> so is there any problems at all with rejecting ident requests? > (not just smtp, anything else as well?)
The "advantage" of dropping an unwanted packet over rejecting it is that the originator has to wait for the delay, I.E if you drop the packet they don't know if your server is up down or if the connection is just slow, or even if there is a device at that address at all, So it slows down their script. If you reject the packet then they know that there is something there and can decide whether to keep trying to break in. > if rejecting them is what's commonly done, why does pretty much > every smtpd still send them? Because the act of rejecting tells the smtp something, I.E that there is a device at that address that is doing the rejecting. If you just drop them, then the smtp server is left wondering, gee I just received a request from ip address w.x.y.z but when I try to send an ident request to that address I get no reply. I wonder if that is a real server trying to contact me or just a desktop hacker hiding behind a masqueraded connection. So the problem is that the same technique is being used by the hackers to identify that there is a real device there, as is being used by the smtp service. But given that your mail server has to listen on port 25 anyway's your not giving any infomation away by rejecting idents that the hacker can't get by probing port 25. HTH rgds Pete -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
