Dial-up Internet link constantly online

You should enforce limits upon the usage of expensive Internet dial-up links to protect yourself of high bills. The limits can be configured in the DEFENDO menu "Monitoring -> Dial-up". For various reasons the link can be kept online. A choice of common causes:

If the source is a workstation or server from your LAN, there might be some piece of software which tries to register or update itself. Disable this feature or reconfigure the software to use one of DEFENDO's proxies for its Internet connections. If this is not possible you will have adjust DEFENDO's firewall policy in order to accept direct Internet connections for this software.

Current Windows releases use DNS to manage domain information. The DNS log might reveal attempts to lookup information of the internal windows domains in the Internet. This is usually caused by a misconfigured workstation or server.

In the log you will find lots of DNS requests originating from 127.0.0.1. If these are of type "PTR" the cause is a DEFENDO service which performs reverse lookup on its clients' IPs. In older DEFENDO releases the POP3/IMAP4 server triggered most of these. If the reverse lookup is not answered by the local DNS but forwareded to Internet name servers, this explains the frequent dial-up connections as well as delays connecting to DEFENDO's POP3/IMAP4 server. Please refer to ">Configuration checklist" for further information upon this issue.

Note: The DNS log does not indicate if the reverse lookup has been answered locally or forwareded to Internet name servers. All requests are logged in the same way.

Usually the majority of the type "A" requests originating from 127.0.0.1 are caused by DEFENDO's web proxy. Consider its log to find out which client sent the corresponding requests. If DEFENDO polls a POP server for new mails then for each poll you will find a DNS request for the POP server in the log. The same applies for each outbound email sent through the relay server of your provider.

You will find "MX" requests from 127.0.0.1 only if outbound email is sent directly towards the recipient and not through a relay server. With expensive dial-up lines you should consider to use the relay server of your Internet access provider in order to save money.

The SMTP protocol is used to transmit emails. This protocol was not designed with mass data transport in mind. Sending files by mail doesn't make sense if the total size is more than just a few megabyte. Many Internet mail servers won't accept emails with more than e.g. 5 or 10 MB anyway. Some servers even cut off the connection if the transmition takes longer than e.g. 30 minutes. So please save money and try not to bother others by always compressing attachments, splitting larger files into multiple emails and using protocols suitable for big files (e.g. FTP).

DEFENDO's web proxy can be configured to forward requests through the proxy of your provider. If this proxy is not available any longer it can keep the dial-up line online. The log might contain repeating "TCP connection to ... failed" messages. Please remove the provider proxy in DEFENDO's web proxy setup or contact your provider.