RE: [exim] RFC 1413 default on debian

Page principale
Supprimer ce message
Répondre à ce message
Auteur: David Brodbeck
Date:  
À: exim-users
Sujet: RE: [exim] RFC 1413 default on debian
> -----Original Message-----
> From: Marc Haber [mailto:mh+exim-users@zugschlus.de]


> On Wed, 16 Mar 2005 11:41:10 -0500, David Brodbeck
> <DavidB@???> wrote:
> >However, I have had problems with AOL sending mail to me
> with that 30 second
> >delay in there -- some of their mail servers simply won't
> wait that long.
> >30 seconds is also on the edge of what will cause callback
> verification to
> >fail. It might be a good idea to trim back the timeout a bit.
>
> It might be a good idea to be RFC compliant. So, if an ident request
> comes in, be nice and reject it, or answer it. Droping it without
> rejecting will grant you that nice delay, which is _your_ fault.
>
> Sheesh.


How is it my fault that AOL is blocking ident requests, then not waiting
long enough for them to time out?

I'm not saying that what they're doing is correct, I'm just saying that in
the real world, if you want to reliably receive mail, 30 seconds might be a
bit long for an RFC 1413 timeout.

This is 2005. People use packet filters. That's life. Even setting your
filter to reject can get you in trouble. If you configure a Linux ipchains
filter to reject, it sends an ICMP Port Unreachable packet instead of a
TCP/IP RST packet. Some versions of SunOS interpret this as a *host*
unreachable situation and just drop all connections to that host. Back when
I was using Linux for firewalling, it took me a while to figure *that* one
out. One system was completely unable to send me mail, because every time
it tried to do the ident lookup, it'd get a Port Unreachable packet and drop
the SMTP connection.