On 27/12/17 12:58, Jeremy Harris wrote:
On 27/12/17 12:39, Sebastian Arcus via Exim-users wrote:
processing "drop"
5976 message: Reverse DNS record incorrect or missing
5976 check !condition = ${if eq{$received_port}{587}}
5976 =
5976 check !verify = reverse_host_lookup
5976 looking up host name to force name/address consistency check
5976 drop: condition test deferred in ACL "acl_check_connect"
5976 LOG: connection_reject MAIN REJECT
5976 H=[196.207.181.208]:57629 I=[192.168.15.2]:25 temporarily
rejected connection in "connect" ACL: host lookup deferred for reverse
lookup check
5888 child 5976 ended: status=0x0
5888 normal exit, 0
</snip>
I'm not quite following the above - does it mean that the reverse dns
lookup fails somewhere,
That's how I read it. Add more debug classes to that cmdline option
for more info - I expect there's a dns-specfic one.
There is -d-dns and -d-resolver. I now have to wait until I get hit
again by a wave of connections from that particular trojan or whatever
it is - to debug things - as it seems to come for a few hours every few
days, then go away.
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
