From owner-freebsd-questions@FreeBSD.ORG  Fri Apr  2 18:13:10 2010
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id B8814106564A
	for <freebsd-questions@freebsd.org>;
	Fri,  2 Apr 2010 18:13:10 +0000 (UTC)
	(envelope-from freebsd-questions-local@be-well.ilk.org)
Received: from mail1.sea5.speakeasy.net (mail1.sea5.speakeasy.net
	[69.17.117.3]) by mx1.freebsd.org (Postfix) with ESMTP id 90DC68FC0A
	for <freebsd-questions@freebsd.org>;
	Fri,  2 Apr 2010 18:13:10 +0000 (UTC)
Received: (qmail 22196 invoked from network); 2 Apr 2010 18:13:09 -0000
Received: from dsl092-078-145.bos1.dsl.speakeasy.net (HELO be-well.ilk.org)
	([66.92.78.145])
	(envelope-sender <freebsd-questions-local@be-well.ilk.org>)
	by mail1.sea5.speakeasy.net (qmail-ldap-1.03) with SMTP
	for <freebsd-questions@freebsd.org>; 2 Apr 2010 18:13:09 -0000
Received: by be-well.ilk.org (Postfix, from userid 1147)
	id DD4505084B; Fri,  2 Apr 2010 14:13:08 -0400 (EDT)
From: Lowell Gilbert <freebsd-questions-local@be-well.ilk.org>
To: Matthew Seaman <m.seaman@infracaninophile.co.uk>
References: <201004011751.27767.npapke@acm.org>
	<4BB58AC2.50009@infracaninophile.co.uk>
	<p2y2daa8b4e1004020533u16d3c5a5hc48eb7ec4ceea7b8@mail.gmail.com>
	<4BB62E5D.5030400@infracaninophile.co.uk>
Date: Fri, 02 Apr 2010 14:13:08 -0400
In-Reply-To: <4BB62E5D.5030400@infracaninophile.co.uk> (Matthew Seaman's
	message of "Fri, 02 Apr 2010 18:50:21 +0100")
Message-ID: <44iq89lo3v.fsf@be-well.ilk.org>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/23.1 (berkeley-unix)
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Cc: freebsd-questions@freebsd.org, David Allen <the.real.david.allen@gmail.com>
Subject: Re: Sendmail Five Second Greeting Delay
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 02 Apr 2010 18:13:10 -0000

Matthew Seaman <m.seaman@infracaninophile.co.uk> writes:

> Ident queries like this will cause a delay if the other side doesn't
> respond respond to the ident query.  That's typical behaviour for most
> machines that run firewalls nowadays.  Given that ident is broken as
> designed (see rant in other post) turning it off is a good idea in my book.

I consider it polite for firewalls to actively refuse to open the
connection (TCP reset) rather than just dropping the request, though.
There's really no downside to doing so.

-- 
Lowell Gilbert, embedded/networking software engineer, Boston area
		http://be-well.ilk.org/~lowell/