From owner-freebsd-questions@FreeBSD.ORG Fri Apr 2 17:50:27 2010 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id BC302106566C for ; Fri, 2 Apr 2010 17:50:27 +0000 (UTC) (envelope-from m.seaman@infracaninophile.co.uk) Received: from smtp.infracaninophile.co.uk (gate6.infracaninophile.co.uk [IPv6:2001:8b0:151:1::1]) by mx1.freebsd.org (Postfix) with ESMTP id 196208FC08 for ; Fri, 2 Apr 2010 17:50:26 +0000 (UTC) Received: from seedling.black-earth.co.uk (seedling.black-earth.co.uk [81.187.76.163]) (authenticated bits=0) by smtp.infracaninophile.co.uk (8.14.4/8.14.4) with ESMTP id o32HoLnm074576 (version=TLSv1/SSLv3 cipher=DHE-RSA-CAMELLIA256-SHA bits=256 verify=NO); Fri, 2 Apr 2010 18:50:22 +0100 (BST) (envelope-from m.seaman@infracaninophile.co.uk) Message-ID: <4BB62E5D.5030400@infracaninophile.co.uk> Date: Fri, 02 Apr 2010 18:50:21 +0100 From: Matthew Seaman Organization: Infracaninophile User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.1.9) Gecko/20100317 Thunderbird/3.0.4 MIME-Version: 1.0 To: David Allen References: <201004011751.27767.npapke@acm.org> <4BB58AC2.50009@infracaninophile.co.uk> In-Reply-To: X-Enigmail-Version: 1.0.1 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Virus-Scanned: clamav-milter 0.95.3 at happy-idiot-talk.infracaninophile.co.uk X-Virus-Status: Clean X-Spam-Status: No, score=-1.1 required=5.0 tests=BAYES_00,DKIM_ADSP_ALL, SPF_FAIL autolearn=no version=3.3.0 X-Spam-Checker-Version: SpamAssassin 3.3.0 (2010-01-18) on happy-idiot-talk.infracaninophile.co.uk Cc: freebsd-questions@freebsd.org Subject: Re: Sendmail Five Second Greeting Delay X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 02 Apr 2010 17:50:27 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 02/04/2010 13:33:09, David Allen wrote: > Secondly, it seems the cause of the OP's problem was a delay associated > with an IDENT query. Specificially > > confTO_IDENT Timeout.ident [5s] The timeout waiting for a > response to an IDENT query. > > If he had local DNS configured, there would be no query, and therefore no > issue, but setting the timeout to 0 seconds using Ident queries like this will cause a delay if the other side doesn't respond respond to the ident query. That's typical behaviour for most machines that run firewalls nowadays. Given that ident is broken as designed (see rant in other post) turning it off is a good idea in my book. Note that the 5s delay produced by ident-flail doesn't prevent ultimate delivery of the message. FEATURE('greet_pause', ...) does when the other side is rude enough not to play by the rules. As far as I know, the ident protocol doesn't depend on the availability of DNS -- mind you, SMTP really really does depend on working DNS, so it would be pretty broken anyhow. > define(`confTO_IDENT', 0s) > > does remove the delay, but not the underlying problem. Should disable use of the ident protocol with sendmail. Cheers, Matthew - -- Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate Kent, CT11 9PW -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.14 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAku2Ll0ACgkQ8Mjk52CukIybUQCfUS1juVDpbmEVuZ1K9LhZGiBo PxwAoJSXWMl0wPqIx/co7cNjp2dNXyoU =+PB0 -----END PGP SIGNATURE-----