|Subject:||Best practice for specifying a valid HELO and EHLO during email communication|
|Creation date:||12/14/15 4:35 PM|
|Last modified on:||8/13/18 4:23 PM|
Valid HELO/EHLO identifier
Xeams checks for a valid HELO/EHLO identifier when assigning a score to emails. An incorrect
value may result in an email marked incorrectly as spam.
Information for Email and Network Operators
Although email servers can (by RFC) accept connections that have a poorly formatted HELO or server identification string sent during email transmission dialog, many best practices documents insist that all identifiers are correctly used, and in the case of HELO (or EHLO) this applies as well. The principal is that the HELO should identify the sending server in such a way that it can be used to identify servers with problems, such as leaking spam or incorrectly formatted emails.
Xeams performs simple checks on the format of the HELO sent. It requires that the HELO (or EHLO) string that is sent is in the format of a fully qualified domain name (FQDN).
Additionally, Xeams also checks if you are sending this email from mta01.yourcompany.com.
The following entries are incorrect and will get rejected:
HELO 192.168.1.1 (just an IP)
HELO .com (starts with a period)
HELO @(&$ (characters not normally allowed in domain names)
Spammers will often be caught by this rule, when they take over a PC to act as a spam bot.
They just use the hostname as the PC has it configured, which is normally not set up as a FQDN.
Also, often administrators might install email server software without intent, that gets compromised
or activated, and often it will use just 'localhost'.
Xeams does not apply this rule if the message is being sent by an authenticated user, local user
or the IP address is open for relay or is white-listed.
Configuring your Xeams for outbound delivery
It is important you configure your Xeams correctly when sending outbound emails to other domains. A receiving
server could reject your email if it is not configured correctly. You also run into a risk of getting your
IP address blacklisted if your server is not configured correctly.
The following steps are required to setup Xeams for outbound delivery:
- PTR Record - Ensure your public IP address has a reverse host name. This is called a PTR record
in your DNS server. Let's consider synametrics.com as an example. The public IP address where synametrics
email server is running is
22.214.171.124. A PTR record has been added in the DNS server so this
IP address resolves to
mail.synametrics.com. An A lookup on this FQDN will return
the same IP address.
You will have to ask your ISP to add a PTR record, since they are the ones who
owns your IP address.
- SMTP HELO Domain - The host name you assigned to your PTR record must be entered in Xeams. Go to Server Configuration, select
the Advanced tab and enter this FQDN in the SMTP HELO Domain field
Add a comment to this document
Do you have a helpful tip related to this document that you'd like to share
with other users? Please add it below. Your name and tip will appear at the
end of the document text.