Ricardo Kleemann writes:
Thanks Sam.But if I'm connecting to localhost, how does that play into reverse DNS?
It doesn't matter what your IP address is. Courier still attempts to resolve it. The only thing that's special about localhost is that it's IP address is 127.0.0.1
The server is behind a firewall so the actual connecting address would be an internal IP anyway. But in the case of localhost I don't understand the role of reverse DNS and ident lookup.
Courier performs reverse/forward DNS lookup on the connecting IP address. Whether it's localhost, or some other IP address, it doesn't make a difference.
Ricardo On Thu, 2008-11-27 at 15:23 -0500, Sam Varshavchik wrote:Ricardo Kleemann writes: > Hi,> > I'm trying to debug why sometimes it takes quite a while to get the 220> greeting on port 25.> > I thought maybe it's the filter (I use pureperlfilter) but I only have> that enabled on esmtp and the delay I get is on localhost (telnet > locahost 25)> > The server is not very busy. Sometimes it will take many seconds to get> the 220 response even when the server is not busy, sometimes it's > immediate. Two possible causes: 1) Reverse and forward DNS lookup on the connecting IP address 2) identd (auth) query to the source IP Possible cause for delays:1) DNS misconfiguration. Merely not defining reverse IP does not cause a delay. The DNS SOA for the zone replies with NXDOMAIN immediately, and life goes on. But if reverse DNS for the zone points to a nonexistent NS, there will be a delay waiting for the DNS query to time out2) A broken firewall, or a broken TCP stack. Normally if identd is not running on the connecting IP address, the connection attempt fails immediately, and life goes on. If a broken TCP stack or a broken firewall just drops all packets, there will be a delay waiting for the identd query to timeout.Your options are to turn off reverse DNS and identd. If you choose to turn off reverse DNS, your logs will not show connecting hostnames, and you cannot use SPF. Turning off identd makes little difference, and is mostly risk free. Both options are set in the esmtpd configuration file, the TCPDOPTS setting.If you have a delayed prompt, a non-functioning identd manifests as a 30 second delay, precisely. In your case, where the delays are sporadic, that suggests flaky reverse DNS, with the exact behavior controlled by the connecting IP address.------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ _______________________________________________ courier-users mailing list [email protected] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ _______________________________________________ courier-users mailing list [email protected] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
pgp62dGrLUq41.pgp
Description: PGP signature
------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________ courier-users mailing list [email protected] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
