Re: [Exim] RCPT to <address> refused errors

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
MDavid Kelly at <-
 
Delete this message
Reply to this message
Author: Tim Jackson
Date:  
To: exim-users
Subject: Re: [Exim] RCPT to <address> refused errors
Hi David, on Tue, 20 Jan 2004 09:45:14 +0100 you wrote:

> I have a puzzling situation:
> every time I send mail the mail client recieves a RCPT to <address>
> refused error and the following shows up in the log.
> ./var/log/exim_mainlog:2004-01-18 07:04:24 no host name found for IP
> address 213.37.97.51

This means the IP 213.37.97.51 has no reverse DNS, which is correct.
This is merely a warning though.

> ../var/log/exim_mainlog:2004-01-18 07:04:44 1AiBfV-0007XU-HJ <=
> person@??? H=(LocalHost) [213.37.97.51] P=smtp S=2193
> id=000a01c3ddbc$1bc39ae0$336125d5@LocalHost

> The IP shown is not the correct IP for e-forma.net....

Woah. Now you're mixing up forward DNS, reverse DNS and envelope sender!
(well, at least the envelope sender is the only place "e-forma.net"
appears there, unless you have some extra knowledge which you didn't put
here) The IP address shown there is the originating IP - the machine which
the SMTP connection originates from.

What you seem to be expecting is that Exim is looking up the domain
(e-forma.net) in the envelope sender (person@???) and
putting that IP in the logfile, which is not what happens.

> does anyone have
> any idea why localhost is resolving to an incorrect IP address??

It's not. It's working just fine. The "H=(LocalHost)" means that the
remote machine (213.37.97.51) sent "HELO/EHLO LocalHost" in the SMTP
session. Note the parentheses; if the host's DNS and HELO matched up, they
wouldn't be there.

Exim doesn't "trust" the HELO as such; it doesn't look it up and put the
resulting IP in the log (that would be silly); it uses the real source IP
of the connection.

> if I do a nslookup I get the correct IP: 216.180.242.194... so the dns
> entry is not to blame it would seem.

I think you need to understand the difference between forward DNS lookups
(hostname to IP) and reverse DNS (IP to hostname) which would be fully
consistent in an ideal world, but frequently aren't. What Exim is warning
about in this case is the complete lack of reverse DNS.

Remember also that the SMTP HELO parameter is yet another variable: it's
an arbitrary name supplied by the sending server, which Exim logs for
informational purposes. Again, in an ideal world it should tie up with the
sending host's DNS, but it frequently doesn't.

To summarise, in this case you're seeing (and seemingly being confused by)
an example of a server which is fairly badly configured; it has: 

forward DNS e-forma.net  = 213.37.97.51
reverse DNS 213.37.97.51 = [non existent]
SMTP HELO                = LocalHost


An example of a better setup would be: 

forward DNS e-forma.net  = 213.37.97.51
reverse DNS 213.37.97.51 = e-forma.net
SMTP HELO                = e-forma.net



although typically people would create <server-name>.e-forma.net rather
than attaching a DNS A to e-forma.net.

Tim


This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [Exim] domains ending in dotRE: [Exim] Uploading mailboxes->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)