Client connection to ipop3d deamon takes 30 seconds to complete!

I have Postfix installed on my Linux box and ipop3d as my post office prog. xinetd handles the pop3 connection. When my clients connect to check their mail, they connect, but then it takes 30 seconds to get their mail and disconnect. I am not talking download time here. I am talking negotiation/connection time. It appears that xinetd is holding up the connection for some reason.

All the clients are on a LAN and on the same subnet as the main server (different IP than the clients but on same subnet).

The IP for the clients are explicitly allowed in /etc/hosts and in the pop3 config in xinetd. The connection works, but it takes too long!

I have tried it with Shorewall off and on and that doesn't affect anything. Can anyone shed some light on why the connection/negotiation is taking this long?

Thanks in advance!

i've had this problem before. your mail server is probably being NATted by a firewall/router. ident requests are being stealthed by the router and are taking this long to timeout. i have set my firewalls to send a tcp reset to anything that comes in on port 113 (the ident port) it is important that you don't simply drop the port 113 packets and that they are actually sent a tcp reset.

hope this helps,
ob

I am using Shorewall as my Firewall. What rule/config do I need to look for?

Thanks in advance!

(from https://www.redhat.com/archives/guinness-list/2001-July/msg00015.html)

"In /etc/xinetd.d/ipop3, try commenting out the lines for log_on_success
and log_on_failure. Currently they are set to log 'USERID'."

After doing this, you'll need to restart xinetd:

That did it. Thanks a million.