[ale] Puzzled

[Chris Ricker]

On Sat, 5 Jan 2002, Robert Heaven wrote:

> I'm puzzled about something. Why is it that every time I send out an 
> email, the SMTP server that I use attempts to do a tcp connection (SYN) 
> back to me on port 113 (auth)??? The mail always goes out without a 
> problem but I'm curious why they're attempting to connect back to me. 
> And, what is "auth" by the way?

sendmail and a few other broken MTAs try to connect to port 113 to identify
the user id of the connecting user.  The idea is that you can have an authd
(these days they're usually called identd) running on port 113.  Remote
servers can query it with a port number (the port number of the connection
from that client to their system), and it'll respond with the userid on the
client who has that port open.  See RFC 1413 for more details.

Many servers require that ident responses be received (most irc servers, for
example), though there's no way they can verify that the responses are
correct.  Because of that and privacy concerns, most people use an identd
that either returns a bogus answer, or returns keys rather than user names /
user ids (so that if the remote machine really needs to find a user id, they
can give the key to the client admin and the client admin can determine who
did it).

pidentd is probably the most commonly used one on Linux; it supports both 
bogus responses and crypographic key responses, so it's fairly flexible.

later,
chris


---
This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems should be 
sent to listmaster at ale dot org.