Robert M. Zigweid wrote:
> On Jul 16, 2006, at 12:24 AM, W B Hacker wrote:
>
>
>>Robert Zigweid wrote:
>>
>>>I've been told that the obfuscation in my message is a problem, so
>>>I'm going
>>>to risk dumping it all out, or at least make it a little more
>>>clear, with
>>>the exception of the destination address, which is slightly altered.
>>
>>>Jul 15 20:58:33 fc563134 exim[12339]: 2006-07-15 20:58:33 SMTP
>>>connection
>>>from [67.168.2.24]:55664 I=[216.75.63.134]:587 (TCP/IP connection
>>>count = 1)
>>>Jul 15 20:58:38 fc563134 exim[12358]: 2006-07-15 20:58:38 ident
>>>connection
>>>to 67.168.2.24 timed out
>>>Jul 15 20:58:38 fc563134 exim[12358]: 2006-07-15 20:58:38 remote host
>>>address is the local host: xilisha.zigweid.net (while verifying <
>>>rzigweid@???> from host ([192.168.1.100])
>>>[67.168.2.24
>>>]:55664)
>>
>>But "host 216.75.63.134"
>>
>>indicates that your hostname should be "fc563134.aspadmin.net",
>>
>>And a 'dig any fc563134.aspadmin.net' returns only a SOA record, no
>>A, PTR, or
>>MX records.
>>
>>All Exim can find for itself is 'localhost'.
>>
>>Looks as if your DNS entry needs fixed.
>>
>
>
> Why does the fc563134.aspadmin.net name matter?
Matters a great deal, as that is returned as 'host' for the IP when queried from
Virginia, Hong Kong, or Zurich.
The reverse, or trying to ping it, returns 'host unknown.
> I have specified in
> my config file primary_host to be xilisha.zigweid.net. I've also set
> it on the machine so that 'hostname' returns xilisha.zigweid.net, and
> uname -a shows xilisha.zigweid.net.
> aspadmin.net is not a domain
> that I control. I rent it from a dedicated host provider.
I'll come back to that...
> If I
> issue 'dig any xilisha.zigweid.net' I get an A record.
>
Prefix aside, 'dig any zigweid.net' returns a full set of DNS entries, not just
an A record.
That's good as far as it goes.
WHOIS, however, says the registration is only 8 or 9 days old, so the DNS
entries are younger and may not have propagated to the world yet.
It looks as if your hosting provider / ultimate IP-block owner still has *their*
PTR record active for the IP they have assigned to you.
An MTA sees the IP from which you connect before anything else, so rDNS failure
can be expected.
Depending on who/what/where is looking at them, prefixes that are not in a DNS
may or may not also become an issue.
Locally you might work around that by pointing your server to different
resolvers, and/or running your own DNS.
Globally, that may still be a problem until the IP-block holder enters (at
least) a PTR record for you.
> The other thing that I find very confusing, is this behavior is only
> apparently exhibited in submission mode from my MUA. If I try to
> send a message from the machine that exim is on, I do not see this
> behavior and the mail is successfully sent and received by the
> intended target.
Only IF that target is not running strict rDNS / forward/reverse host lookup rules.
You may be more strict than the far-end, and logs would show rejection of
incoming conections, if you have any so far.
Bill
