Do you have access to the key file? From my identd man page:

       The -C[<keyfile>] option tells identd to return  encrypted
       tokens  instead  of  user  names.  The local and remote IP
       addresses and TCP port numbers, the local user's uid  num-
       ber, a timestamp, a random number, and a checksum, are all
       encrypted using DES with a secret  key  derived  from  the
       first  line  of  the keyfile (using des_string_to_key(3)).
       The encrypted binary information  is  then  encoded  in  a
       base64  string  (32  characters in length) and enclosed in
       square brackets to produce a token that is transmitted  to
       the  remote  client.   The  encrypted  token  can later be
       decrypted by  idecrypt(8).   There  may  not  be  a  space
       between  the  -C and the name of the keyfile.  If the key-
       file   is   not   specified,   it   defaults   to   !!PRE-
       FIX!!/etc/identd.key.
[download]

Should be easy to find a DES crypto module on CPAN. I'd hazard a guess at its name: Crypt::DES (I didn't check this link or any module it might return.) Be sure to decode_base64() (from MIME::Base64) the string first if the crypto module doesn't do it for you.

Yes, I know it's DES-encrypted and the key is at /etc/identd.key. But it's (root,root,600).

Basically, what I want to do is to only allow certain Unix accounts to access the local mailserver (and the qmail-inject program). I wonder how other non-root programs do this, e.g. postgres.