Συντάκτης: Willie Viljoen Ημερομηνία: Προς: John Meyer, exim-users Αντικείμενο: Re: [Exim] Slow connection (was: Hi Everybody)
----- Original Message -----
From: "John Meyer" <jmeyer@???>
To: <exim-users@???>
Sent: Friday, November 21, 2003 7:21 PM
Subject: [Exim] Hi Everybody
> *This message was transferred with a trial version of CommuniGate(tm) Pro*
Dump that, if it tampers with message bodies it is breaking a few standards,
if you want to scan for virii, use amavis instead, or CVSup a new ports tree
and upgrade your Exim to 4.24, the FreeBSD port includes direct virus/spam
scanning patches, amavis is also in ports at
/usr/ports/security/amavisd-new. You can do anything that can do with better
free software :)
> I have a firewall running Freebsd 4.6 and exim 3.3 - no problem there.
> Behind it I have 26 other servers running freebsd 4.7 or 4.8. My problem
> is that I have to run sendmail on the servers behind the firewall due to
> slow telnet speeds to them. Some mail does however get through, but not
> all. Telnetting to sendmail is almost instantaneous, but exim (which I
> prefer is very slow.) All servers has exim 4.12. Any suggestions as to
> what can cause this.
This is most likely a problem with Exim trying to reverse resolve the
addresses, or trying to do an ident (auth) lookup as described in RFC 1413.
The problem with those is that most firewalls block them now, even though
they would do better sending a TCP reset to immediately allow the other side
to continue. Mail and FTP servers now wait out a long timeout for the lookup
to fail.
If configured to do this lookup, Exim will not send its banner until the
lookup succeeds, or is confirmed to have failed. After the long timeout,
some servers might hang up thinking your server is dead in the water. It
could also be a strange DNS issue, but that is unlikely.
Try adding these lines to the main configuration area in
/usr/local/etc/exim/configure
rfc1413_hosts =
rfc1413_query_timeout = 0s
That disables ident lookups completely. They are generally more trouble than
they are worth, and are only helpful for tracing remote users. Most sites
don't run identd anymore though. If that doesn't help, try this:
host_lookup =
That should disable trying to do reverse DNS for connecting hosts. Bear in
mind there are some consiquences to this. As I said, it's more likely to be
the RFC 1413 lookup problem.