[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Preventing DNS lookup prior to sending 220 banner in exim4 on etch

I have exim4 (exim4-daemon-heavy) running on etch.

This machine has only a few users who send directly. One of them has
an ISP who seems to have a broken DNS setup.

The symptom I see is that when this user connects to the server (port 25
or 587) there is a large delay before the 220 banner is shown e.g.:

220 bryanek.chrissearle.org ESMTP Exim 4.63 Tue, 17 Jun 2008 17:25:02

This can be a delay of between 20 to 60 secs and is at times enough for
the sending client to time out before sending either HELO or EHLO.

I have narrowed this down to the fact that exim (as far as I can tell)
is doing first a reverse lookup from the IP the user is connecting from
followed by a forward lookup for the resulting hostname - and this
lookup fails - no server found. This is the delay that is then causing
the 220 banner not to show in a timely fashion.

I've tried setting exim4's 


(by default it is set to dns first) and adding the host to /etc/hosts -
but this didn't help.

What I would like best is for the ISP to fix it. If not - then I would
like preferably for a given IP range or if not possible then for all
users not to perform this lookup prior to sending the 220 header - but I
can't seem to get the correct exim4 config for skipping this check in

Is it possible to whitelist a range or turn off the check?

Chris Searle

Reply to: