[17044] in North American Network Operators' Group
Re: Suggestion for improved identD
daemon@ATHENA.MIT.EDU (Christopher Neill)
Wed May 20 11:01:36 1998
Date: Wed, 20 May 1998 00:25:48 -0400
From: Christopher Neill <chrisn@iagnet.net>
To: nanog@merit.edu
In-Reply-To: <Pine.LNX.3.96.980519225909.8691G-100000@narnia.n.ml.org>; from Daniel Reed on Tue, May 19, 1998 at 11:02:34PM -0400
> Actually, in that example, ther was no ident reply from the remote host.
> "evilspammer" is just the name given when the remote host gives his EHLO
> or HELO.
>
> Received: from mail.n.ml.org (djr@narnia.mhv.net [199.0.0.118])
> ...
>
> means my mail server identified itself as "mail.n.ml.org," with a real
> host name of "narnia.mhv.net" and IP of 199.0.0.118, and an ident reply of
> "djr."
There are valid reasons for a mail to be sent claiming to be sent from
an address it wasnt actually sent from (this is why there is sendmail
-f). Identd, on the other hand, is wholly worthless. I can't believe
people actually trust it (ie, in wrappers), as it is so trivially
forged.
I think the "proxy ident" idea is the most silly thing I've heard in
ages. Come up with a rotating key-based way to authenticate clients
and we can talk turkey..
--
Christopher M Neill -- Network Operations
QualNet - We Make the Internet Work for Your Business.(sm)
DID: 216-902-5460, Office: 800-466-0088, Fax: 216-623-3566
http://www.qual.net