I was recently troubleshooting some SMTP and POP server problems
particularly dealing with firewall interaction. A client of ours was
hidden behind a firewall and was having some difficulty trying to use our
SMTP and POP servers. Now we have other clients behind other firewalls
which have absolutely no trouble using these services. However after some
debugging we determined that authentication requests were timing out on
port 113 (refer to rfc1413) at his firewall. So I disabled this request
needed by our POP server and set the timeout on our SMTP server to be much
less then the default 30 seconds defined by the sendmail 8.8.5 MTA.
Still it strikes me that this third party vendor firewall product is not
correctly configured to send these auth checks to the correct host inside
the firewall. Can anybody confirm this for me?
Not having a firewall background I do see conceptual problems in how
firewalls can return the auth request to the correct host - so how do
firewalls deal with the ident protocol?