Preventing DNS lookup prior to sending 220 banner in exim4 on etch

From: chris+lists@xxxxxxxxxxxxxxx
Date: Tue, 17 Jun 2008 17:34:02 +0200

I have exim4 (exim4-daemon-heavy) running on etch.

This machine has only a few users who send directly. One of them has
an ISP who seems to have a broken DNS setup.

The symptom I see is that when this user connects to the server (port 25
or 587) there is a large delay before the 220 banner is shown e.g.:

220 bryanek.chrissearle.org ESMTP Exim 4.63 Tue, 17 Jun 2008 17:25:02
+0200

This can be a delay of between 20 to 60 secs and is at times enough for
the sending client to time out before sending either HELO or EHLO.

I have narrowed this down to the fact that exim (as far as I can tell)
is doing first a reverse lookup from the IP the user is connecting from
followed by a forward lookup for the resulting hostname - and this
lookup fails - no server found. This is the delay that is then causing
the 220 banner not to show in a timely fashion.

I've tried setting exim4's

host_lookup_order=byaddr:bydns

(by default it is set to dns first) and adding the host to /etc/hosts -
but this didn't help.

What I would like best is for the ISP to fix it. If not - then I would
like preferably for a given IP range or if not possible then for all
users not to perform this lookup prior to sending the 220 header - but I
can't seem to get the correct exim4 config for skipping this check in
particular.

Is it possible to whitelist a range or turn off the check?

--
Chris Searle

--
To UNSUBSCRIBE, email to debian-user-REQUEST@xxxxxxxxxxxxxxxx
with a subject of "unsubscribe". Trouble? Contact listmaster@xxxxxxxxxxxxxxxx

Follow-Ups:
- Re: Preventing DNS lookup prior to sending 220 banner in exim4 on etch
  - From: Eduardo M KALINOWSKI

Prev by Date: Portage, RPM or DPKG: number of packaged software comparison
Next by Date: Re: Problem switching to static IP address
Previous by thread: Portage, RPM or DPKG: number of packaged software comparison
Next by thread: Re: Preventing DNS lookup prior to sending 220 banner in exim4 on etch
Index(es):
- Date
- Thread

Relevant Pages

Re: DNS lookup delays
... >> are caused by sendmail's hostname lookup when starting up and for each ... As I also get a ten second delay ... You could also try connecting to your mail server using telnet (al la ...
(linux.redhat.install)
DNS lookup delays
... The fetchmail FAQ says long delays near the start of each poll cycle ... are caused by sendmail's hostname lookup when starting up and for each ... As I also get a ten second delay ... Though why this happens for sendmail and links, ...
(linux.redhat.install)
Re: Disappearing DNS PTR entry
... It needs to be in your public DNS records and is usually created by the ISP who supplies your IP addresses, but could also be done whereever you site is hosted. ... I have a PTR record that disappears from the RDNS lookup. ...
(microsoft.public.windows.server.sbs)
Re: Fifteen-second lookups
... a slow lookup usually meant the site I wanted was ... >> I use three browsers because no one browser handles all web pages well. ... >> the second browser with no lookup delay. ... but highly unlikely for an ISP to make their customers hate ...
(comp.sys.mac.system)
Re: Excessive reverse lookups.
... however we do indeed have the problem our ISP says ... >>excessive amount of reverse lookups and hammering their dns servers. ... > one lookup for each message received. ... >>all the bounced spam messages sitting in our queues undeliverable. ...
(microsoft.public.exchange2000.admin)