Re: [Exim] no IP address found for host [our own domain]

On Thu, 10 Jul 2003, Andreas J Mueller wrote:

> > Or maybe the log message cited above is doing no harm (other than
> > being noise), considering that it's only a "try"_verify, and that
> > the ACL which actually does the work of computing the bogosity score
> > can readily disregard the non-verification for our respected clients.
>
> The log message is a fairly recent addition to Exim,

Ah, thanks. Somehow this logging had seemed relatively new, that
would explain it In fact, we get two copies of this log entry: if I
try an "exim -bh" session against one of the addresses, it appears
that the first is as a result of host_lookup, and the second because
of helo_lookup_domains. Maybe this configuration is, as you might
say, doppelt-gemoppelt.

> If it bothers you, turn it off by disabling
> the host_lookup_failed log selector.

Good idea, thanks (sometimes the obvious answer is the hardest one to
find ;-).

> Clients have been observed to present all kinds of junk during HELO.

Sure thing. (Anyone for Korean?).

> It makes only sense to verify the HELO string if you are accepting
> mail from real MTAs, who should be more careful in what they send.

We've recently started reckoning spam points for broken HELOs as well
as for IPs that don't have PTR records.

I also added rejection for a HELO which presents our own IP address
(*without* brackets) - surprising how many spammers are doing that -
I read somewhere that spammers also try presenting one's own email
domain or the host name of the MTA, but I see very few of those in
practice.

> When a client presents a valid authentication, it is irrelevant if
> their HELO does not verify. You already have everything you need to
> identify them.

Exactly my point, yes.

Gruesse