Just for the sake of completeness, this wasn't actually an issue with the
GreetPause option or anything else in the access file.  The problem was
that sendmail was attempting an IDENT query to the client, with a 5-second
timeout.  The access file wasn't even checked until after the timeout
expired.  In retrospect, I guess it makes sense because I was testing this
by connecting with openssl, which is just looking for the SSL/TLS info at
the beginning of the connection, and doesn't need to wait for the
greeting.  The GreetPause values work as expected for actual client
connections on port 25, 465, or 587.

Thanks!

On Tue, Jan 13, 2015 at 3:27 PM, David Parker <dpar...@utica.edu> wrote:

> Thanks, but it looks like the IDENT setting was the culprit.  I just had
> to change this setting in sendmail.cf:
>
>     O Timeout.ident=5s
>
> Changing it from 5s to 0s resolved the problem immediately.  Thanks again,
> everyone!
>
> On Tue, Jan 13, 2015 at 3:07 PM, Jonathan Siegle <jsie...@psu.edu> wrote:
>
>> On 2015-01-13 at 12:38, David Parker wrote:
>>
>>  Hello,
>>>
>>> My /etc/mail/access file is pasted below.  The PC I'm testing from is on
>>> the 10.x.x.x network, which should be allowed to
>>> connect with no delay.  I have also tried setting the default GreetPause
>>> to "0" but it still made no difference.
>>>
>>> ########################################
>>> Connect:localhost RELAY
>>> GreetPause:localhost 0
>>> ClientRate:localhost 0
>>> ClientConn:localhost 0
>>> Connect:127 RELAY
>>> GreetPause:127 0
>>> ClientRate:127 0
>>> ClientConn:127 0
>>> Connect:IPv6:::1 RELAY
>>> GreetPause:IPv6:::1 0
>>> ClientRate:IPv6:::1 0
>>> ClientConn:IPv6:::1 0
>>> Connect:10 RELAY
>>> GreetPause:10 0
>>> ClientRate:10 0
>>> ClientConn:10 0
>>>
>>
>>
>> Dave,
>>         I'm struggling with a reference beyond my own work. Please try
>> putting a second and maybe a third octet on your GreetPause: 10 line. Also,
>> please verify you are issuing a kill -HUP on sendmail. We never got
>> sendmail greetpause to work with a single octet. Normally we do 3 octets
>> for all the RFC1918 addresses we use.
>>
>> -Jonathan
>
>
>
>
> --
> Dave Parker
> Systems Administrator
> Utica College
> Integrated Information Technology Services
> (315) 792-3229
> Registered Linux User #408177
>



-- 
Dave Parker
Systems Administrator
Utica College
Integrated Information Technology Services
(315) 792-3229
Registered Linux User #408177

Reply via email to