Author: Alan J. Flavell Date: To: Exim users list Subject: Re: [exim] strange log entries: no IP address found for host
smtp05.host.com (during SMTP connection from NULL)
On Thu, 5 Jan 2006, Bill wrote:
> On 12/29/05, Alan J. Flavell <a.flavell@???> wrote:
> > Something is provoking your exim into attempting to look up
> > the name smtp05.dc2.safesecureweb.com in the early stages of
> > the transaction from IP 81.161.250.78.
> >
> > Could it be that these abusers are trying to present that domain in
> > the HELO/EHLO, and your exim configuration causes it to be verified?
> >
> Thanks for the reply Alan.
Unfortunately, I now think it's rubbish. If the remote MTA had been
trying to present that in its HELO, I think that would have been
evident from the log line, as in:
but there's mo sign of it there. So I withdraw that misleading
suggestion...
I now think that exim is trying to look up either *your* IP address or
*your* DNS name. For whatever reason.
I've looked back on the thread, and you don't seem to have stated
what your own IP address is for this smtp05 host.
As was already said in other postings on the thread: one possibility
is that there's a reference to this FQDN in your configuration file,
in such a context that exim is trying to look it up.
The only other possibility I could think of is that exim has some
reason to look up the IP in question (i.e your *own* IP, not the IP of
the calling MTA), and *that* IP's PTR record really does look up to
smtp05.dc2.safesecureweb.com, and then exim is trying to confirm that
for its bothways lookup.