Anyone who wants to watch the bug in action, and whose sendmail is doing the identd lookups, can send a message to himself via the mailserver here. For instance, if you're foo@bar.com, send mail to foo%bar.com@avian.org and get your sniffer handy. If /tmp/fuckme shows up on your system, most likely owned by bin, you've got the problem. A less intrusive way is to just telnet here on port 113 to see what a "rigged identd" would look like. You need to type in one line to it. Warning: plenty of profanity. Deal. _H*