[17004] in North American Network Operators' Group
Re: Suggestion for improved identD
daemon@ATHENA.MIT.EDU (Daniel Reed)
Tue May 19 23:14:07 1998
Date: Tue, 19 May 1998 23:02:34 -0400 (EDT)
From: Daniel Reed <djr@narnia.n.ml.org>
To: Troy Davis <troy@oz.net>
cc: nanog@merit.edu
In-Reply-To: <Pine.LNX.3.96.980519155158.23856A-100000@troy.blackcat.net>
On Tue, 19 May 1998, Troy Davis wrote:
) An example SMTP header:
)
) Received: from evilspammer (207-172-189-146.s67.as3.plb.erols.com
) [207.172.189.146]) by smtp2.erols.com (8.8.8/8.8.5) with SMTP id XAA19893
) for <joe@test.com>; Mon, 18 May 1998 23:34:27 -0400 (EDT)
)
) In common implementations*, "evilspammer" will be the identd reply. Since
) it's easily forgable, simply disregard it and go by the IP address (and
) hostname, if shown).
Actually, in that example, ther was no ident reply from the remote host.
"evilspammer" is just the name given when the remote host gives his EHLO
or HELO.
Received: from mail.n.ml.org (djr@narnia.mhv.net [199.0.0.118])
...
means my mail server identified itself as "mail.n.ml.org," with a real
host name of "narnia.mhv.net" and IP of 199.0.0.118, and an ident reply of
"djr."
--
Daniel Reed <n@ml.org> (ask me for my PGP key)
One man's Windows are another man's walls...