Date: Tue, 03 Oct 2000 18:16:12 +0100 From: David Pick <D.M.Pick@qmw.ac.uk> To: security@freebsd.org Subject: Re: cvs commit: src/etc inetd.conf Message-ID: <E13gVfo-0006bL-00@xi.css.qmw.ac.uk> In-Reply-To: Your message of "Tue, 03 Oct 2000 11:05:05 MDT." <200010031705.LAA23799@nomad.yogotech.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> > > > Isn't sendmail just as happy getting a RST back when it tries to > > > > connect? > > > > > > Yep, but it slows mail transfers down quite a bit. > > > > > > > > > Nate > > > > Does sendmail retry when it gets a connection refused back? > > Yep, but having to do a retry for every incoming connection can be quite > a slowdown when you receive *LOTS* of email. Any FreeBSD user who has > that on his box is slowing down delivery of email significantly, because > the FreeBSD mailing lists tend to generate *lots* of email messages. :) Sorry, I don't get this. If sendmail attempts to call the "auth" port on the sending machine and gets a response it should be happy. If it gets no response (after a time-out) it would be entitled to retry a few times in case of packet loss. *But* if it gets a RST, which is a positive rejection of the connection attempt, it can deduce that there is *no* "auth" service on the remote machine, and that retrys are a waste of time. Most clients (like "telnet") report this as "connection refused" if it happens on the main connection channel. An ICMP response might well be a transient condition, but a RST isn't. Unless sendmail takes the view that *any* error *might* be a transient condition and a retry or two worthwhile. -- David Pick To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?E13gVfo-0006bL-00>