[Raw Msg Headers][Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: smtpserver aborts
(In Finland we have the time of the year to fill in IRS forms,
my mind is not very well on programming right now..)
> On Mon, 30 Jan 1995, Matti Aarnio wrote:
>
> > One case is with BROKEN UCX (?) which considered a case
> > of not having IDENT service on a VMS as a valid reason to
> > tear down ALL connections in between the remote server,
> > and the VMS machine... One choice o that is not to use "-a"
> > option on the SMTPOPTIONS -line of the /etc/zmailer.conf ..
> Yes indeed, this at least seems to be true in all the problem cases
> I have encountered so far:
[Some re-arrangements ahead]
...
> I'd hate to have to turn off authentication...
>
> Is there a way that smtpserver can use a separate stream for IDENT
> which will not tear down the existing smtp connection, and if the
> remote host or firewall does not support IDENT, just proceed as
> usual?
> Or is the IDENT query fatal enough that the whole connection
> gets ripped out by the #alls?
The lookup happens BEFORE the logging of the first line
("connect from UNKNOWN@....") into the logfile. That is
how it becomes "UNKNOWN@.."..
On SOME machines receiving a connection to a TCP-port, which
does not have a bound service, does cause (instead of
"connection refused") tear-down of all connections in between
that host, and host trying to connect to it.
(But apparently that is not the case in here.)
I have also heard of IP-firewalls which did cut the line,
when they got probed by the IDENT. When their managers
learned about IDENT, they changed the policy..
(They wanted to use ftp.funet.fi :-) )
> # telnet inti.pci.on.ca ident
> telnet: Unable to connect to remote host: Host is unreachable
> # telnet dxmint.cern.ch ident
> telnet: Unable to connect to remote host: Host is unreachable
> # telnet fsm-1.pica.army.mil ident
> telnet: Unable to connect to remote host: Host is unreachable
> # telnet MORSE.NORCEN.COM ident
> telnet: Unable to connect to remote host: Host is unreachable
These look like the routers in there are configured to
respond "host unreachable", when they filter something,
and choose to drop it to the "floor"..
> --
> James S. MacKinnon Office: P-139 Avahd-Bhatia Physics Lab
> Computing/Networking Voice : (403) 492-8226
> Department of Physics
> University of Alberta email : Jim.MacKinnon@Phys.UAlberta.CA
> Edmonton, Canada T6G 2N5 : jmack@Phys.UAlberta.CA