From owner-freebsd-questions@FreeBSD.ORG  Tue Jun 10 04:08:46 2008
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 26E911065671
	for <freebsd-questions@freebsd.org>;
	Tue, 10 Jun 2008 04:08:46 +0000 (UTC)
	(envelope-from jeffrey@goldmark.org)
Received: from out1.smtp.messagingengine.com (out1.smtp.messagingengine.com
	[66.111.4.25]) by mx1.freebsd.org (Postfix) with ESMTP id E93D18FC1D
	for <freebsd-questions@freebsd.org>;
	Tue, 10 Jun 2008 04:08:45 +0000 (UTC)
	(envelope-from jeffrey@goldmark.org)
Received: from compute2.internal (compute2.internal [10.202.2.42])
	by out1.messagingengine.com (Postfix) with ESMTP id 40631111BD0;
	Tue, 10 Jun 2008 00:08:45 -0400 (EDT)
Received: from heartbeat1.messagingengine.com ([10.202.2.160])
	by compute2.internal (MEProxy); Tue, 10 Jun 2008 00:08:45 -0400
X-Sasl-enc: Z5upst6rTKzakbz9qZs1r9+P1pyXIvrqr4BcCi5uM9fI 1213070924
Received: from hagrid.ewd.goldmark.org (n114.ewd.goldmark.org [72.64.118.114])
	by mail.messagingengine.com (Postfix) with ESMTPSA id C0FD5D09E;
	Tue, 10 Jun 2008 00:08:44 -0400 (EDT)
Message-Id: <9145C6E6-4C2F-4DA3-B953-4A91DC4C476B@goldmark.org>
From: Jeffrey Goldberg <jeffrey@goldmark.org>
To: Jake Evans <jakeevans@ircds.com>
In-Reply-To: <20080609205426.N23640@awww.jeah.net>
Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes
Content-Transfer-Encoding: 7bit
Mime-Version: 1.0 (Apple Message framework v924)
Date: Mon, 9 Jun 2008 23:08:43 -0500
References: <20080609205426.N23640@awww.jeah.net>
X-Mailer: Apple Mail (2.924)
Cc: freebsd-questions@freebsd.org
Subject: Re: no reverse DNS causing connectivity problems
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 10 Jun 2008 04:08:46 -0000

[mailed and posted]

On Jun 9, 2008, at 8:57 PM, Jake Evans wrote:

> I've had a few people complain that when they telnet/ssh/ftp/web to  
> our server, it's slow... I've traced the problem to them having no  
> reverse on their IPs.

You should configure your servers to not do the reverse lookup.  Not  
resolving is certainly the default for Apache.  For sshd, set UseDNS  
to "no" in /etc/ssh/sshd_config.  As for telnet and ftp, I don't know  
where that might be configured.

Of course I don't know your needs and situation, but some people might  
consider it a reasonable policy to disallow ssh and telnet (and  
certainly mail) from hosts that don't have proper PTR records.

-j


-- 
Jeffrey Goldberg                        http://www.goldmark.org/jeff/