On Tue, 13 Jan 2015 20:12:11 +0000 Joe <j...@jretrading.com> wrote: > On Tue, 13 Jan 2015 14:27:42 -0500 > David Parker <dpar...@utica.edu> wrote: > > > Thanks for the replies. > > > > The system is not using tcpwrappers, and it's also not a DNS issue. > > The client PC does have a reverse DNS entry. A tcpdump packet > > capture on the server shows the initial connection from the client > > followed by a bunch of DNS traffic, all within the same second. > > Then nothing happens for exactly 5 seconds, then the server sends > > data back to the client. > > > > Just to be extra sure, I added an entry for it in /etc/hosts so DNS > > wouldn't even be needed. Still made no difference. > > > > Is it asking for an ident from the connecting server (TCP port 7)? > This is an old-fashioned custom, when computers with MTAs also ran > ident servers, which provided some fairly harmless information. > > Exim4 can certainly ask for an ident, and does nothing for a > configurable timeout unless one is received, or the sender address is > whitelisted. It is a simple anti-spam measure, as practically nothing > runs ident servers today, and most malware will give up before a > thirty-second timeout expires, whereas a legitimate MTA will wait > for that long. >
OK, where did the 7 come from? Should be port 113. I saw it just as the mouse button clicked... -- Joe -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20150113201613.0b84c...@jresid.jretrading.com
