asked on

Bogus helo hallmark.com?

We are unable to send email to domains hosted by GoDaddy. The bounce notice we receive is below.

Following this thread, the FQDN is now "mail.lamarcalandry.com" https://www.experts-exchange.com/questions/23613515/Emails-are-being-blocked-based-on-bogus-HELO-name-used-by-the-sending-server.html

Following this thread, I believe our PTR record is correct. Mail.lamarcalandry.com (64.199.233.178) is our mail server. https://www.experts-exchange.com/questions/24473082/Mail-being-rejected.html

Another user had the same bounce message trying to send to another domain. What else could be the problem?

Your message did not reach some or all of the intended recipients.
 
      Subject:	RE: xxx
      Sent:	7/8/2009 7:25 AM
 
The following recipient(s) cannot be reached:
 
      xxx@ip-assure.com on 7/8/2009 7:25 AM
            There was a SMTP communication problem with the recipient's email server.  Please contact your system administrator.
            <lamarcalandry.com #5.5.0 smtp;553 Bogus helo hallmark.com. <http://unblock.secureserver.net/?ip=64.199.233.178>>

Open in new window

ASKER CERTIFIED SOLUTION

Mestha

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

pixelchef

ASKER

When I googled this error, some people thought it was a suspicious webpage. Should I go ahead and fill out the form?

Mestha

SecureServer is GoDaddy's email system. If you nslookup the server then you will get the IP address, if you whois the IP address you will find it belongs to GoDaddy. The web page is coming off their NDR. I don't know why people think it is suspicious.

Simon.

pixelchef

ASKER

I submitted the unblock request.

It seemed suspicious to me because going to secureserver.net gives a 404, GoDaddy's name does not appear on the site, it asks for my contact info (which is legitimate for this type of form, but could be equally bad for a spammer's form).

nck534

Do not fill out this form, it is most likely run by spammers or a malicious person / system. I have had the same issues with this before. Contact godaddy about the issue, also sign your domain up with MxTool Box you will be able to see if your domain has been black listed and setup alerts as to your domains status, you will also be able to do lookups on MX Records. http://www.mxtoolbox.com

Mestha

nck534 - you are wrong. The form is not run by spammers. It is hosted on GoDaddy's servers to facilitate the removal of an IP address from their internal blacklist. It is the address given out by the NDR from their own email servers.

Simon.

pixelchef

ASKER

Too late... already submitted the form...

I already monitor our domain with mxtoolbox, and we have a clean bill of health there.

I guess time will tell what happens. :/

nck534

Never go about unblocking your domain online if at all possible. U should do this over the phone or with direct messaging or e-mail to the reputible hosts or providers technical staff. Do not give out your networks information, that will make you a target. This site could very well be from godaddy but it could also be something else. ether way I would never just give my info to a site ever.

Mestha

Its very easy to verify if the site is genuine or not. Furthermore a lot of companies will not talk to you unless you are a customer - they will tell you to use the form because it is an automated process.

You don't need to add network information to be a target, most IP addresses are scanned regularly. Spammers maintain their own lists of hosts that have email servers.

I am more suspicious of open relay testing sites than these sorts of sites.

Simon.