sendmail ident
Dave Hull
dphull at insipid.com
Tue May 31 08:45:54 CDT 2005
Quoting Gerald Combs <gerald at ethereal.com>:
> It's also a major performance hit. Most mail servers (and clients)
> these days are behind firewalls. The ident request will get dropped
> nearly 100% of the time, resulting in a long pause while the attempt
> times out.
If you're running IP Tables, you can take this rule from one of my Red Hat
servers and adapt it to your needs, doing so will drastically reduce the long
pause:
# reject identd requests
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 113
-j REJECT
--reject-with tcp-reset
Good luck.
--
Dave Hull
http://insipid.com
More information about the Kclug
mailing list