If you aren't interested in identd at all, how about adding this on the server to block it before it even gets out (a new piece of code to fight with the original inentd code:). As a bonus (?), you will not be able to reply to a connection originating from the ident port (ssh??): ipchains -A output --protocol tcp --dport auth -j REJECT identd should give up on the query when it receives destination not reachable. If that didn't work, then this really shouldn't work: ipchains -A output --protocol tcp --dport auth -j REDIRECT 7 This does not resolve any DNS problems. &:-) On Mar 16 at 12:02, Nix said (in part):
Does anyone know of a way to stop popper from doing ident and reverse dns lookups everytime someone connects? I can't seem to find any info on how to do it in the usual places. It takes insufferably long to connect to pop3 on a server I have just built. For ident I have configured my firewall to reject instead of drop, (it's a FW-1 box) but it doesn't seem to speed up connections any. I some instances the connections are coming through up to 5 firewalls, some NATed, some private addresses, and some public. (also via IPsec connections) Obviously not all of these addresses have reverse dns set, So I think that is the problem.
(it may not be.. is there any other known reason for popper to be VERY slow to connect?)
-- This was joke number 48