On Fri, 7 Sep 2001, Karl Schmidt wrote:
> we use sender verify, folks that use the sendmail MTA do an ident request
> (port 113) which can be responded to with a reject, deny or providing the
> service. Time delays here can cause temporary rejections.
there's been a lot about ident lately on different forums and i
decided to stay away, but i just can't resist for one opinion ;)
it's totally useless. it had it's good reason to exist back in those
days when machines were trusted, no joe out-of-the-blue average could
put a machine on the net, but these days i don't see any reason for it
to be run.
the delay goes away if you don't at all run it, or configure your
packet filter to send back a tcp rst instead of just doing nothing for
an ident request.
this is not actually my own idea, but i totally agree with it; i think
i stole it from the doc of nullidentd.
