On Tue, 13 Jan 2015 14:27:42 -0500 David Parker <dpar...@utica.edu> wrote:
> Thanks for the replies. > > The system is not using tcpwrappers, and it's also not a DNS issue. > The client PC does have a reverse DNS entry. A tcpdump packet > capture on the server shows the initial connection from the client > followed by a bunch of DNS traffic, all within the same second. Then > nothing happens for exactly 5 seconds, then the server sends data > back to the client. > > Just to be extra sure, I added an entry for it in /etc/hosts so DNS > wouldn't even be needed. Still made no difference. > Is it asking for an ident from the connecting server (TCP port 7)? This is an old-fashioned custom, when computers with MTAs also ran ident servers, which provided some fairly harmless information. Exim4 can certainly ask for an ident, and does nothing for a configurable timeout unless one is received, or the sender address is whitelisted. It is a simple anti-spam measure, as practically nothing runs ident servers today, and most malware will give up before a thirty-second timeout expires, whereas a legitimate MTA will wait for that long. -- Joe -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20150113201211.68976...@jresid.jretrading.com