Great Circle Associates Firewalls
(March 1997) 		 
Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]
Subject: Re: ipfwadm and smtp connections
From: Bernd Eckenfels <lists @ lina . inka . de>
Date: Mon, 10 Mar 1997 22:25:31 +0100
To: m* <mark @ novare . net>
Cc: firewalls @ GreatCircle . COM
In-reply-to: <3323C21C . 65395D96 @ novare . net>; from m* on Mar 03, 1997 at 02:11:08AM -0600
References: <48256456 . 00091DBE . 00 @ mta2 . lotus . com> <3323C21C . 65395D96 @ novare . net> 
Hi,

> smtp connections through the firewall to our mail server are 
> ridiculously slow, like 25 seconds before the connection and xfer
> completes. needless to say, this is unacceptable.

Perhaps your mail server is trying to do identd authentication or reverse
dns lookup which both times out?

Add a verbose deny rule (-o in ipfwadm) and see in the kernel.log which
packages get rejected).

Greetings
Bernd
-- 
  (OO)      -- Bernd_Eckenfels @
 Wittumstrasse13 .
 76646Bruchsal .
 de --
 ( .. )  ecki @
 {inka .
 de,linux.de,debian.org} http://home.pages.de/~eckes/
  o--o     *plush*  2048/93600EFD  eckes @
 irc  +4972573817  BE5-RIPE
(O____O)       If privacy is outlawed only Outlaws have privacy
References:
Indexed By Date Previous: FORTEZZA and Firewalls
From: Stan Wnuck <swnuck @ unixpros . com>
Next: Re: (fwd) What's the difference?
From: smith @ securecomputing . com (Rick Smith)
Indexed By Thread Previous: Re: ipfwadm and smtp connections
From: m* <mark @ novare . net>
Next: Re: Mainframe - SNA Security in the internet environment.
From: Kevin Bowman <kbowman @ garmin . com>
Google
 
Search Internet Search www.greatcircle.com