[1216] in bugtraq
bug-testing identd NOT available here
daemon@ATHENA.MIT.EDU (*Hobbit*)
Thu Mar 9 18:46:36 1995
Date: Thu, 9 Mar 1995 17:12:19 -0500
From: *Hobbit* <hobbit@avian.org>
To: bugtraq@fc.net
I have been forced to remove the sendmail-bug-tickling ident daemon I've
been running here as a testing service. Apologies to those who were still
using it to test their mailers and other identd-aware things.
Essentially unmodified source for the program is available at avian.org in
/src/hacks/ident.c if you would like to set up your own testing service. It is
very simple and designed to run under inetd. Please do not use it for
malicious purposes.
Despite its being a clearly non-malicious test, the administrators of a couple
of sites complained loudly both myself AND my provider, threatening legal
action if the daemon was left in place. If you are curious as to who, RTFS.
For protection of all concerned I have removed the daemon from active duty.
That aside, it could be argued that the daemon was appropriate at the time
of its creation but as more sites deploy sendmail 8.6.10 or 8.6.11, may not be
now. This is *NOT* to imply that this and related bugs will cease to exist
around the net, because there are plenty of old sendmails still running.
Upgrade yours if you haven't, and tell your friends.
It would set a REALLY BAD precedent if the legal system decided that people
attempting to help fix bugs were to be tarred with the same brush as those
trying to exploit them. Think carefully about this.
_H*
