On Tue, Jan 23, 2001 at 02:22:24PM +0000, Mark Delany wrote:
> You do not need to run an ident server, and indeed many people
> don't. The impact applies to Scenario 1. Remote systems will be trying
> to contact your ident server when you send mail out. Because you are
> not running an ident server, they will timeout on that connection
> prior to proceeding with the SMTP transaction. This is no big deal,
> but it does add delay to some of your outgoing emails.
This could easily avoided in your firewall: for every incoming ident-lookup
reset the connection immediately.
In ipfilter this would be something like:
block return-rst in quick on [interface] from any to any port=ident
--
Henning Brauer | BS Web Services
Hostmaster BSWS | Roedingsmarkt 14
[EMAIL PROTECTED] | 20459 Hamburg
http://www.bsws.de | Germany
