Re: [exim] sender verify at verizon.net (sigh)

Top Page
Delete this message
Reply to this message
Author: Alan J. Flavell
Date:  
To: Exim users list
Subject: Re: [exim] sender verify at verizon.net (sigh)
On Tue, 22 Feb 2005, Kevin Smith wrote:

> Reducing rfc1413_query_timeout from 30s to 20s worked for me.


As a point of information, we do still have rfc1413_query_timeout
enabled[1], but we set the time down to 10s : for a while indeed I had
it at 7s, and that would IMHO probably be enough, but we finished on a
"round number". Seems to me that this is the kind of query that will
either respond promptly, or not at all - there is little point in
hanging around for a response (unless you deliberately want to delay
the caller, for some policy reason of your own).


[1] The question whether it serves any useful function nowadays could
be moot. I could mention two situations where it's beneficial:

a) U=CacheFlow Server (25 hits so far this week, 135 hits last week)
or U=squid are sure-fire indicators of an open proxy; we also added
U=proxy to that.

This is useful, but is now relatively rare (as you see from the
numbers)

b) when one is attacked from a multi-user system, it can be helpful to
the administrator of that system if one can provide an rfc1413 id.

But again, this happens only rarely nowadays, since multi-user systems
are increasingly blocked against making uncontrolled direct-to-MX
calls to the Internet.

best regards