Autor: Phil Pennock Datum: To: Dave CC: exim-users Betreff: Re: [Exim] Re: Strange connection time
> At 02:14 PM 2/3/2002 -0800, Dave wrote: > >I have checked from other connections not behind ISA and the server
> >responds immediately.
> >
> >I am not running identd at this point.
identd runs on the remote system. The rfc1413_query_timeout option
determines whether or not Exim tries to connect to the Auth service on
the remote system. Typically identd provides the Auth service.
Exim _does_ behave correctly if it receives a ReSeT when trying to make
the back connection, which it should always get. You're filtering out
too many packets which are _needed_ for basic Internet interoperability.
See if you can find an option to let the ISA server return a RST for
connection-open attempts on TCP port 113.
On 2002-02-03 at 14:43 -0800, Dave wrote: > So I am left with trying to get this to work with the POP server. If anyone
> can tell me
> how I can do the same with ipop3d I would appreciate it.
exim-users is for users of Exim. ipop3d is not part of Exim.
Ultimately, if you can't find a way to configure it as part of the POP3
server, if you don't want _any_ auth stuff to work, then you could hack
it by setting up packet-filtering on outbound TCP/113 connections, to
return RST immediately. But that's disgusting.
Uhm, being bored (despite this being the wrong place to ask), I just had
a look. It looks as though ipop3d is designed to run out of inetd, not
as a standalone daemon. I couldn't immediately see anything which
suggests that ipop3d does _any_ auth lookups. I suggest looking at your
inetd/xinetd/whatever configuration; if you're TCP-Wrapping the service,
then see what's in hosts.allow (and hosts.deny if that exists). Because
I don't _think_, from a four-minute inspection, that it's an ipop3d
issue. But as I say, I haven't looked hard/long.
--
Of course I'm right, I'm the operator.
I'm not only right, I'm wrong if I want to be as well. -- The Canonical BOFH