my smtp server is very slow to accept connections today

[Les Mikesell]

On Thu, 2006-04-06 at 18:43, Don Russell wrote:

> I've been using this address range for years, and never noticed any 
> problems. Just recently I notice it takes a long time to get a response 
> when connecting from 10.10.10.253 to 10.10.10.250 using ssh.
> 
> Telnet 10.10.10.250 25 (smtp) from 10.10.10.253 takes a very long time 
> (a minute or more sometimes) to get a response... My Thunderbird mail 
> clients time out trying to send mail to 10.10.10.250 when last week they 
> had no problems at all.
> 
> I also tried telnet from "outside" and it takes a while for a response 
> too... it used to be much quicker...
> 
> If you're curious... try telnet drussell dnsalias com 25 (with dots in 
> all the right places) and see how long it takes for you to get a response...
> 
> Maybe you're right... maybe my ISP was providing the necessary lookups 
> and now that's broken on their end...

I got a connection immediately - the response close to a minute
later.  Do you perhaps have 2 nameservers listed in your
resolv.conf with the 1 one not responding?

> > The other thing that happens during a connection is that
> > sendmail will try an IDENT query on the socket to identify
> > the user if the other end is unix-like.  Normally you get
> > a quick ICMP response if nothing is listening on port 113
> > at the other end, but if you have a firewall configured to
> > silently drop packets you'll have to wait for the timeout,
> > probably 30 seconds. 
> > 
> > 
> 
> And does the ssh server do that sort of thing too?

I don't think it tries IDENT, but it will do the reverse
dns to log the hostname from the inbound connection.

-- 
  Les Mikesell
   lesmikesell at gmail.com