Re: [exim] help with logfile entries

Top Page
Delete this message
Reply to this message
Author: Peter Bowyer
Date:  
To: exim users
Subject: Re: [exim] help with logfile entries
On 13/08/07, Rick Pasotto <rick@???> wrote:
> Could someone explain to me what these two logfile entries mean?
>
> I suspect that the first (incoming) entry means that the sender's
> machine is misconfigured. Is this a spammer?
>
> 1st (incoming):
> 2007-08-13 13:30:28 rejected EHLO from 69-20-163-167.static.ida.net [69.20.163.167]: syntactically invalid argument(s): svr_mail.bmc.local
> 2007-08-13 13:30:29 rejected HELO from 69-20-163-167.static.ida.net [69.20.163.167]: syntactically invalid argument(s): svr_mail.bmc.local


Possibly not, but the HELO name it's giving is syntactically invalid
(shouldn't have an underscore), and is also not a FQDN that will
resolve, which gives it a very spammy flavour. Add to this that the
real rDNS for the host concerned is of generic nature, it hasn't got a
lot going for it.

v>
> 2nd (outgoing):
> 2007-08-13 13:24:43 1IKdeb-000090-QK mail.lpnc.org [72.52.189.60] Connection refused
> 2007-08-13 13:24:43 1IKdeb-000090-QK == webmaster@??? R=dnslookup T=remote_smtp defer (111): Connection refused


The remote end's MTA isn't running.

--
Peter Bowyer
Email: peter@???