Author: Sebastian Arcus Date: To: exim-users Subject: Re: [exim] Exim not obeying "delay = " in acl_smtp_connect
On 27/12/17 12:58, Jeremy Harris wrote: > On 27/12/17 12:39, Sebastian Arcus via Exim-users wrote:
>> processing "drop"
>> 5976 message: Reverse DNS record incorrect or missing
>> 5976 check !condition = ${if eq{$received_port}{587}}
>> 5976 =
>> 5976 check !verify = reverse_host_lookup
>> 5976 looking up host name to force name/address consistency check
>> 5976 drop: condition test deferred in ACL "acl_check_connect"
>> 5976 LOG: connection_reject MAIN REJECT
>> 5976 H=[196.207.181.208]:57629 I=[192.168.15.2]:25 temporarily
>> rejected connection in "connect" ACL: host lookup deferred for reverse
>> lookup check
>> 5888 child 5976 ended: status=0x0
>> 5888 normal exit, 0
>>
>>
>> </snip>
>>
>> I'm not quite following the above - does it mean that the reverse dns
>> lookup fails somewhere,
>
> That's how I read it. Add more debug classes to that cmdline option
> for more info - I expect there's a dns-specfic one.
There is -d-dns and -d-resolver. I now have to wait until I get hit
again by a wave of connections from that particular trojan or whatever
it is - to debug things - as it seems to come for a few hours every few
days, then go away.