I know this topic
has come up many time before, but my situation seems to be unique and one that I
can find no info on. So here's the deal:
I'm running qpopper
4.03 inside NAT (with all the proper policies) on a redhat 7.1 system. It is a
dev mail server that appears to be working fine with one exception (here's the
tricky part.) When logging into port 110 of the machine via its
outside NAT IP from anywhere on the *trusted* side (inside)
of the firewall there is a 35 second delay before the Qpopper banner
appears. When logging into port 110 of the machine via inside IP
from anywhere on the *trusted* side (inside) there is no
delay. From anywhere else outside the firewall, there is no
delay. Telnetting in to any other port (like 21) has no delays from
*anywhere*!
I'm using our main
DNS machines, and everything appears to be working correctly there as well.
Everything resolves correctly (both internal and external IPs and host
names.)
It seems like
it could be timing out on a reverse lookup, but the lookup works fine from
the console. I added several IPs to /etc/hosts and although
Qpopper did correctly log them with the actual IPs, it made no difference with
the slow login. I disabled Qpopper's reverse lookup with the -R argument and it
makes no difference with the slow login (although the logs did
indicate Qpopper was no longer doing a reverse
lookup.)
Could this have
something to do with xinetd (which starts popper), or some other
wrapper watching over port 110 and *it* doing the reverse lookup which is
timing out for some unknown reason? Why does it only timeout when internal
machines access the mail server via external IP? Why can external machines
access the mail server via the external IP fine?
Any thoughts or help
would be GREATLY appreciated!
Thanks!
Mike
----
|Michael Smallwood
|Mindseye Technology
Inc.
|617-350-0339 x52
|[EMAIL PROTECTED]
