Learn how to a build a cloud-first strategyRegister Now


Exchange 2007 HELO configuration

Posted on 2009-05-01
Medium Priority
Last Modified: 2013-11-30
Hi there

My mail server has just been blacklisted on CBL and I was needing some help with HELO configs.

Basically when using there test email helocheck@cbl.abuseat.org I am told my HELO is incorrectly configured.

This is because I am using our ISP's SMTP server to relay so the helo string is
550 HELO for IP 212.74.**.66 was "mc26.lon.server.colt.net"

However when I use DNS to route its fine.

550 HELO for IP 80.169.***.15* was "sc-ex1.mydomain.local">

I would prefer to use their SMTP server as sometimes DNS mail is delayed to certain domains like yahoo.com and aol.com.

I am wondiering if there is away of telling the HELO packet to keep its original form, not take on the ISP's SMTP server, I maye need to contaxct the ISP I know but figured I'd bounce this off some experts.


Question by:ArmstrongInt
LVL 24

Accepted Solution

Rajith Enchiparambil earned 1200 total points
ID: 24277974
It is always best to use Exchange to send and receive emails direct.

If you have issues with one or two domains like aol, set a different connector just for that domain and route the emails through your isp's smtp server.
LVL 24

Expert Comment

by:Rajith Enchiparambil
ID: 24277985
550 HELO for IP 80.169.***.15* was "sc-ex1.mydomain.local">

Its always best to put a public address (your owa url) rather than your internal domain details. In EMC -> Org Hub Transport -> Send connectors -> Properties -> Change it to mail.yourdomain.com

Author Comment

ID: 24278362
ok great, so have one connector set to * and the other one for aol & yahoo.com ?

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

LVL 24

Expert Comment

by:Rajith Enchiparambil
ID: 24278434
Yes. Make sure that both the connector has a cost of 1. Otherwise, it will always use the * connector.
LVL 71

Assisted Solution

by:Chris Dent
Chris Dent earned 800 total points
ID: 24278714

To send to AOL, etc, you will need to have a Reverse Lookup record configured. They won't like you if you don't.

If you're using the example above that means that:

1. mail.yourdomain.com should have a Public Host (A) record. i.e. "nslookup mail.yourdomain.com" should reply with the public IP Address.
2. The Public IP Address should have a Reverse Lookup (PTR) record pointing the IP back to the name mail.yourdomain.com

No point in changing the name used in HELO / EHLO unless you also change the PTR. Your PTR record will normally be set by your ISP unless you've taken steps to look after it yourself (very rare).

LVL 65

Expert Comment

ID: 24280774
You need to be aware that some of the testing sites give inaccurate results for an Exchange 2007 server.
Exchange 2007 gives different helo/ehlo/banner for inbound and outbound traffic. For inbound traffic it will always announce itself as the internal server name - that is the only option available. Consequently the tests for email flow will say that is a failure because they just connect to port 25 and see what it says.
However for outbound email, the FQDN set on the Send Connector is used, which can be different.


Featured Post

Get your Disaster Recovery as a Service basics

Disaster Recovery as a Service is one go-to solution that revolutionizes DR planning. Implementing DRaaS could be an efficient process, easily accessible to non-DR experts. Learn about monitoring, testing, executing failovers and failbacks to ensure a "healthy" DR environment.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If something goes wrong with Exchange, your IT resources are in trouble.All Exchange server migration processes are not designed to be identical and though migrating email from on-premises Exchange mailbox to Cloud’s Office 365 is relatively simple…
Exchange administrators are always vigilant about Exchange crashes and disasters that are possible any time. It is quite essential to identify the symptoms of a possible Exchange issue and be prepared with a proper recovery plan. There are multiple…
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses
Course of the Month20 days, 15 hours left to enroll

864 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question