Date: Fri, 02 Apr 2010 14:13:08 -0400 From: Lowell Gilbert <freebsd-questions-local@be-well.ilk.org> To: Matthew Seaman <m.seaman@infracaninophile.co.uk> Cc: freebsd-questions@freebsd.org, David Allen <the.real.david.allen@gmail.com> Subject: Re: Sendmail Five Second Greeting Delay Message-ID: <44iq89lo3v.fsf@be-well.ilk.org> In-Reply-To: <4BB62E5D.5030400@infracaninophile.co.uk> (Matthew Seaman's message of "Fri, 02 Apr 2010 18:50:21 %2B0100") References: <201004011751.27767.npapke@acm.org> <4BB58AC2.50009@infracaninophile.co.uk> <p2y2daa8b4e1004020533u16d3c5a5hc48eb7ec4ceea7b8@mail.gmail.com> <4BB62E5D.5030400@infracaninophile.co.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
Matthew Seaman <m.seaman@infracaninophile.co.uk> writes: > Ident queries like this will cause a delay if the other side doesn't > respond respond to the ident query. That's typical behaviour for most > machines that run firewalls nowadays. Given that ident is broken as > designed (see rant in other post) turning it off is a good idea in my book. I consider it polite for firewalls to actively refuse to open the connection (TCP reset) rather than just dropping the request, though. There's really no downside to doing so. -- Lowell Gilbert, embedded/networking software engineer, Boston area http://be-well.ilk.org/~lowell/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?44iq89lo3v.fsf>