On 27/12/17 12:58, Jeremy Harris wrote:
On 27/12/17 12:39, Sebastian Arcus via Exim-users wrote:
processing "drop"
5976 message: Reverse DNS record incorrect or missing
5976 check !condition = ${if eq{$received_port}{587}}
5976 =
5976 check !verify = reverse_host_lookup
5976 looking up host name to force name/address consistency check
5976 drop: condition test deferred in ACL "acl_check_connect"
5976 LOG: connection_reject MAIN REJECT
5976 H=[196.207.181.208]:57629 I=[192.168.15.2]:25 temporarily
rejected connection in "connect" ACL: host lookup deferred for reverse
lookup check
5888 child 5976 ended: status=0x0
5888 normal exit, 0
</snip>
I'm not quite following the above - does it mean that the reverse dns
lookup fails somewhere,
That's how I read it. Add more debug classes to that cmdline option
for more info - I expect there's a dns-specfic one.
Docs are at
http://exim.org/exim-html-current/doc/html/spec_html/ch-the_exim_command_line.html#SECID39
You could also look into options on the verify= ACL condition,
if it does turn out to be a DNS issue. See the ACL chapter.
Ok - no sooner did I send my last email to the list, that a series of
spurious connections attempts started on another email server I
administer. I have below the log extract with exim -bd
-d-all+resolver+dns+verify
</snip>
18213 drop: condition test failed in ACL "acl_check_connect"
18213 processing "drop"
18213 message: Reverse DNS record incorrect or missing
18213 check !condition = ${if eq{$received_port}{587}}
18213 =
18213 check !verify = reverse_host_lookup
18213 looking up host name to force name/address consistency check
18213 looking up host name for 182.48.94.184
18213 DNS lookup of 184.94.48.182.in-addr.arpa-PTR: using cached value
DNS_AGAIN
18213 IP address PTR lookup gave temporary error
18213 drop: condition test deferred in ACL "acl_check_connect"
18213 SMTP>> 451 Temporary local problem - please try later
18213 LOG: connection_reject MAIN REJECT
18213 H=[182.48.94.184]:52523 I=[192.168.60.2]:25 temporarily rejected
connection in "connect" ACL: host lookup deferred for reverse lookup check
18213 search_tidyup called
18141 child 18213 ended: status=0x0
18141 normal exit, 0
</snip>
I didn't think a PTR lookup should get a defer? If I look it up on the
command line:
# host 182.48.94.184
Host 184.94.48.182.in-addr.arpa not found: 2(SERVFAIL)
I tried the PTR lookup from another machine, on a completely different
network and DNS server, and I get the same SERVFAIL - so I can only
suppose it is not my DNS setup or server.
I've just spotted another issue, but I'll post a separate message to the
list, to try and keep things tidy
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
