From owner-freebsd-current  Tue Apr  9 08:24:51 1996
Return-Path: owner-current
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.3/8.7.3) id IAA18503
          for current-outgoing; Tue, 9 Apr 1996 08:24:51 -0700 (PDT)
Received: from palmer.demon.co.uk (palmer.demon.co.uk [158.152.50.150])
          by freefall.freebsd.org (8.7.3/8.7.3) with ESMTP id IAA18476
          for <freebsd-current@FreeBSD.ORG>; Tue, 9 Apr 1996 08:24:39 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1])
	  by palmer.demon.co.uk (sendmail/PALMER-1) with SMTP id PAA08441
	  ; Tue, 9 Apr 1996 15:40:08 +0100 (BST)
To: joerg_wunsch@uriah.heep.sax.de (Joerg Wunsch)
cc: freebsd-current@FreeBSD.ORG (FreeBSD-current users)
From: "Gary Palmer" <gpalmer@FreeBSD.ORG>
Subject: Re: routed delete my PPP default: how to fight it? 
In-reply-to: Your message of "Tue, 09 Apr 1996 09:36:39 +0200."
             <199604090736.JAA08067@uriah.heep.sax.de> 
Date: Tue, 09 Apr 1996 15:40:08 +0100
Message-ID: <8439.829060808@palmer.demon.co.uk>
Sender: owner-current@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

J Wunsch wrote in message ID
<199604090736.JAA08067@uriah.heep.sax.de>:
> That's ``auth''.  I've always wondered at my machine at work (where i
> tcpdump all traffic that's going through the Internet router) who is
> connecting to this port.  It's also somehow related to sendmail.

> Does anybody know more about ``auth''?

Sendmail tries connecting to the auth port to find out the UID /
username of the person doing the connection in a vain attempt to catch
forged e-mails. I say vain, as the majority of systems on the 'net
still don't run identd, and hence most people sending faked e-mails
are not inconvenienced in any way by this.

Gary