We help IT Professionals succeed at work.

Check out our new AWS podcast with Certified Expert, Phil Phillips! Listen to "How to Execute a Seamless AWS Migration" on EE or on your favorite podcast platform. Listen Now

x

Bogus helo hallmark.com?

pixelchef
pixelchef asked
on
Medium Priority
755 Views
Last Modified: 2013-11-30
We are unable to send email to domains hosted by GoDaddy. The bounce notice we receive is below.

Following this thread, the FQDN is now "mail.lamarcalandry.com" https://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/2003_Server/Q_23613515.html

Following this thread, I believe our PTR record is correct. Mail.lamarcalandry.com (64.199.233.178) is our mail server. https://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/Q_24473082.html

Another user had the same bounce message trying to send to another domain. What else could be the problem?
Your message did not reach some or all of the intended recipients.
 
      Subject:	RE: xxx
      Sent:	7/8/2009 7:25 AM
 
The following recipient(s) cannot be reached:
 
      xxx@ip-assure.com on 7/8/2009 7:25 AM
            There was a SMTP communication problem with the recipient's email server.  Please contact your system administrator.
            <lamarcalandry.com #5.5.0 smtp;553 Bogus helo hallmark.com. <http://unblock.secureserver.net/?ip=64.199.233.178>>

Open in new window

Comment
Watch Question

Expert of the Quarter 2009
Expert of the Year 2009
Commented:
Unlock this solution and get a sample of our free trial.
(No credit card required)
UNLOCK SOLUTION

Author

Commented:
When I googled this error, some people thought it was a suspicious webpage. Should I go ahead and fill out the form?
Expert of the Quarter 2009
Expert of the Year 2009

Commented:
SecureServer is GoDaddy's email system. If you nslookup the server then you will get the IP address, if you whois the IP address you will find it belongs to GoDaddy. The web page is coming off their NDR. I don't know why people think it is suspicious.

Simon.

Author

Commented:
I submitted the unblock request.

It seemed suspicious to me because going to secureserver.net gives a 404, GoDaddy's name does not appear on the site, it asks for my contact info (which is legitimate for this type of form, but could be equally bad for a spammer's form).

Commented:
Do not fill out this form, it is most likely run by spammers or a malicious person / system.   I have had the same issues with this before.  Contact godaddy about the issue, also sign your domain up with MxTool Box you will be able to see if your domain has been black listed and setup alerts as to your domains status, you will also be able to do lookups on MX Records.    http://www.mxtoolbox.com
Expert of the Quarter 2009
Expert of the Year 2009

Commented:
nck534 - you are wrong. The form is not run by spammers. It is hosted on GoDaddy's servers to facilitate the removal of an IP address from their internal blacklist. It is the address given out by the NDR from their own email servers.

Simon.

Author

Commented:
Too late... already submitted the form...

I already monitor our domain with mxtoolbox, and we have a clean bill of health there.

I guess time will tell what happens. :/

Commented:
Never go about unblocking your domain online if at all possible.  U should do this over the phone or with direct messaging or e-mail to the reputible hosts or providers technical staff.  Do not give out your networks information, that will make you a target.  This site could very well be from godaddy but it could also be something else.  ether way I would never just give my info to a site ever.
Expert of the Quarter 2009
Expert of the Year 2009

Commented:
Its very easy to verify if the site is genuine or not. Furthermore a lot of companies will not talk to you unless you are a customer - they will tell you to use the form because it is an automated process.

You don't need to add network information to be a target, most IP addresses are scanned regularly. Spammers maintain their own lists of hosts that have email servers.

I am more suspicious of open relay testing sites than these sorts of sites.

Simon.
Unlock the solution to this question.
Thanks for using Experts Exchange.

Please provide your email to receive a sample view!

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.