On 13/08/07, Rick Pasotto <[EMAIL PROTECTED]> wrote: > Could someone explain to me what these two logfile entries mean? > > I suspect that the first (incoming) entry means that the sender's > machine is misconfigured. Is this a spammer? > > 1st (incoming): > 2007-08-13 13:30:28 rejected EHLO from 69-20-163-167.static.ida.net > [69.20.163.167]: syntactically invalid argument(s): svr_mail.bmc.local > 2007-08-13 13:30:29 rejected HELO from 69-20-163-167.static.ida.net > [69.20.163.167]: syntactically invalid argument(s): svr_mail.bmc.local
Possibly not, but the HELO name it's giving is syntactically invalid (shouldn't have an underscore), and is also not a FQDN that will resolve, which gives it a very spammy flavour. Add to this that the real rDNS for the host concerned is of generic nature, it hasn't got a lot going for it. v> > 2nd (outgoing): > 2007-08-13 13:24:43 1IKdeb-000090-QK mail.lpnc.org [72.52.189.60] Connection > refused > 2007-08-13 13:24:43 1IKdeb-000090-QK == [EMAIL PROTECTED] R=dnslookup > T=remote_smtp defer (111): Connection refused The remote end's MTA isn't running. -- Peter Bowyer Email: [EMAIL PROTECTED] -- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
