Leonardo Boselli wrote:
> Odhiambo G Washingto wrote:
>> rfc1413_hosts = *
>> rfc1413_query_timeout = 10s
>> Those are the values in my file, but there is actually no harm in
>> commenting them out and giving Exim daemon a HUP.
>> That is where my suspicion is.
> Me too. it is likely the complaining person has on hist machine an
> ill-configured firewall !
> Exim by default tries an auth call to the client, if it repliues then
uses
> it, if don't just ignore. If the firewall intercept and drops the
packet,
> the exim server has no way to know if the packet is delayed or refused
so
> it has to wait for timeout.
IMHO the firewall /is/ properly configured when it silently drops the
auth packet. (They are evil, you know. <g>) Apart from that, a Windows
system doesn't know about ident anyway.
As we cannot reach each and every client out there we must make sure
exim doesn't use ident calls at all. May I suggest that rfc1413 queries
are disabled by default? They usually don't carry useful information
anyway. If an admin feels the urge to use ident calls, he/she should
enable them explicitly.
(FWIW I have a dummy identd running here just to appease other nosey
servers, but I'd prefer not having to use that at all)
--
Ben
