What in the world is up with this? Why does Cisco continue to push this with their PIX/ASA?
I agree that adding some additional security to the SMTP protocol is necessary in order to lower the amount of spam and attacks (Directory harvesting in particular), but I think we need to leave that to the MTA's themselves.
The havoc this inspection rule causes for mail flow is INSANE. Slow response times across the boards, banner masking, confusion on the part of admins as to what the hell is going on....etc. This recently happened with myself and a professional counterpart where we were banging our heads against the wall for several hours late into the night...ugh.
Ok, just venting.