OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
Re: why does postfix say helo=<127.0.0.1>? [GUILTY IS FOUND]

From: AlxFrag (alxfraggmail.com)
Date: Fri Dec 21 2007 - 02:10:14 CST

Matthias Haegele wrote:
> mouss schrieb:
>> AlxFrag wrote:
>>> I'm using Thunderbird on Windows XP machine, i'm also using a static IP
>>> address. I've used the default installation for thunderbind and i've
>>> never told it to use the loopback interface.
>>
>> Someone probably told it to do so indirectly!
>>
>>> I know i might a bit off-topic posting to this list but, if anyone
>>> knows how i can force my client to use the proper IP address i'd be
>>> grateful.
>>
>> The recommendations in the DEBUG README are not here to annoy people.
>> These recommendations are here to help you troubleshoot problems, and
>> if you can't find the answer, to make it easy to get help. While the
>> details are postfix specific, the spirit is general.
>>
>> you started this thread by claiming that "postfix tries...", and it
>> appears that it's not postfix (you also said "helo=<127.0.0.1>" which
>> would be an invalid helo. not seen in your logs).
>>
>> This should have served you as a lesson. Instead, you just find a new
>> guilty one. now, it's thunderbird.
>>
>> To prove that it is Thunderbird, you'll need to disable all your
>> firewalls and all your anti-viurs products, and try again. This would
>> be a good start...
>
> Fine. It seems i am not the only one who is confused by the replys
> I will bet my christmas Bonus its not TB. ;-)
>
> From my logs trying to send a testmail (if i guessed the domain right
> which i still dont know ...):
>
>> Dec 20 09:50:20 hermes postfix/smtp[5016]: E14227640B4:
>> to=<postmastersoc.uoc.gr>, relay=none, delay=0.33,
>> delays=0.06/0.04/0.23/0, dsn=5.4.4, status=bounced (Host or domain
>> name not found. Name service error for name=soc.uoc.gr type=A: Host
>> found but no data record of requested type)
>
>
Guilty is found! I turned off Kaspersky antivirus and the helo name is
now the IP address of the client.