Re: ``WHY TAP?'': A White Paper

Peter Eriksson <pen@lysator.liu.se> Sat, 15 August 1992 11:06 UTC

Date: Sat, 15 Aug 1992 13:05:33 -0000
From: Peter Eriksson <pen@lysator.liu.se>
To: Theodore Ts'o <tytso@athena.mit.edu>
Cc: Anders Andersson <andersa@mizar.docs.uu.se>, brnstnd@kramden.acf.nyu.edu, ident@NRI.Reston.VA.US
Subject: Re: ``WHY TAP?'': A White Paper
In-Reply-To: Your message of Fri, 14 Aug 92 22:42:10 -0400
Message-Id: <CMM.0.90.0.713876733.pen@robin.lysator.liu.se>

Ted writes:

> This is what my comment was referring to.  I believe the sendmail patch
> checks to see if the from address matches the username returned from the
> ident server, either rejects or marks the mail as being forged if it
> does not match.  This will clearly break if you are using encrypted
> Ident username tokens.  

Are there more than one sendmail patch out there? Or am I missing
something. The sendmail patch I know of does two things only:

  1. It logs the "ident" identifier in the syslog

  2. It (optionally, if the Sendmail.cf file is modified) will
     include the "ident" identifier in the "Received:" header lines.

It never rejects mail based on "ident" tokens.

/Peter

Peter Eriksson                                              pen@lysator.liu.se
Lysator Academic Computer Society                 ...!uunet!lysator.liu.se!pen
University of Linkoping, Sweden                           I'm bored. Flame me.

``WHY TAP?'': A White Paper Daniel J. Bernstein
Re: ``WHY TAP?'': A White Paper Theodore Ts'o
Re: ``WHY TAP?'': A White Paper Anders Andersson
Re: ``WHY TAP?'': A White Paper Theodore Ts'o
Re: ``WHY TAP?'': A White Paper Anders Andersson
Re: ``WHY TAP?'': A White Paper Peter Eriksson
Re: ``WHY TAP?'': A White Paper Daniel J. Bernstein
Re: ``WHY TAP?'': A White Paper Daniel J. Bernstein