I'm seeing a strange interaction between netscape, tcpserver and
identd lookups.
I finally got around to running qmail-smtpd from tcpserver on Monday
night.
Details:
Operating system = Solaris 2.5.1
Qmail version = 1.03 (no patches)
daemontools = 0.53 (no patches)
uscpi-tcp = 0.84 (no patches)
Relevant portions of startup script:
USER=qmaild
GROUP=nofiles
CLIMIT=40
TCPRULES=/var/qmail/etc/run/smtpd/rules
PORT=smtp
QMAILBIN=/var/qmail/bin
LOG=/var/log/smtpd
SVCDIR=/var/qmail/etc/run/smtpd
# Logging, no identd lookups, tcprules
CMD="tcpserver -u $USER -g $GROUP -c $CLIMIT -v -R -x ${TCPRULES}.cdb \
0 $PORT $QMAILBIN/qmail-smtpd 2>&1 \
| accustamp \
| cyclog -s 1000000 $LOG"
# The eval is required to ensure any redirection is handled
# correctly. If not then bizarre results can be expected.
eval "env - PATH=$PATH supervise -r $SVCDIR $CMD &"
Contents of /var/qmail/etc/run/rules:
#
# Tcprules file for incoming SMTP connections
#
# Allow the localhost to relay
127.:allow,RELAYCLIENT=""
# Allow tansu machines to relay
149.135.:allow,RELAYCLIENT=""
# Allow all other machines to connect, but do not allow relaying
:allow
cdb file confirms this:
cdbdump < /var/qmail/etc/run/smtpd/rules.cdb | cat -vet
+4,14:127.->+RELAYCLIENT=^@$
+8,14:149.135.->+RELAYCLIENT=^@$
+0,0:->$
On Tuesday morning, my users began to complain that after sending mail
via netscape 4.05 (Sparc Solaris version), their netscape would crash.
The mail is successfully received by qmail-smtpd, queued and
delivered.
This wasn't a problem when I was running qmail-smtpd from inetd:
Old inetd.conf entry:
/var/qmail/bitream tcp nowait qmaild /pkgs/bin/tcpd
/var/qmail/bin/tcp-env /var/qmail/bin/qmail-smtpd
Old /etc/hosts.allow entry:
tcp-env: ALL : ALLOW
The only difference I can see is that tcp-env performs identd lookups
whereas I'm telling tcpserver NOT to perform these lookups.
Sure enough, when I remove the -R argument to tcpserver, netscape is
happy. This does not happen with netscape 4.5 (Sparc Solaris version).
I can't even understand WHY netscape is unhappy because it isn't even
seeing the identd request.
Any ideas?
My work around is to enable identd and then ensure all relevant users
are running Netscape 4.5 instead of 4.05. Once everyone is on 4.5 (or
above) I'll disable identd lookups.
Regards
Peter
----------
Peter Samuel [EMAIL PROTECTED]
Technical Consultant or at present:
eServ. Pty Ltd [EMAIL PROTECTED]
Phone: +61 2 9206 3410 Fax: +61 2 9281 1301
"If you kill all your unhappy customers, you'll only have happy ones left"
