA, QUIT, RSET, STARTTLS, SEND, SOML, SAML

Any other commands sent by either the SMTP server or client will generate the above parser error in the event log and be dropped by the firewall.

1) In order to avoid the parser error, disable any unsupported SMTP commands on either the server or the client.

2) If ESMTP is the cause of the messages, upgrade to ScreenOS 5.4.0r8 (and later) and 6.1.0r1 (and later).  These versions will prevent packets from being dropped by filtering out ESMTP commands from the capacity list in EHLO (Extended Hello) server reply messages. 

Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search