FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Debian > Debian User

 
 
LinkBack Thread Tools
 
Old 06-17-2008, 03:34 PM
 
Default Preventing DNS lookup prior to sending 220 banner in exim4 on etch

I have exim4 (exim4-daemon-heavy) running on etch.

This machine has only a few users who send directly. One of them has
an ISP who seems to have a broken DNS setup.

The symptom I see is that when this user connects to the server (port 25
or 587) there is a large delay before the 220 banner is shown e.g.:

220 bryanek.chrissearle.org ESMTP Exim 4.63 Tue, 17 Jun 2008 17:25:02
+0200

This can be a delay of between 20 to 60 secs and is at times enough for
the sending client to time out before sending either HELO or EHLO.

I have narrowed this down to the fact that exim (as far as I can tell)
is doing first a reverse lookup from the IP the user is connecting from
followed by a forward lookup for the resulting hostname - and this
lookup fails - no server found. This is the delay that is then causing
the 220 banner not to show in a timely fashion.

I've tried setting exim4's

host_lookup_order=byaddr:bydns

(by default it is set to dns first) and adding the host to /etc/hosts -
but this didn't help.

What I would like best is for the ISP to fix it. If not - then I would
like preferably for a given IP range or if not possible then for all
users not to perform this lookup prior to sending the 220 header - but I
can't seem to get the correct exim4 config for skipping this check in
particular.

Is it possible to whitelist a range or turn off the check?


--
Chris Searle


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 06-17-2008, 06:32 PM
 
Default Preventing DNS lookup prior to sending 220 banner in exim4 on etch

On Tue, Jun 17, 2008 at 01:37:59PM -0300, Eduardo M KALINOWSKI wrote:
> On Tue, 17 Jun 2008 17:34:02 +0200, chris+lists@chrissearle.org
> (chris+lists@chrissearle.org) wrote:
> >I have exim4 (exim4-daemon-heavy) running on etch.
> >
> >This machine has only a few users who send directly. One of them has
> >an ISP who seems to have a broken DNS setup.
> >
> >The symptom I see is that when this user connects to the server (port 25
> >or 587) there is a large delay before the 220 banner is shown e.g.:
> >
> >[snip]
> >
> >Is it possible to whitelist a range or turn off the check?
>
> There is a debconf option that minimizes DNS lookups. It should solve
> this problem, but it might disable the lookups also in places where
> you might want them.

OK - just tried that. Seems to set the host_lookup to empty instead of *
and yes - the 220 banner is now instant.

I wonder if there is a way to say that host_lookup is everything except
a range though? It would be great to be able to say all hosts except the
IPs in this ISP's dial up ranges.

Anyhow - I'm going to leave it running for a couple of weeks (am off net
for two weeks soon) and will see if it causes any issues.

Thanks for your pointer
--
Chris Searle


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 

Thread Tools




All times are GMT. The time now is 10:07 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org