Preventing DNS lookup prior to sending 220 banner in exim4 on etch
I have exim4 (exim4-daemon-heavy) running on etch.
This machine has only a few users who send directly. One of them has
an ISP who seems to have a broken DNS setup.
The symptom I see is that when this user connects to the server (port 25
or 587) there is a large delay before the 220 banner is shown e.g.:
220 bryanek.chrissearle.org ESMTP Exim 4.63 Tue, 17 Jun 2008 17:25:02
+0200
This can be a delay of between 20 to 60 secs and is at times enough for
the sending client to time out before sending either HELO or EHLO.
I have narrowed this down to the fact that exim (as far as I can tell)
is doing first a reverse lookup from the IP the user is connecting from
followed by a forward lookup for the resulting hostname - and this
lookup fails - no server found. This is the delay that is then causing
the 220 banner not to show in a timely fashion.
I've tried setting exim4's
host_lookup_order=byaddr:bydns
(by default it is set to dns first) and adding the host to /etc/hosts -
but this didn't help.
What I would like best is for the ISP to fix it. If not - then I would
like preferably for a given IP range or if not possible then for all
users not to perform this lookup prior to sending the 220 header - but I
can't seem to get the correct exim4 config for skipping this check in
particular.
Is it possible to whitelist a range or turn off the check?
--
Chris Searle
Reply to: