From owner-freebsd-security Tue Oct 3 10:16:25 2000 Delivered-To: freebsd-security@freebsd.org Received: from zeta.qmw.ac.uk (zeta.qmw.ac.uk [138.37.6.6]) by hub.freebsd.org (Postfix) with ESMTP id 7203C37B503 for ; Tue, 3 Oct 2000 10:16:22 -0700 (PDT) Received: from xi.css.qmw.ac.uk ([138.37.8.11]) by zeta.qmw.ac.uk with esmtp (Exim 3.02 #1) id 13gVfo-0002ZL-00 for security@freebsd.org; Tue, 03 Oct 2000 18:16:12 +0100 Received: from cgaa180 by xi.css.qmw.ac.uk with local (Exim 1.92 #1) for security@freebsd.org id 13gVfo-0006bL-00; Tue, 3 Oct 2000 18:16:12 +0100 X-Mailer: exmh version 2.0.2 2/24/98 To: security@freebsd.org Subject: Re: cvs commit: src/etc inetd.conf In-reply-to: Your message of "Tue, 03 Oct 2000 11:05:05 MDT." <200010031705.LAA23799@nomad.yogotech.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Tue, 03 Oct 2000 18:16:12 +0100 From: David Pick Message-Id: Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > > > > Isn't sendmail just as happy getting a RST back when it tries to > > > > connect? > > > > > > Yep, but it slows mail transfers down quite a bit. > > > > > > > > > Nate > > > > Does sendmail retry when it gets a connection refused back? > > Yep, but having to do a retry for every incoming connection can be quite > a slowdown when you receive *LOTS* of email. Any FreeBSD user who has > that on his box is slowing down delivery of email significantly, because > the FreeBSD mailing lists tend to generate *lots* of email messages. :) Sorry, I don't get this. If sendmail attempts to call the "auth" port on the sending machine and gets a response it should be happy. If it gets no response (after a time-out) it would be entitled to retry a few times in case of packet loss. *But* if it gets a RST, which is a positive rejection of the connection attempt, it can deduce that there is *no* "auth" service on the remote machine, and that retrys are a waste of time. Most clients (like "telnet") report this as "connection refused" if it happens on the main connection channel. An ICMP response might well be a transient condition, but a RST isn't. Unless sendmail takes the view that *any* error *might* be a transient condition and a retry or two worthwhile. -- David Pick To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message