"Mark Delany" <[EMAIL PROTECTED]> writes:
> Scenario 2: When a remote system establishes an SMTP session with your
> system, your tcpserver will try and contact the ident server on the
> remote system. If the remote system is not running an ident server,
> tcpserver has to wait for the timeout before proceeding. This is what
> was happening to you.
Not running an identd server need not lead to a noticeable timeout.
The remote system should refuse the connection attempt immediately,
tcpserver will get a RST packet and an ECONNREFUSED error, and will
continue immediately without waiting for the timeout period.
The timeout occurs because of firewalls. Firewalls drop the packets
intended for the identd server, so the tcpserver never gets the RST
packet and has to wait for the full timeout (default 26 seconds,
controllable by the -t option).
If the firewall is configured to pass through packets with a
destination port of 113, then remote servers won't time out.
Alternatively, a good feature to have on firewalls would be
``immediately refuse TCP connections to these port numbers.'' I don't
know if firewalls typically have that sort of feature.
Ian
