If someone has external ident on true its easy for the users to spoof their ips (being able to use a *@localhost ioFTPD/ioFTPD account for instance) since they could simply send a idnt with a made up ip to it.

Wouldnt it be more appropriate to allow only certain ips using the external idnt feature?

Its not that important, just sharing a thought.
UNi

Don't allow direct access to site, if you use bouncers. IDNT can only be supplied once, after that client will be disconnected if he uses the command. (neat uhh?)

You can use Hosts.Rules to control access.

ah sounds logical indeed :P
somehow my mind thought host rules would apply to idnt too..
dunno why i thought that, probably since the host rules would otherwise be almost useless if using a bnc.. (limiting connections per country and stuff like that)
Then again if people need such stuff (for some reason) they prolly dont use a bnc anywayz :p :D
Thnx d1..
(people with bnc have to up the max connections per ip in host rules then i guess...and use user limits.)