A lot of people seem to be implying that rejecting inbound ident (instead of dropping it) will speed up the processing of mail transactions through the firewall. How is that? So what if the remote mail server pauses waiting for an ident connection that it never manages to make? How does closing the ident session with a reject speed things up for the firewall or for the outbound mail client? I'd appreciate any insight into this. Thanks, Steve -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Friday, August 11, 2000 3:58 AM To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: Re: [FW1] drop vs reject... There is at least one occasion when Reject is better - for the Ident service. In simple terms:- It appears to speed up some email systems because they 'expect' to see back some sort of response to an Ident query and a quick Reject will do just fine. (Previous posts detail more) Tim Higgins "Barry W. Kokotailo" <[EMAIL PROTECTED]> To: Slava Shubinsky <[EMAIL PROTECTED]> Sent by: cc: "'[EMAIL PROTECTED]'" [EMAIL PROTECTED] <[EMAIL PROTECTED]> kpoint.com Subject: Re: [FW1] drop vs reject... 10/08/00 21:16 Please respond to merlin Drop says drop the packet and say nothing to the the hacker. Reject says to drop the packet but tell something to the hacker. Preferred method is drop the packet. merlin Slava Shubinsky wrote: Could someone please explain the difference between drop and reject and when should each be used? Thanks! ============================================================================ ==== ���� To unsubscribe from this mailing list, please see the instructions at ������������� http://www.checkpoint.com/services/mailing.html ============================================================================ ==== -- Barry W. Kokotailo Senior Unix Systems Administrator 1-780-675-6399 PGP =� 71 71 96 A3 C0 C2 23 7A� 23 4E D4 04 8C E0 42 6B� B0 2D D1 A5 #********************************************************************** This message is intended solely for the use of the individual or organisation to whom it is addressed. It may contain privileged or confidential information. If you have received this message in error, please notify the originator immediately. If you are not the intended recipient, you should not use, copy, alter, or disclose the contents of this message. All information or opinions expressed in this message and/or any attachments are those of the author and are not necessarily those of Hughes Network Systems Limited, including its European subsidiaries and affiliates. Hughes Network Systems Limited, including its European subsidiaries and affiliates accepts no responsibility for loss or damage arising from its use, including damage from virus. #********************************************************************** ============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
