Re: Ipchains and smtp rule

From: Kutulu (kutulu@kutulu.org)
Date: 11/22/01


Message-ID: <043101c1737b$33f83240$88682518@longhill1.md.home.com>
From: "Kutulu" <kutulu@kutulu.org>
To: <monz@danbbs.dk>, "focus-linux" <focus-linux@securityfocus.com>
Subject: Re: Ipchains and smtp rule
Date: Thu, 22 Nov 2001 12:29:11 -0500

From: "Mogens Valentin" <monz@danbbs.dk>
To: "focus-linux" <focus-linux@securityfocus.com>
Sent: Wednesday, November 21, 2001 8:06 AM
Subject: Re: Ipchains and smtp rule

> If I do a telnet mailserver 25, i get a roughly 30 sec delay.
> I've seen remarks about exactly that kind of delay on various lists
> before, and it's usually a dns problem, so I'm going to check the
> caching nameserver setup for errors.

30 seconds is a bit small for a DNS lookup problem, but that is the first
place I'd look. Especially helpful would be running the mailserver in
debugging mode (for sendmail, run 'sendmail -bD -d9'). Then telnet into
your server. It will print out all of the hostname lookups it's doing, and
you can tell when one stalls. In addition to the actual forward/reverse
lookups it does on incoming mail, also make sure it's not stalling on a
RBL-type lookup. This happened to me when ORBS and MAPS both went
effectively offline (one went down, one went commercial).

--K