Re: Sendmail greeting delay
On Tue, 13 Jan 2015 14:27:42 -0500
David Parker <dparker@utica.edu> wrote:
> Thanks for the replies.
>
> The system is not using tcpwrappers, and it's also not a DNS issue.
> The client PC does have a reverse DNS entry. A tcpdump packet
> capture on the server shows the initial connection from the client
> followed by a bunch of DNS traffic, all within the same second. Then
> nothing happens for exactly 5 seconds, then the server sends data
> back to the client.
>
> Just to be extra sure, I added an entry for it in /etc/hosts so DNS
> wouldn't even be needed. Still made no difference.
>
Is it asking for an ident from the connecting server (TCP port 7)? This
is an old-fashioned custom, when computers with MTAs also ran ident
servers, which provided some fairly harmless information.
Exim4 can certainly ask for an ident, and does nothing for a
configurable timeout unless one is received, or the sender address is
whitelisted. It is a simple anti-spam measure, as practically nothing
runs ident servers today, and most malware will give up before a
thirty-second timeout expires, whereas a legitimate MTA will wait
for that long.
--
Joe
Reply to: