Auteur: Jethro R Binks Date: À: Exim users list Sujet: Re: [Exim] Re: stmp protocol violation, synchronization error, input
sent
On Wed, 17 Mar 2004, Alan J. Flavell wrote:
> In the last case, it's been our experience that 7s is quite long
> enough to wait for a usable response. There's little or no point in
> waiting longer than about 10s, it seems to me.
I agree here. I set it to about 2s I think; on the basis that if I don't
get an answer in 2s, I probably don't care enough what the answer is going
to be to bother waiting any longer.
Someone else commented it is next to useless, and while that is largely
true, I echo Alan's other comment:
> If you find the ident response useful (and we have indeed found it
> useful from time to time, e.g to reject shoals of proxying attempts
> from misconfigured squids or cacheflow servers), then by all means
> have it enabled. It seems to have done us no harm, set at 7s.
I too catch some of these cacheflow/squids in the ACLs published to this
list in the distant past, based on this ident check. (OK there were only
4 yesterday, but every little helps. It has been higher previously, maybe
they are dying off now. But the rule is there to be reused when a new
type comes along). Perhaps increasing to 7 or 10s might produce more.