Just for the sake of completeness, this wasn't actually an issue with the GreetPause option or anything else in the access file. The problem was that sendmail was attempting an IDENT query to the client, with a 5-second timeout. The access file wasn't even checked until after the timeout expired. In retrospect, I guess it makes sense because I was testing this by connecting with openssl, which is just looking for the SSL/TLS info at the beginning of the connection, and doesn't need to wait for the greeting. The GreetPause values work as expected for actual client connections on port 25, 465, or 587.
Thanks! On Tue, Jan 13, 2015 at 3:27 PM, David Parker <dpar...@utica.edu> wrote: > Thanks, but it looks like the IDENT setting was the culprit. I just had > to change this setting in sendmail.cf: > > O Timeout.ident=5s > > Changing it from 5s to 0s resolved the problem immediately. Thanks again, > everyone! > > On Tue, Jan 13, 2015 at 3:07 PM, Jonathan Siegle <jsie...@psu.edu> wrote: > >> On 2015-01-13 at 12:38, David Parker wrote: >> >> Hello, >>> >>> My /etc/mail/access file is pasted below. The PC I'm testing from is on >>> the 10.x.x.x network, which should be allowed to >>> connect with no delay. I have also tried setting the default GreetPause >>> to "0" but it still made no difference. >>> >>> ######################################## >>> Connect:localhost RELAY >>> GreetPause:localhost 0 >>> ClientRate:localhost 0 >>> ClientConn:localhost 0 >>> Connect:127 RELAY >>> GreetPause:127 0 >>> ClientRate:127 0 >>> ClientConn:127 0 >>> Connect:IPv6:::1 RELAY >>> GreetPause:IPv6:::1 0 >>> ClientRate:IPv6:::1 0 >>> ClientConn:IPv6:::1 0 >>> Connect:10 RELAY >>> GreetPause:10 0 >>> ClientRate:10 0 >>> ClientConn:10 0 >>> >> >> >> Dave, >> I'm struggling with a reference beyond my own work. Please try >> putting a second and maybe a third octet on your GreetPause: 10 line. Also, >> please verify you are issuing a kill -HUP on sendmail. We never got >> sendmail greetpause to work with a single octet. Normally we do 3 octets >> for all the RFC1918 addresses we use. >> >> -Jonathan > > > > > -- > Dave Parker > Systems Administrator > Utica College > Integrated Information Technology Services > (315) 792-3229 > Registered Linux User #408177 > -- Dave Parker Systems Administrator Utica College Integrated Information Technology Services (315) 792-3229 Registered Linux User #408177
