Re: [exim] where does the HELO hostname get set?

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Rick Pasotto
Date:  
À: exim-users
Sujet: Re: [exim] where does the HELO hostname get set?
Thanks for your thoughtful reply, but evidently there's still something
that I'm missing.

On Wed, Nov 12, 2008 at 01:48:44PM +0800, W B Hacker wrote:
> Rick Pasotto wrote:
> > I have been running exim on my debian machine for many years without
> > a problem. Now the one recipient won't accept mail from me and gives
> > the below explanation which I only partially understand.
> >
> > I think the problem will be resolved if I can get exim to respond
> > with 'niof.net' to HELO rather than 'mnr.niof.net'. mnr is the
> > machine name but the domain is niof.net. At the present time it is
> > the only machine in that domain.
> >
> > I know just enough to muddle my way through and would appreciate if
> > someone could help me understand what's going on and what I need to
> > do to fix it.
>
> You have been belssed with a very rare gift - a far-end that has given
> you polite, accurate, and specific advice.
>
> Be thankful for that, and act on it!
>
> - FIRST:
>
> -- chose the identity you will use, EX: 'niof.net' or 'mail.niof.net'
>
> - THEN either:
>
> --- set the box hostname to the above choice (AND NOT 'mnr.niof.net')


I set /etc/hostname to 'niof.net' and restarted exim.

However, that doesn't seem to be enough. Do I need to reboot?

What puzzles me is that I have been sending and receiving mail for over
five years without a problem. I run several mailman mailing lists, one
with over 1600 addresses. This is the first host that has rejected my
mail. Maybe the increase in spam has resulted in a tightening up of the
protocols.

> and/or
>
> --- set Exim's 'helo_data' to that choice, and insure the appropriate
> transport(s) actually *use* it.


Where would I do that? The only lines I find in my config file that
reference 'helo_data' apprear to deal with incoming mail.

> That's only halfway home, because the far-end sees that in the HELO, but
> ID's the IP based on a DNS lookup - and *wants* a PTR RR from the
> IP-block holder of record - NOT from your own DNS:


I am not running my own DNS.

> THEN ALSO
>
> -- insure there are DNS records (A, MX, and PTR for your choice, AND
> that they match the IP you use for the MTA.
>
> CRITICAL ITEM:
>
> -- get your *IP-block holder* (datacenter, ISP, or other upstream) to
> enter a RTR RR for the above 'choice' on the IP used. [1]


Please excuse my ignorance, but is that the same thing as rDNS? niof.net
gives an ip of 69.17.2.49 and 69.17.2.49 gives a PTR of niof.net.

> Miss any of those, and *our* servers will not be at all 'polite' or
> helpful because we will 'ass u me' you are a WinZombie or LinDiot.
>
> HTH,
>
> Bill
>
>
> [1] If you cannot get that, then said upstream may provide, and require
> you to use, their mailhost for outbound traffic. Too few bandwidth
> purchasers bother to READ their terms of service, which often prohibit
> operating a mailserver.


My ISP (speakeasy.net) specifically *allows* all services, including
mail and http. That's a major reason I chose them.

> >
> > On Wed, Nov 12, 2008 at 02:35:18AM +0000, Support Team wrote:
> >> This error message indicates company's email server misconfiguration.
> >> The problem is that hostname, used by the server to represent itself
> >> to remote side (to our spam filtering system in this particular case),
> >> is invalid. Mail standards require HELO greeting to be sent from valid
> >> (existent) FQDN hostname (IE names like "localhost" or "myserver"
> >> doesn't comply with RFC). In your case servers (I see several mail
> >> sources in MTA logs on our side) send FQDN HELO, but A records,
> >> corresponding to HELO hostname, are missing from DNS. Please see
> >> example reject message from filter's log and DNS query transcript
> >> below.
> >>
> >> You have 2 possible options at this point. You can either correct HELO
> >> hostname in your MTA configuration files, or add "A" records,
> >> corresponding to your current HELO hostnames, to your domain's DNS
> >> zone.
> >>
> >> Also please note, that reverse DNS records for your mail relay IPs
> >> must exist. We don't check direct/reverse DNS correspondence, but we
> >> reject mail sources with inexistent PTR records.
> >>
> >> Please let us know if we can be in any further assistance.
> >>
> >> ##########################
> >> $ dig mnr.niof.net
> >>
> >> ; <<>> DiG 9.4.2-P2 <<>> mnr.niof.net
> >> ;; global options: printcmd
> >> ;; Got answer:
> >> ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 38288
> >> ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
> >>
> >> ;; QUESTION SECTION:
> >> ;mnr.niof.net.                  IN      A

> >>
> >> ;; AUTHORITY SECTION:
> >> niof.net.               10659   IN      SOA     ns03.domaincontrol.com. dns.jomax.net. 2007101000 28800 7200 604800 759

> >>
> >> ;; Query time: 2 msec
> >> ;; SERVER: 10.1.1.251#53(10.1.1.251)
> >> ;; WHEN: Wed Nov 12 04:34:58 2008
> >> ;; MSG SIZE rcvd: 98
> >> ##########################
> >
>
>
> --
> ## List details at http://lists.exim.org/mailman/listinfo/exim-users
> ## Exim details at http://www.exim.org/
> ## Please use the Wiki with this list - http://wiki.exim.org/


-- 
"...the capitalist system...of free markets and the private ownership
 of the means of production, [is] an essential condition of the very
 survival of mankind." -- Friedrich Hayek
    Rick Pasotto    rick@???    http://www.niof.net