On 14 Dec 2004 at 20:29, EXIM USER wrote about
"Re: [exim] Can anyone shed light ":
| Never Mind there was a Mismatch between the A record and the
| Reverse name... That has been corrected... The error does seem misleading
| though, Not in this case but when my server sends mail out to another Exim
| server I see a similar error ( warning )
|
| >| 2004-12-14 10:46:34 no IP address found for host dell-dad.kmb.com (during
| >| SMTP connection from [192.168.22.6])
|
| The above was a correct report as I had a typo in the DNS record
|
| Here is the log line from a system that is receiving mail from my server
|
| 2004-12-14 19:56:47 no IP address found for host spark.kmb.com (during SMTP
| connection from [66.189.23.169]:22177)
| 2004-12-14 19:56:49 1CeNTE-0003Gg-A0 <= kmb@??? H=(hpserver.kmb.com)
| [66.189.23.169]:22177 P=esmtp S=958
| id=6.1.2.0.2.20041214200519.02525640@192.168.22.100
I see what you mean, the error message does not make it clear what
the source of the name was. In this case spark.kmb.com came from the
PTR record lookup for the connecting IP.
| If i do a DNS lookup on sparc.kmb.com on that system this is the results of
| the query.
| [root@boston root]# dig sparc.kmb.com
|
| ; <<>> DiG 9.2.1 <<>> sparc.kmb.com
| ;; global options: printcmd
| ;; Got answer:
| ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 57996
| ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
|
| ;; QUESTION SECTION:
| ;sparc.kmb.com. IN A
|
| ;; ANSWER SECTION:
| sparc.kmb.com. 38082 IN A 66.189.23.169
|
| ;; Query time: 92 msec
| ;; SERVER: 192.168.2.2#53(192.168.2.2)
| ;; WHEN: Tue Dec 14 20:06:15 2004
| ;; MSG SIZE rcvd: 47
Interesting, but that's not what the public internet sees:
[root@go exim]# dig @66.189.23.169 spark.kmb.com a
; <<>> DiG 9.1.3 <<>> @66.189.23.169 spark.kmb.com a
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 40979
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;spark.kmb.com. IN A
;; AUTHORITY SECTION:
kmb.com. 86400 IN SOA sparc.kmb.com. postmaster.kmb.com. 2004121200 10800 3600 604800 86400
;; Query time: 96 msec
;; SERVER: 66.189.23.169#53(66.189.23.169)
;; WHEN: Tue Dec 14 19:15:41 2004
;; MSG SIZE rcvd: 84
If 66.189.23.169 and 192.168.2.2 really are the same machine, you
must be using the BIND9 "views" feature to publish different data for
your local network than for the public internet (aka "split DNS").
Which is a common and Good Thing, but you need to make sure both sets
of zone data are correct.
| and a Reverse Lookup results in
|
| [root@boston root]# host 66.189.23.169
| 169.23.189.66.in-addr.arpa domain name pointer spark.kmb.com.
Right, I see that also, that's where the name came from. But it
doesn't have a matching A record visible from the outside.
| >There is no A (Address) record in the DNS named "dell-dad.kmb.com",
| >which is the name the client at 192.168.22.6 passed on its EHLO
| >command. This is an informational log message.
|
| If this is the case I would have expected to see the no IP address line
| report back the name used in the EHLO,
| that would be hpserver.kmb.com in the case of the instance above.
There is an A record for hpserver.kmb.com, though it is bogus (you
are leaking private IPs into the public DNS).
| If all is well with this I would suggest that the error is
| incorrect. The system can resolve both sparc.kmb.com as well as
| hpserver.kmb.com ( the same system two addresses )
No, on two counts: There is no A record for spark.kmb.com, and the IP
address on the A record for hpserver.kmb.com is 192.168.22.100.
Sounds like you are getting some of your local data into your public
view, and some of your public data into your local view.
- Fred
