Autor: Darren Austin Data: Para: exim-users Asunto: Re: [Exim] SMTP timeout while connected to <host>
On Tue, 22 May 2001, Tabor J. Wells wrote: >
> Well the greeting is a necessary part of the SMTP session per RFC 2821. If
> you think about it, a mail server shouldn't try to send mail to another
> until it is told it is ok to do so. The server may be too busy to handle
> mail, or be having some other problem which would mean that you have no
> guarantee that the mail was properly passed off to it.
I see your point here. I hadn't checked the RFC's regarding the requirement
of a SMTP server to send a greeting, so I wasn't sure if this was expected
behaviour or not - hence my question about wether Exim should timeout if no
greeting is recieved, or give it a go anyway.
> If you have a firewall in front of your mail server, check your firewall
> logs to see what traffic you are receiving from grex or the network it's
> on. Perhaps you are being a bit too agressive in your filtering.
You were right on this, there was a problem in the firewall but it wasn't the
filtering being too agressive - quite the opporsit infact.
The firewall was configured to REJECT any ident packets which was causing the
initial greeting to disappear (It never showed at all for me), but when I
dropped the firewall, the greeting appeared instantly as it did in your test.
The strange thing of this situation is that when I re-instated the firewall
with a DENY policy for ident packets, the greeting appeared after 20 or 30
seconds - after the timeout for the ident lookup.
This strikes me as kind of odd because the REJECT should tell the remote host
that the packet was denied rather than just ignoring it like DENY does. I
thaught this would have ment the other end would give up on an ident answer
and carry on with the processing..
I've now configured to DENY the ident's rather than reject, and the problem
seams to have gone - still it's mighty strange.