[exim] Exim says it finds host name, then says it failed to …

Pàgina inicial
Delete this message
Reply to this message
Autor: Kaz Kylheku
Data:  
A: exim-users
Assumpte: [exim] Exim says it finds host name, then says it failed to find host name and doesn't apply host-based deny rules.

Hi All,

I'm having some spam get through because filtering that relies on
reverse DNS is
behaving in the following way:

First we have:

webserver:~# exim4 -bh 200.74.217.158

**** SMTP testing session as if from host 200.74.217.158
**** but without any ident (RFC 1413) callback.
**** This is not for real!

>>> host in hosts_connection_nolog? no (option unset)
>>> host in host_lookup? yes (matched "*")
>>> looking up host name for 200.74.217.158
>>> IP address lookup yielded mail.radarsystems.net
>>> gethostbyname2 looked up these IP addresses:
>>> name=radarsystems.net address=200.74.217.141


Okay, the forward and reverse DNS doesn't match, but the IP
address reverse-resolves to an address. So far so good.

>>> processing "deny"
>>> check hosts = *.pwrz.at : *.ampledns.com : *.radarsystems.net
>>> sender host name required, to match against *.pwrz.at
>>> host in "*.pwrz.at : *.ampledns.com : *.radarsystems.net"? no (failed to find host name for 200.74.217.158)
>>> deny: condition test failed


Why isn't the earlier lookup used?

If it is because the forward and reverse DNS didn't match, isn't that
kind of dumb?

If there was a way to reject such hosts upfront, that would work.
What's a good way to write a deny rule like that?