identd, Hummm, this seem the most plausible reason thus far.  Do you know   
of an option to stop this?  Our MIS would rather die that to open a hole,   
for packet, at a specific port.

Also, this doesn't explain why if I do a `telnet beta 25` on beta, I   
still get an immediate connection, beta has ident remarked out.  Does   
sendmail ignore local connections?

As for DNS, no, no, no, it isn't the DNS, I've tried DNS forward and   
reverse lookup with no problems.  FTP does a reverse DNS lookup and works   
fine.

jam

 ----------
From:  laine
Sent:  Saturday, August 24, 1996 7:48 AM
To:  JohnAM
Subject:  Re: More info: NetBSD 1.1 and sendmail, why is it so slow

You need to let the identd protocol through your firewall. sendmail
tries to connect back to the identd on the calling machine to verify the
name of the user sending the mail.

identd is tcp protocol 113.


On Fri, 23 Aug 1996 20:34:00 GMT, you wrote:


>Our network is split by a Firewall.  The machine in question (beta) is   
    

>outside of the Firewall.

>I connected to several other machines, outside of out Firewall, and
>telneted back to beta and got connected instantly.

>So,  all machines behind the Firewall connecting to beta, are having to   
    

>wait 20 - 30 seconds for a connection.

>All machines outside the Firewall connecting to beta, are getting
>connected instantly.

>When I watch beta's processes via ps -maux, I see that sendmail is
>hanging in startup mode for 20-30 sec. before going into server mode,
>accounting for the delay, with machines inside the Firewall.  Machines   
    

>outside the Firewall put sendmail immediately into server mode.

>So does sendmail, some how, try to verify the connection to the DNS
>lookup?

>BTW, I've already checked DNS problems, nslookup is okay.

>jam