Nonsense DNS lookups for own hostname

To: debian-user@lists.debian.org
Subject: Nonsense DNS lookups for own hostname
From: Sebastian Reichelt <SebastianR@gmx.de>
Date: Fri, 26 Sep 2003 21:33:39 +0200
Message-id: <[🔎] 20030926213339.6e2a2a7e.SebastianR@gmx.de>

Hello!

Recently I discovered something weird on my system: Seemingly every
minute, it does DNS lookups for its own host names, which of course fail
because I'm not in my ISP's DNS (and don't even have a dynamic IP, plus
I'm on a local network with a firewall). Here is an extract from
tcpdump:
<<<
21:07:46.590705 arp who-has SebastianL2 tell 192.168.0.1
21:07:46.590740 arp reply SebastianL2 is-at 0:0:cb:6:1:27
21:07:46.591361 SebastianL2.32805 > dns03.btx.dtag.de.domain:  35559+
PTR? 1.0.168.192.in-addr.arpa. (42) (DF)
21:07:46.660347 dns03.btx.dtag.de.domain > SebastianL2.32805:  35559
NXDomain 0/1/0(119) (DF)
21:08:01.461009 SebastianL2.32805 > dns03.btx.dtag.de.domain: 36563+
AAAA? SebastianL2. (29) (DF)
21:08:01.531739 dns03.btx.dtag.de.domain > SebastianL2.32805:  36563
NXDomain 0/1/0(104) (DF)
>>>

I don't know much about tcpdump; all I can tell is that something weird
is going on. I have a feeling it might be exim because it is run in a
cron job that somehow executes every minute, so that would obviously be
my next question: If it's exim, what could be the reason there? I've
attached exim.conf; I only replaced my smarthost user and password with
something generic.

Here is my /etc/hosts file, in case something is wrong with it:
<<<
127.0.0.1       localhost SebastianL2
192.168.0.5     SebastianL2
192.168.2.2     SebastianL2

# The following lines are desirable for IPv6 capable hosts
# (added automatically by netbase upgrade)

::1     ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
ff02::3 ip6-allhosts
>>>

There's also some other issue I noticed with exim, but I don't want to
start a new mail because it's really minor and I already attached my
exim.conf in this mail. The "Sender" field of all my emails seems to be
terminated by three commas. You should be able to see it in this mail,
unless it gets removed on the way. If you know why, please tell me. I'm
using Sylpheed to send mail directly through exim.

I'm using Debian unstable.
Please CC me because I'm not subscribed to the list. If this is the
wrong list to ask this stuff, or if I should file a bug report against
exim or something else, please tell me. I may also easily be overlooking
something as I'm somewhat new to the Unix/Linux world. Thanks a lot in
advance!

-- 
Sebastian Reichelt

Attachment: exim.conf
Description: Binary data

Reply to:

Prev by Date: removing plptools-kde
Next by Date: [OT - in the media] report on being too dependent on Microsoft
Previous by thread: removing plptools-kde
Next by thread: Nonsense DNS lookups for own hostname
Index(es):
- Date
- Thread