LinuxSA Mailing list archives

  From: Alan Kennington <akenning@topology.org>
  To  : Michael Kratz <michael_kratz@hotmail.com>
  Date: Tue, 8 May 2001 12:45:25 +0930

Re: IDENTD is it really needed for sendmail?

On Sun, May 06, 2001 at 01:45:12PM +0930, Michael Kratz wrote:
> 
> on a system that is running sendmail a its primary MTA does one really have 
> to run IDENTD? Normally I do, but I have setup a 2 server setup a couple of 
> weeks ago and realised that I didnt allow for IDENTD transactions through 
> the firewall... the machine that sends mail is behind the firewall and it 
> can still send mail, albeit I think it takes a bit longer... are there any 
> fors and againsts to using or not using IDENTD??


Michael,

While modifying some postgres configuration files, I just remembered that
ident is used by PostgreSQL to identify users and correlate them with
its set of permissions.

I guess that's a good reason to not turn off ident altogether on your LAN.

But personally, I'd firewall it out as far as the rest of the universe
(especially the well-known hacker countries) is concerned.

I personally find it convenient to have my database and httpd on separate
machines. And ident then permits the httpd uid on the httpd machine to
gain access to the db to do php stuff etc.

Cheers,
Alan Kennington.

-- 
LinuxSA WWW: http://www.linuxsa.org.au/  IRC: #linuxsa on irc.linux.org.au
To unsubscribe from the LinuxSA list:
  mail linuxsa-request@linuxsa.org.au with "unsubscribe" as the subject