I'm assuming you're referring to events that are logged to the event log in Windows. The events don't reveal which application is actually attempting the reverse lookup, but it's possible that it is EventSentry.
There are a number of features in EventSentry that perform reverse lookups. Those reverse lookups usually only affect internal IPs, but if EventSentry is processing external traffic then it's possible that it may attempt to resolve external IPs as well. A prime example would be NetFlow and various compliance tracking components (logon tracking in particular).
I would just ignore / exclude those events, they don't usually indicate a problem and reverse lookups usually provide useful context to various data captured by EventSentry. But you can also disable this functionality, it's a checkbox in most of the Compliance Tracking features.
Email actions also have the option to perform a reverse lookup as well as a GeoIP lookup when you use the collector, that could also be the source of the event. This is turned off in the advanced properties of the email action. But again, I would recommend to leave this on.