unexpected DNS look ups being logged
Andy Green
andy at warmcat.com
Tue Nov 15 11:12:18 UTC 2005
Tim wrote:
> I know that. As I said, named. What the logs don't show is what
> application is involved with named. But the process of elimination,
> points the finger squarely at evolution (as I said). Leading back to my
> Nov 12 18:14:07 mongrel named[1415]: FORMERR resolving 'education-russia.com/AAAA/IN': 68.105.15.143#53
Maybe it's an idea to bust out tcpdump
tcpdump -s0 -X port 53
and see what is happening when it attempts the lookup.
Perhaps these guys are sending HTML mails with IMG tags or IFRAMEs with
URLs involving education-russia, hence the attempt to resolve?
Or IIRC evolution uses spamd/spamassassin? It may well be doing
'research' on its own to assess the spamfulness of the email.
-Andy
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 4492 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20051115/5f5447a3/attachment-0001.bin>
More information about the fedora-list
mailing list