I'm going to repeat my whole answer because I forgot part of it and
messages sometimes come in out of order.
Although disabling IDENT when you build your sendmail is probably a
good idea because it will also cause delays, your main problem is with
sun's broken libresolv.a. Build a new libresolv.a from the bind 4.9.X
distribution and statically link it in to your sendmail 8.6.4 and your
problems will go away. DO NOT link anything from the bind distribution
in to your normal sun software -- in particular, producing a new
shared libc from the bind sources is BAD BAD BAD. This is because the
braindamaged sun versions of the berkeley "r"commands expect
libresolv.a to do some of their security checks for them! Really
stupid, but it means that you have to use the broken sun libresolv for
anything else. Sendmail, being nice clean fresh software, can be
linked in with a working libresolv and should zoom on connections
after you fix this.
If you have a version of the sun libresolv.a that is experiencing this
problem, your named is also likely broken and not caching properly --
replacing it with the named in the bind distribution will also make
your life a whole lot better -- your sendmails will suddenly grind a
whole lot less if you are delivering lots of mail because DNS lookups
will speed up dramatically.
Sun reportedly has patches out for these problems, but having fixed
them on my own before getting the patches I have not seen whether they
actually work as advertised.
Perry
Your message was:
Alastair Young says:
> I just upgraded our gateway email system to sendmail 8.6.4 and encountered
> a 30 second delay in making connections to the system. This appears to be
> caused by it waiting 30 secondes for an IDENT response from the connecting
> system. The IDENT query fails because our mail server is set between two
> packet filters which are killing the IDENT packets. This also explains the
> slow connectivity I have seen connecting to some other sites. I would like
> to open up the IDENT port (113/tcp) for use to our mail gateway to speed up
> throughput. Any problems with this? Any holes in IDENT on SunOS 4.1.3? What
> sort of information does it expose?
>
> Al
>
> ---------------------------------------------------------------------------
> Alastair Young _ Ariel NH
> Cadence Design Systems, Information Services )/___ _ Red Hunter
> 555 River Oaks Parkway, 4B1 __/(___)_*##/c
> San Jose CA 95134 Fax: (408)894-3487 / /\\|| \ / \ Brakes'n'lites
> alastair @
cadence .
com (408)428-5278 \__/ ----'\__/ novel eh?
> ---------------------------------------------------------------------------
> These statements and opinions are mine, not those of Cadence Design Systems
>
Follow-Ups:
References:
|
|
