Re: Ipchains and smtp rule
From: Brian Hatch (focus-linux@ifokr.org)Date: 11/22/01
- Previous message: Laurent Luyckx: "Re: Ipchains and smtp rule"
- In reply to: Kutulu: "Re: Ipchains and smtp rule"
- Next in thread: Mogens Valentin: "Re: Ipchains and smtp rule"
- Reply: Mogens Valentin: "Re: Ipchains and smtp rule"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 22 Nov 2001 14:48:29 -0800 From: Brian Hatch <focus-linux@ifokr.org> To: Kutulu <kutulu@kutulu.org> Subject: Re: Ipchains and smtp rule Message-ID: <20011122144829.N28470@ifokr.org>
> > If I do a telnet mailserver 25, i get a roughly 30 sec delay.
> > I've seen remarks about exactly that kind of delay on various lists
> > before, and it's usually a dns problem, so I'm going to check the
> > caching nameserver setup for errors.
It's probably due to the mail server attempting an IDENT (port 113)
request to the client. If the client's IDENT port is silently
ignoring this connection (ipchains DENY vs REJECT) then it takes
a while before the mail server gives up. This timeout is usually
configurable.
-- Brian Hatch Turning off setuid bits Systems and of important unix tools Security Engineer is like poking out an http://www.ifokr.org/bri/ eye to prevent misuse. -- Nick Esborn. Every message PGP signed
- application/pgp-signature attachment: stored
- Previous message: Laurent Luyckx: "Re: Ipchains and smtp rule"
- In reply to: Kutulu: "Re: Ipchains and smtp rule"
- Next in thread: Mogens Valentin: "Re: Ipchains and smtp rule"
- Reply: Mogens Valentin: "Re: Ipchains and smtp rule"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
