I think that we understand that. Thus SMTP connections from MS servers, or
any other who do not run identd, will cause Exim to keep attempting for 30
seconds.
So since we do not have control of every network out there, we change our
Exim config to wait less time if it cannot connect to an identd server.
I happen to administer a linux/exim machine as well as several MS networks.
Thanks to your advice I have found that Microsoft's ISA server does include
an identd simulator and I now have it running on all of my MS netoworks.
None of us said it was Exim's fault. In fact in my case it is MS's fault for
not running the identd simulator by default.
I think it is great that Exim includes a config line to control the timeout
period.
Thank you again for your help.
Dave Doeppel
----- Original Message -----
From: "Phil Pennock" <Phil.Pennock@???>
To: "Dave Doeppel" <dave@???>
Cc: "Paulo Henrique Baptista de Oliveira" <baptista@???>;
<exim-users@???>
Sent: Monday, February 04, 2002 3:24 PM
Subject: Re: [Exim] Strange connection time
> On 2002-02-04 at 15:10 -0800, Dave Doeppel wrote:
> > The problem is some servers, especially MS servers, are not running an
> > identd server and thus the 30 second timeout.
>
> NO!
>
> Exim does _NOT_ time out if the remote side behaves correctly, and
> returns a RST packet when exim tries to open a connection to the auth
> port (TCP/113, aka 'ident').
>
> In TCP, a RST packet means "ReSeT -- this port is not open". In normal
> operation, that leads to a "Connection refused". Exim notes that
> there's no ident value and continues on.
>
> The _problem_ here is that someone is playing stupid games with their
> network and filtering packets required for operation.
>
> If you filter operational packets then expect operational problems.
>
> So there's no RST, so Exim keeps trying, and then gives up after 30
> seconds.
>
> So the server might have a broken network stack, or might be filtering
> RST packets (so effectively has a broken network stack), or someone
> inbetween might be filtering the packets.
>
> Don't blame Exim for requiring a working network when operating on the
> network. Exim does not _require_ ident. But if you set Exim up to
> _use_ ident, then you require a working network.
>
> How much clearer can this be made?
> --
> Three things are certain:
> Death, taxes, and lost data.
> Guess which has occurred.
>
> --
>
> ## List details at http://www.exim.org/mailman/listinfo/exim-users Exim
details at
http://www.exim.org/ ##
>