At 06:02 PM 1/7/00 +0000, Alicia da Conceicao wrote:
>why is my sendmail server, which came from and is running on
>a NetBSD 1.4.1 ix86 distribution, generating these ident requests?  And
>is there any way to turn this off?  (I can't find any mention of this my
>the sendmail.cf configuration file, or in the man pages.)

In this case, it's not *your* sendmail, but the sendmail (or whatever) at
the receiving end. When sendmail is contacted by some other machine and
asked to receive mail, it does an ident request back to that machine in an
attempt to verify the username; the username it gets from this is then
usually included in the Received: header added to the mail. If the ident
session is "RST"ed, sendmail will quickly continue with receiving the mail;
however, if there is no response at all to its tcp/113 syns, it will hang
for a bit waiting for the other end to wake up. As Bill alluded, doing an
ident request really isn't all that useful for the *receiving* agent, since
it can't assume the info returned by ident is any better than what was sent
by the remote sendmail in the first place. (It can, however, be useful for
the *sender* on the originating system when abuse is reported, though - as
long as the admin of that system trusts the abuse report itself).

I seem to remember turning off ident on sendmail with a compile time
#define a long time ago when people first started using it. I don't know if
that #define even exists any more (and as I said above, it wouldn't make
any difference for you to turn it off anyway - the other end would have to
turn it off). It seems like these days most all mail agents try to do ident
requests, and most firewalls block them. Kind of silly, really.