Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. exim>
  3. users
Received header lines IP address lookup
J.Horne at plymouth
May 24, 2002, 5:06 AM
Post #1 of 6 (2263 views)
Permalink
Hello,

I've noticed a few times that mail I get from our mailhubs have the
following header line:

Received: from [141.163.66.132] (helo=tracy.csd.plymouth.ac.uk) by
jhorne.csd.plymouth.ac.uk with esmtp (Exim 4.04) id 17BDZe-000530-00 for
john@jhorne.csd.plymouth.ac.uk; Fri, 24 May 2002 12:49:34 +0100

It's the first line that confuses me. My understanding is that my local MTA
(on jhorne.csd...) is receiving a message from a host with IP address
141.163.66.132, and the HELO command says it is 'tracy.csd.plymouth.ac.uk'.
However, I thought that exim did a reverse lookup of the IP address and
compared this to the HELO name. If they are the same then the Received:
header line should look different. I would expect it to look like:

Received: from tracy.csd.plymouth.ac.uk (141.163.66.132) by

My thought is that exim is not getting a DNS reverse lookup for the mailhub
- if it got anything which didn't match then it would have shown that, but
it's not showing anything. However, the DNS entry is there and the mailhubs
local caching name server is well aware of its own name and IP address - I
ran 'dig' on the mailhub itself.


Anyone any thoughts on this? (This is, of course, this weeks 'Friday
afternoon problem' :-) )


Regards,

John.

------------------------------------------------------------------------
John Horne, University of Plymouth, UK Tel: +44 (0)1752 233914
E-mail: jhorne@plymouth.ac.uk
PGP key available from public key servers
Re: Received header lines IP address lookup [ In reply to ]
ice at extreme
May 24, 2002, 6:11 AM
Post #2 of 6 (2229 views)
Permalink
On Fri, 24 May 2002, John Horne wrote:

> My thought is that exim is not getting a DNS reverse lookup for the mailhub

how's your host_lookup ?


--
[-]
Re: Received header lines IP address lookup [ In reply to ]
J.Horne at plymouth
May 24, 2002, 6:46 AM
Post #3 of 6 (2232 views)
Permalink
On 24-May-2002 at 13:11:40 Tamas TEVESZ wrote:
> On Fri, 24 May 2002, John Horne wrote:
>> My thought is that exim is not getting a DNS reverse lookup for the
>> mailhub
>
> how's your host_lookup ?
>
Damn he's good :-)

Local MTA has:

host_lookup = LOCALHOST

and 'LOCALHOST' is a macro specifying

LOCALHOST = jhorne.csd.plymouth.ac.uk : localhost

Obviously the '!' only applies to the first entry and an implied '!*' is
tacked on the end. Hence no lookups are done.

Well done. Thanks.

John.

------------------------------------------------------------------------
John Horne, University of Plymouth, UK Tel: +44 (0)1752 233914
E-mail: jhorne@plymouth.ac.uk
PGP key available from public key servers
Re: Received header lines IP address lookup [ In reply to ]
ph10 at cus
May 24, 2002, 12:15 PM
Post #4 of 6 (2229 views)
Permalink
On Fri, 24 May 2002, John Horne wrote:

> Received: from [141.163.66.132] (helo=tracy.csd.plymouth.ac.uk) by
> jhorne.csd.plymouth.ac.uk with esmtp (Exim 4.04) id 17BDZe-000530-00 for
> john@jhorne.csd.plymouth.ac.uk; Fri, 24 May 2002 12:49:34 +0100
>
> It's the first line that confuses me. My understanding is that my local MTA
> (on jhorne.csd...) is receiving a message from a host with IP address
> 141.163.66.132, and the HELO command says it is 'tracy.csd.plymouth.ac.uk'.

Correct.

> However, I thought that exim did a reverse lookup of the IP address and
> compared this to the HELO name.

Exim only does a reverse lookup if its configuration requires it to.
Either because the host matches lookup_hosts, or because something in
the configuration does a test against the host name.

It is, of course, more efficient for lookups not to happen.


--
Philip Hazel University of Cambridge Computing Service,
ph10@cus.cam.ac.uk Cambridge, England. Phone: +44 1223 334714.
Re: Received header lines IP address lookup [ In reply to ]
djc at microwave
May 24, 2002, 1:14 PM
Post #5 of 6 (2229 views)
Permalink
On Fri, 24 May 2002, John Horne wrote:

> Hello,
>
> I've noticed a few times that mail I get from our mailhubs have the
> following header line:
>
> Received: from [141.163.66.132] (helo=tracy.csd.plymouth.ac.uk) by
> jhorne.csd.plymouth.ac.uk with esmtp (Exim 4.04) id 17BDZe-000530-00 for
> john@jhorne.csd.plymouth.ac.uk; Fri, 24 May 2002 12:49:34 +0100
>
> It's the first line that confuses me. My understanding is that my local MTA
> (on jhorne.csd...) is receiving a message from a host with IP address
> 141.163.66.132, and the HELO command says it is 'tracy.csd.plymouth.ac.uk'.
> However, I thought that exim did a reverse lookup of the IP address and
> compared this to the HELO name. If they are the same then the Received:
> header line should look different. I would expect it to look like:
>
> Received: from tracy.csd.plymouth.ac.uk (141.163.66.132) by
>
> My thought is that exim is not getting a DNS reverse lookup for the mailhub
> - if it got anything which didn't match then it would have shown that, but
> it's not showing anything. However, the DNS entry is there and the mailhubs
> local caching name server is well aware of its own name and IP address - I
> ran 'dig' on the mailhub itself.

The mailhub knowing its IP address and name is all well and good. Have
yuor tried to do a lookup from the machine thats _receiving_ the message
from the mailhub - maybe it isnt able to resolve the reverse for the IP.

>
>
> Anyone any thoughts on this? (This is, of course, this weeks 'Friday
> afternoon problem' :-) )
>
>
> Regards,
>
> John.
>
> ------------------------------------------------------------------------
> John Horne, University of Plymouth, UK Tel: +44 (0)1752 233914
> E-mail: jhorne@plymouth.ac.uk
> PGP key available from public key servers
>
> --
>
> ## List details at http://www.exim.org/mailman/listinfo/exim-users Exim details at http://www.exim.org/ ##
>
>


--
Re: Received header lines IP address lookup [ In reply to ]
J.Horne at plymouth
May 24, 2002, 1:28 PM
Post #6 of 6 (2235 views)
Permalink
On Friday 24 May 2002 21:14, Dave C. wrote:
> The mailhub knowing its IP address and name is all well and good. Have
> yuor tried to do a lookup from the machine thats _receiving_ the message
> from the mailhub - maybe it isnt able to resolve the reverse for the IP.
>
You are of course correct. In fact I did the test on the receiving host, I
just got the email to the list wrong.

I did actually mail a reply about this problem - now solved with a domain
list - earlier this afternoon but it doesn't seem to have reached the list,
or our mailhub has done something with it (?). The latter is possible since I
was working on it! I'll check the logs.

From earlier this afternoon:

On 24-May-2002 at 13:11:40 Tamas TEVESZ wrote:
> On Fri, 24 May 2002, John Horne wrote:
>> My thought is that exim is not getting a DNS reverse lookup for the
>> mailhub
>
> how's your host_lookup ?
>
Damn he's good :-)

Local MTA has:

host_lookup = LOCALHOST

and 'LOCALHOST' is a macro specifying

LOCALHOST = jhorne.csd.plymouth.ac.uk : localhost

Obviously the '!' only applies to the first entry and an implied '!*' is
tacked on the end. Hence no lookups are done.

Well done. Thanks.

John.

--
John Horne, University of Plymouth, UK Tel: +44 (0)1752 233914
E-mail: jhorne@plymouth.ac.uk
PGP key available from public key servers

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal