[exim] localhost [reverse] lookup reaches external/global DNS

Sun, 08 Dec 2019 04:14:38 -0800 

Hello :)
My system is running fine for a while with small modifications each and then. In order to fully IPv6 enabling this I found a configuration errort symptom I am too stupid to fix. 


I used my hosting provider DNS servers in /etc/resolv.conf and they 
return results for [reverse] lookups
for localhost [127.0.0.1]. I am not sure if this is legal, but no system 
should reach out to use them anyhow.



I was not aware my system does, was not aware I use such DNS servers, 
but in order to use ipv6 DNS servers
I inserted one that does not deliver localhost query results (I found 
out after debugging) and the error was

revealed.


My exim accepts mail, passes those to amavisd-new on port 10024, 
receives the result back on 10025 and does
virtual local delivery then. This use case breaks now. System is current 
mos actual debian stable.



When /etc/resolv.conv nameserver's are google, i.e. do _no_ localhost 
handling, I get something like this:



2019-12-07 14:57:32 1idaaS-0000Hk-4A <= [email protected] 
H=mail.example.de [1.x.y.2]:41770 I=[83.246.46.207]:25 P=esmtps 
X=TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256 CV=no S=2796 DKIM=example.de 
[email protected] from <[email protected]> 
for [email protected]
2019-12-07 14:57:32 SMTP connection from mail.example.de 
[1.x.y.24]:41770 I=[83.246.46.207]:25 closed by QUIT
2019-12-07 14:57:33 SMTP connection from [127.0.0.1]:49642 
I=[127.0.0.1]:10025 (TCP/IP connection count = 2)
2019-12-07 14:57:33 H=(localhost) [127.0.0.1]:49642 I=[127.0.0.1]:10025 
rejected MAIL <[email protected]>: host lookup failed (127.0.0.1 does not 
match any IP address for localhost)
2019-12-07 14:57:33 1idaaS-0000Hk-4A ** [email protected] 
F=<[email protected]> R=amavis T=amavis H=localhost [::1] I=[::1]: SMTP 
error from remote mail server after end of data: 550 5.1.0 id=00985-01 - 
Rejected by next-hop MTA on relaying, from MTA(smtp:[127.0.0.1]:10025): 
550 Warning - Reverse DNS lookup failed for host 127.0.0.1.
2019-12-07 14:57:33 1idaaT-0000Hv-R6 <= <> R=1idaaS-0000Hk-4A 
U=Debian-exim P=local S=4478 from <> for [email protected]

2019-12-07 14:57:33 1idaaS-0000Hk-4A Completed

2019-12-07 14:57:34 1idaaT-0000Hv-R6 => [email protected] F=<> 
R=lookuphost T=remote_smtp S=4586 H=mail.example.de [1.x.y.24] 
I=[83.246.46.207] X=TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256 CV=yes 
DN="OU=Domain Control Validated,CN=*.example.de" K C="250 2.0.0 Ok: 4586 
bytes queued as 1C2D140062"

2019-12-07 14:57:34 1idaaT-0000Hv-R6 Completed

Who, where, when is the reverse lookup failure complained about exactly?
Is this exim on port 10025 receiving the mail back from amavisd-new?


I have two issue with the system, may be they are related:


When computer reboots (with DNS servers handling localhost), the 1st 
time [email protected] gets an email, there is a delay:



The first delivery line is printed into the log, then after 4 minutes 
the second line appears:



2019-12-07 15:00:48 1idadb-0000FX-VZ <= [email protected] 
H=mail.example.de [1.x.y.24]:41998 I=[83.246.46.207]:25 P=esmtps 
X=TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256 CV=no S=2796 DKIM=example.de 
[email protected] from <[email protected]> 
for [email protected]
2019-12-07 15:00:48 SMTP connection from mail.example.de 
[1.x.y.24]:41998 I=[83.246.46.207]:25 closed by QUIT


4min delay


2019-12-07 15:03:01 1idafl-0000Gg-9x <= [email protected] H=localhost 
[127.0.0.1]:59716 I=[127.0.0.1]:10025 P=esmtp S=3221 DKIM=example.de 
[email protected] from <[email protected]> 
for [email protected]
2019-12-07 15:03:01 1idadb-0000FX-VZ => [email protected] 
F=<[email protected]> R=amavis T=amavis S=2863 H=localhost [::1] I=[::1] 
C="250 2.6.0 from MTA(smtp:[127.0.0.1]:10025): 250 OK 
id=1idafl-0000Gg-9x"

2019-12-07 15:03:01 1idadb-0000FX-VZ Completed

2019-12-07 15:03:01 1idafl-0000Gg-9x => konsti <[email protected]> 
F=<[email protected]> R=virtual_localuser T=virtual_local_delivery S=3348

2019-12-07 15:03:01 1idafl-0000Gg-9x Completed


After a couple of mails the 4 minute delay vanishes and delivery runs in 
less than a second.


Second issue, mail to root works, mail to root@localhost not:

# exim -bt root
[email protected]
    <-- [email protected]
  router = amavis, transport = amavis
  host localhost [::1]
  host localhost [127.0.0.1]

# exim -bt root@localhost
LOG: MAIN

  remote host address is the local host: localhost (while routing 
<root@localhost>)
root@localhost cannot be resolved at this time: remote host address is 
the local host



I added localhost into local_domains which solves the last issue but the 
localhost lookup reaching the outer

DNS servers is the same.


Where is my hitch that localhost lookups reach the outer world? 
/etc/hosts has loclhost entries for 127.0.0.1 and ::1.


Kind Regards
Konstantin
--
Konstantin Kletschke
P: +49 151 68170177
OpenPGP: 13C9 B16B 9844 EC15 CC2E A080 1E69 3FDA EF62 FCEF

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/






















					Reply via email to