unexpected DNS look ups being logged

[Tim]

Tim wrote:
>> I know that.  As I said, named.  What the logs don't show is what
>> application is involved with named.  But the process of elimination,
>> points the finger squarely at evolution (as I said).  Leading back to my
>>
>> Nov 12 18:14:07 mongrel named[1415]: FORMERR resolving 'education-russia.com/AAAA/IN': 68.105.15.143#53

Andy Green:
> Maybe it's an idea to bust out tcpdump
> 
> tcpdump -s0 -X port 53
> 
> and see what is happening when it attempts the lookup.

Looks like I'm going to have to do that.

> Perhaps these guys are sending HTML mails with IMG tags or IFRAMEs with
> URLs involving education-russia, hence the attempt to resolve?

Shouldn't make any difference, I'm not loading images in mail from the
WWW.  Evolution shouldn't being doing any such lookups.

> Or IIRC evolution uses spamd/spamassassin?  It may well be doing
> 'research' on its own to assess the spamfulness of the email.

While it "can" I don't allow the option.  Spamassassin didn't get
allowed to do its tricks anything more than a few days after initial
tests, it makes Evolution even slower than it usually is (quite awful,
to begin with).

By the way:  This message is finally being replied to, now, because my
mail host (an external service, which makes poor use of spamassassin)
thought it was spam, thanks to the URI mentioned in the log entry, and I
haven't seen the message until today.

-- 
Don't send private replies to my address, the mailbox is ignored.
I read messages from the public lists.