Bill Sommerfeld <sommerfeld@orchard.arlington.ma.us> wrote:
> Chances are you're running into the remote SMTP server attempting to
> connect to your ident port (for no particularly good reason, but I
> digress); you're blackholing the inbound SYNs, so the remote server
> waits for the connection to time out before proceeding.

Good call!  I have allowed outside packets to the ident tcp port 113
on the gateway computer to reach it, by adding the following line to
my ipf.conf configuration:

pass in quick proto tcp from any to any port = 113 keep state group 101

Even though I am not running ident on the gateway computer, allowing
ident packets to reach the gateway computer, eliminated that 30-60 delay
on SMTP connections to my NetBSD sendmail server.  :-)

Okay, so the mystery of the SMTP delay has been solved.  However, I was
wondering, why is my sendmail server, which came from and is running on
a NetBSD 1.4.1 ix86 distribution, generating these ident requests?  And
is there any way to turn this off?  (I can't find any mention of this my
the sendmail.cf configuration file, or in the man pages.)

Thanks again, and thanks in advance.  Sincerely, Alicia.