| Previous | Contents | Index |
identtcp, identtcplimited, identtcpnumeric, identtcpsymbolic, identnone, identnonelimited, identnonenumeric, identnonesymbolic, forwardchecknone, forwardchecktag, forwardcheckdelete)
The identtcp keyword tells PMDF to perform a connection
and lookup using the IDENT protocol (RFC 1413). The information
obtained from the IDENT protocol (usually the identity of the user
making the SMTP connection) is then inserted into the Received: header
for the message, with the hostname corresponding to the incoming IP
number, as reported from a DNS reverse lookup, and the IP number
itself. The identtcpsymbolic keyword tells PMDF to perform
a connection and lookup using the IDENT protocol (RFC 1413). The
information obtained from the IDENT protocol (usually the identity of
the user making the SMTP connection) is then inserted into the
Received: header for the message, with the hostname corresponding to
the incoming IP number, as reported from a DNS reverse lookup; the IP
number itself is not included in the Received: header. The
identtcpnumeric keyword tells PMDF to perform a connection
and lookup using the IDENT protocol (RFC 1413). The information
obtained from the IDENT protocol (usually the identity of the user
making the SMTP connection) is then inserted into the Received: headers
of the message, with the actual incoming IP number --- no DNS reverse
lookup on the IP number is performed. Note that the remote system must
be running an IDENT server in order for the IDENT lookup caused by the
identtcp, identtcpsymbolic, or
identtcpnumeric to be useful. In addition, be aware that
IDENT query attempts may incur a performance hit. Increasingly routers
simply "black hole" attempted connections to ports that they
don't recognize; if this happens on an IDENT query, then PMDF does not
hear back until the connection times out (a TCP/IP package controlled
timeout, typically on the order of a minute or two). A lesser
performance factor is that when comparing identtcp or
identtcpsymbolic vs.
identtcpnumeric, note that the DNS reverse lookup called
for with identtcp or identtcpsymbolic incurs
some additional overhead to obtain the more "user-friendly"
hostname.
The identnone keyword disables this IDENT lookup, but does
do IP to hostname translation, and both IP number and hostname will be
included in the Received: header for the message. The
identnonesymbolic keyword disables this IDENT lookup, but
does do IP to hostname translation; only the hostname will be included
in the Received: header for the message. The
identnonenumeric keyword disables this IDENT lookup and
inhibits the usual DNS reverse lookup translation of IP number to
hostname, and may therefore result in a performance improvement at the
cost of less user-friendly information in the Received: headers.
identnone is the default.
The identtcplimited and identnonelimited
keywords have the same effect as identtcp and
identnone, respectively, as far as IDENT lookups, reverse
DNS lookups, and information displayed in Received: header lines. Where
they differ is that with identtcplimited or
identnonelimited the IP literal address is always used as
the sole basis for any channel switching due to use of the
switchchannel keyword, regardless of whether the DNS
reverse lookup succeeds in determining a host name. Note that since
channel switching is always performed preferentially based on IP
address rather than host name, the effect of
identtcplimited or identnonelimited is merely
to disable ever trying host name switching in case all IP address
rewriting failed.
| Keyword | IDENT | DNS | IP address | Reverse hostname | Fall back to |
|---|---|---|---|---|---|
| lookup | reverse | in Received: | in Received: | hostname | |
| lookup | header line | header line | channel switch | ||
identtcp
|
Yes | Yes | Yes | Yes | Yes |
identtcplimited
|
Yes | Yes | Yes | Yes | No |
identtcpnumeric
|
Yes | No | Yes | No | No |
identtcpsymbolic
|
Yes | Yes | No | Yes | Yes |
identnone
|
No | Yes | Yes | Yes | Yes |
identnonelimited
|
No | Yes | Yes | Yes | No |
identnonenumeric
|
No | No | Yes | No | No |
identnonesymbolic
|
No | Yes | No | Yes | Yes |
The forwardchecknone, forwardchecktag, and
forwardcheckdelete channel keywords can modify the effects
of doing reverse lookups, controlling whether PMDF does a forward
lookup of an IP name found via a DNS reverse lookup, and if such
forward lookups are requested what PMDF does in case the forward lookup
of the IP name does not match the original IP number of the connection.
The forwardchecknone keyword is the default, and means
that no forward lookup is done. The forwardchecktag
keyword tells PMDF to do a forward lookup after each reverse lookup and
to tag the IP name with an asterisk, *, if the number
found via the forward lookup does not match that of the original
connection. The forwardcheckdelete keyword tells PMDF to
do a forward lookup after each reverse lookup and to ignore (delete)
the reverse lookup returned name if the forward lookup of that name
does not match the original connection IP address, and stick with the
original IP address instead. (Note that having the forward lookup not
match the original IP address is normal at many sites, where a more
"generic" IP name is used for several different IP addresses.)
These keywords are only useful on SMTP channels that run over TCP/IP.
| Previous | Next | Contents | Index |