by saul » Fri, 27 Jul 2001 22:45:52
here is my pblm : when a user is connecting to my mail server (using telnet
port 110 or outlook for ex), it's waiting a long long time before allowing
auth and catching mails.
I think that xinetd or ipop3d makes a dns lookup before processing, instead
of just reading /etc/hosts.
How could I tell xinetd or ipop3d not to use DNS and just allow my mail
serer to walk normally (without having to wait for 30 seconds each time)
Thx a lot
by Dean Thompso » Fri, 27 Jul 2001 22:48:34
Hi!,
It is part of the xinetd process. Some people have reported success byQuote:> here is my pblm : when a user is connecting to my mail server (using telnet
> port 110 or outlook for ex), it's waiting a long long time before allowing
> auth and catching mails.
> I think that xinetd or ipop3d makes a dns lookup before processing, instead
> of just reading /etc/hosts.
> How could I tell xinetd or ipop3d not to use DNS and just allow my mail
> serer to walk normally (without having to wait for 30 seconds each time)
See ya
Dean Thompson
--
+____________________________+____________________________________________+
| Bach. Computing (Hons) | ICQ - 45191180 |
| PhD Student | Office - <Off-Campus> |
| School Comp.Sci & Soft.Eng | Phone - +61 3 9903 2787 (Gen. Office) |
| MONASH (Caulfield Campus) | Fax - +61 3 9903 1077 |
| Melbourne, Australia | |
+----------------------------+--------------------------------------------+
by saul » Sat, 28 Jul 2001 02:06:08
I already tried to : removing USERID, writing HOST, removing whole line,Quote:> > here is my pblm : when a user is connecting to my mail server (using
telnet
> > port 110 or outlook for ex), it's waiting a long long time before
allowing
> > auth and catching mails.
> It is part of the xinetd process. Some people have reported success by
> editing the "pop" definition files located in the directory /etc/xinetd.d.
I found an alternate solution : /etc/named.conf was not properly setup :Quote:> Once they load the pop files up, they remove all references to the USERID
> directive. Once you have saved the file, re-load the xinetd service and
see
> whether that improves your access times.
====> Jul 26 18:33:35 ns1 named[18897]:
unapproved query from [127.0.0.1].1525 for "25
4.11.168.192.in-addr.arpa"
Jul 26 18:34:08 ns1 ipop3d[19798]: pop3 service init from 192.168.11.254
Jul 26 18:34:08 ns1 ipop3d[19798]: Login user=william
host=skynet.blondeaux-etage.fsc-france.com [192.168.11.4] nmsgs=0/0
Jul 26 18:34:08 ns1 ipop3d[19798]: Logout user=william
host=skynet.blondeaux-etage.fsc-france.com [192.168.11.4] nmsgs=0 ndele=0
I allowed my PCs to make queries on "254-arpa-I-dont-know-what", but the
problem is that I'm not supposed to have a working dedicated DNS on the LAN.
There must be another solution to prevent ipop3d from querying a DNS, it
should just read /etc/hosts in fact.
I EVEN tried to use old inetd daemon, but the problem stays the same, so
it's ipop3d which has to be incriminated :)
I don't understand, cause it walked on my last installation (from a Mdk 7.2)
without changing a lot of security related params.
However, I hope this little alternative (allowing queries) will help some
other users here.
Cu
by Dean Thompso » Sat, 28 Jul 2001 09:10:29
Hi!,
Nope, when performing a reverse lookup, you will find that the /etc/hosts fileQuote:> I allowed my PCs to make queries on "254-arpa-I-dont-know-what", but the
> problem is that I'm not supposed to have a working dedicated DNS on the
> LAN. There must be another solution to prevent ipop3d from querying a DNS,
> it should just read /etc/hosts in fact.
Well, if you have a DNS within your own network, then I would use it.Quote:> I EVEN tried to use old inetd daemon, but the problem stays the same, so
> it's ipop3d which has to be incriminated :)
> I don't understand, cause it walked on my last installation (from a Mdk
> 7.2) without changing a lot of security related params.
> However, I hope this little alternative (allowing queries) will help some
> other users here.
See ya
Dean Thompson
--
+____________________________+____________________________________________+
| Bach. Computing (Hons) | ICQ - 45191180 |
| PhD Student | Office - <Off-Campus> |
| School Comp.Sci & Soft.Eng | Phone - +61 3 9903 2787 (Gen. Office) |
| MONASH (Caulfield Campus) | Fax - +61 3 9903 1077 |
| Melbourne, Australia | |
+----------------------------+--------------------------------------------+
1. xinetd/ipop3d: how do i turn off the dang logging?
Redhat 7.2, xinetd, ipop3d.
When a client connects to port 110 three lines are logged to the
maillog about his connection: init, login, and logout. I tried
to
redirect the logging to /var/log/pop.log but it creates the file,
leaves
it 0 byte, and continues loggin to maillog.
Below is xinetd.conf (and the included ipop3 file). How do I
stop
it from logging to syslog? How do I get it to log to my file?
defaults
{
instances = 60
log_type = SYSLOG authpriv
log_on_success = HOST PID
log_on_failure = HOST
cps = 25 30
includedir /etc/xinetd.d
##### from included file #####
service pop3
{
socket_type = stream
wait = no
user = root
server = /usr/sbin/ipop3d
only_from = 10.0.2.0
log_type = FILE /var/log/pop.log
log_on_success = PID HOST USERID EXIT DURATION
log_on_failure = HOST USERID ATTEMPT RECORD
4. USB keyboard and mouse giving me trouble
5. DNS - reverse lookup & timeout
6. NCR 53c710 Drivers. Anyone working on one?
7. IP Masquerade & DNS lookup failure
8. Banner pages on HP LasesrJets (using HP's JetDirect software)
9. qpopper & reverse DNS lookup
10. Problem with MMDF & DNS lookups
11. IP Masquerading & DNS Lookups
12. xinetd and reverse lookups
13. How did I solve this problem with ipop3d and reverse DNS?