Re: [exim] strange log entries: no IP address found for host…

Top Page
Delete this message
Reply to this message
Author: Bill
Date:  
To: Jeremy Harris
CC: exim-users
Subject: Re: [exim] strange log entries: no IP address found for host smtp05.host.com (during SMTP connection from NULL)
Hey Jeremy,
Thanks for the quick response.
Sorry, I neglected to mention that I had substituted "host.com" for
the real SMTP server domain... out of habit, I suppose. I was more
focused on the errors in the logs and what a NULL value might mean in
the log entry. For that matter, I was mostly concerned about the
other entries I noted that actually had various IP's and hostnames.

Anyway, I wasn't sure that it was important, but if it makes a
difference, the real hostname is smtp05.dc2.safesecureweb.com. Before
you try, I can tell you that this server does not currently resolve
any DNS. When we added these servers to our SMTP configs last week,
they all resolved A records, but smtp05-08 no longer return any DNS
records at all (smtp01-04 still resolve just fine). I'm not sure why;
we don't control these servers. They just stopped resolving later
that same day.

However, this brings up another question. If I still have smtp05-08
in my "relay_from_hosts" list, why am I getting these strange errors
in my logs? Is this some sort of exploit or an "anomaly" in the code?

Thanks for your help!
-Bill



On 12/27/05, Jeremy Harris <jgh@???> wrote:
> Bill wrote:
> > I recently had to add 8 internet SMTP servers (smtp01.host.com -
> > smtp08.host.com) to my "relay_from_hosts" list in my exim config in
> > order to accommodate email from our hosted web servers. Ever since
> > then, I've been getting numerous errors in the exim_mainlog file --
> > more than 30,000/day (out of a total of ~220,000 entries/day) -- from
> > one of these hosts (smtp05.host.com).
>
> Well something is odd just with those names - I get (on a sample
> size of one), the same forward resolution for both smtp01.host.com
> and smtp05.host.com - 206.207.85.33 - and a reverse of that of
> "www.anything.com".
>
> So, did you *really* mean those names? Or is your own DNS on
> the fritz?
>
> Cheers,
>     Jeremy

>
> --
> ## List details at http://www.exim.org/mailman/listinfo/exim-users
> ## Exim details at http://www.exim.org/
> ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
>