Exchange 2007 HELO configuration

Hi there

My mail server has just been blacklisted on CBL and I was needing some help with HELO configs.

Basically when using there test email I am told my HELO is incorrectly configured.

This is because I am using our ISP's SMTP server to relay so the helo string is
550 HELO for IP 212.74.**.66 was ""

However when I use DNS to route its fine.

550 HELO for IP 80.169.***.15* was "sc-ex1.mydomain.local">

I would prefer to use their SMTP server as sometimes DNS mail is delayed to certain domains like and

I am wondiering if there is away of telling the HELO packet to keep its original form, not take on the ISP's SMTP server, I maye need to contaxct the ISP I know but figured I'd bounce this off some experts.


Who is Participating?
Rajith EnchiparambilConnect With a Mentor Office 365 & Exchange ArchitectCommented:
It is always best to use Exchange to send and receive emails direct.

If you have issues with one or two domains like aol, set a different connector just for that domain and route the emails through your isp's smtp server.
Rajith EnchiparambilOffice 365 & Exchange ArchitectCommented:
550 HELO for IP 80.169.***.15* was "sc-ex1.mydomain.local">

Its always best to put a public address (your owa url) rather than your internal domain details. In EMC -> Org Hub Transport -> Send connectors -> Properties -> Change it to
ArmstrongIntAuthor Commented:
ok great, so have one connector set to * and the other one for aol & ?

Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

Rajith EnchiparambilOffice 365 & Exchange ArchitectCommented:
Yes. Make sure that both the connector has a cost of 1. Otherwise, it will always use the * connector.
Chris DentConnect With a Mentor PowerShell DeveloperCommented:

To send to AOL, etc, you will need to have a Reverse Lookup record configured. They won't like you if you don't.

If you're using the example above that means that:

1. should have a Public Host (A) record. i.e. "nslookup" should reply with the public IP Address.
2. The Public IP Address should have a Reverse Lookup (PTR) record pointing the IP back to the name

No point in changing the name used in HELO / EHLO unless you also change the PTR. Your PTR record will normally be set by your ISP unless you've taken steps to look after it yourself (very rare).

You need to be aware that some of the testing sites give inaccurate results for an Exchange 2007 server.
Exchange 2007 gives different helo/ehlo/banner for inbound and outbound traffic. For inbound traffic it will always announce itself as the internal server name - that is the only option available. Consequently the tests for email flow will say that is a failure because they just connect to port 25 and see what it says.
However for outbound email, the FQDN set on the Send Connector is used, which can be different.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.