Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. Qmail>
  3. users
Problems receiving mail in qmail ( 553 sorry, your HELO host name has been denied (#5.7.1) )
eduardo at pmaint
Jan 31, 2013, 12:04 PM
Post #1 of 20 (14273 views)
Permalink
Hi,

I can send email to client-x, but the client-x can't send us email.
The client-x receive an email error with the following message:

"553 sorry, your HELO host name has been denied (#5.7.1)"

My mail server is qmail (1.03 version) on Red Hat Enterprise Linux
Server release 5.

The client-x have Microsoft Exchange and Sophos Email Appliance
(http://sea.sophos.com/docs/esa/sea_docs/en/ The Email Appliance is an
appliance for filtering email.)

In my server, there are not any Sophos products. I currently use
Spamassassin, and clamAV as anti-virus.
I cannot directly verify Sophos' logs, since they are in the client's
server.

The /var/qmail/control/badhelo file on my server doesn't have
extdomain.com. For me, extdomain.com is not a badhelo.

The output of 'tcprulescheck' command is:

[root@srv]# tcprulescheck tcp.qmail-smtp.cdb
rule :
set environment variable QMAILQUEUE=/var/qmail/bin/qmail-scanner-queue.pl
allow connection
[root@srv]#

Seven months ago I installed qmail-103.patch from
http://www.ckdhr.com/ckd/qmail-103.patch
# patch -p1 < qmail-103.patch
# make setup check

I don't know if I need to install another patch for qmail or to do
another thing to resolve this problem.

I did the following test from my server :

[root@srv]# telnet mail.mydomain.com 25
Trying 1.2.3.4...
Connected to mail.mydomain.com.
Escape character is '^]'.
220 mail.mydomain.com ESMTP
EHLO extdomain.com
250-mail.mydomain.com
250-STARTTLS
250-PIPELINING
250-8BITMIME
250-SIZE 22777216
250 AUTH LOGIN PLAIN CRAM-MD5
MAIL FROM:userx@extdomain.com
250 ok
RCPT TO:usery@mydomain.com NOTIFY=success,failure
553 sorry, your HELO host name has been denied (#5.7.1)

I can send emails to everybody (client-x too). I can receive a lot of
emails, but I can't receive emails from client-x.

Someone can give me an idea of ​​what I should do.

Thank so much.

Eduardo
Re: Problems receiving mail in qmail ( 553 sorry, your HELO host name has been denied (#5.7.1) ) [ In reply to ]
shepherdzw at gmail
Jan 31, 2013, 12:21 PM
Post #2 of 20 (14093 views)
Permalink
post the full headers of the bounce message

On Thu, Jan 31, 2013 at 10:04 PM, Eduardo Mena <eduardo@pmaint.com> wrote:

> Hi,
>
> I can send email to client-x, but the client-x can't send us email.
> The client-x receive an email error with the following message:
>
> "553 sorry, your HELO host name has been denied (#5.7.1)"
>
> My mail server is qmail (1.03 version) on Red Hat Enterprise Linux Server
> release 5.
>
> The client-x have Microsoft Exchange and Sophos Email Appliance
> (http://sea.sophos.com/docs/**esa/sea_docs/en/<http://sea.sophos.com/docs/esa/sea_docs/en/>The Email Appliance is an appliance for filtering email.)
>
> In my server, there are not any Sophos products. I currently use
> Spamassassin, and clamAV as anti-virus.
> I cannot directly verify Sophos' logs, since they are in the client's
> server.
>
> The /var/qmail/control/badhelo file on my server doesn't have
> extdomain.com. For me, extdomain.com is not a badhelo.
>
> The output of 'tcprulescheck' command is:
>
> [root@srv]# tcprulescheck tcp.qmail-smtp.cdb
> rule :
> set environment variable QMAILQUEUE=/var/qmail/bin/qmai**
> l-scanner-queue.pl <http://qmail-scanner-queue.pl>
> allow connection
> [root@srv]#
>
> Seven months ago I installed qmail-103.patch from
> http://www.ckdhr.com/ckd/**qmail-103.patch<http://www.ckdhr.com/ckd/qmail-103.patch>
> # patch -p1 < qmail-103.patch
> # make setup check
>
> I don't know if I need to install another patch for qmail or to do another
> thing to resolve this problem.
>
> I did the following test from my server :
>
> [root@srv]# telnet mail.mydomain.com 25
> Trying 1.2.3.4...
> Connected to mail.mydomain.com.
> Escape character is '^]'.
> 220 mail.mydomain.com ESMTP
> EHLO extdomain.com
> 250-mail.mydomain.com
> 250-STARTTLS
> 250-PIPELINING
> 250-8BITMIME
> 250-SIZE 22777216
> 250 AUTH LOGIN PLAIN CRAM-MD5
> MAIL FROM:userx@extdomain.com
> 250 ok
> RCPT TO:usery@mydomain.com NOTIFY=success,failure
> 553 sorry, your HELO host name has been denied (#5.7.1)
>
> I can send emails to everybody (client-x too). I can receive a lot of
> emails, but I can't receive emails from client-x.
>
> Someone can give me an idea of what I should do.
>
> Thank so much.
>
> Eduardo
>



--
Shepherd Nhongo

Do not Queue mail with SENDMAIL, send mail with QMAIL

Mobile +263 772 688 072
Re: Problems receiving mail in qmail ( 553 sorry, your HELO host name has been denied (#5.7.1) ) [ In reply to ]
amb-sendok-1362284356.gakmipdpagfkpbnplobj at bradfo
Jan 31, 2013, 8:19 PM
Post #3 of 20 (14069 views)
Permalink
Thus said Eduardo Mena on Thu, 31 Jan 2013 15:04:40 -0500:

> The /var/qmail/control/badhelo file on my server doesn't have
> extdomain.com. For me, extdomain.com is not a badhelo.

How do you know that extdomain.com is what their MTA client said during
EHLO?

Andy
Re: Problems receiving mail in qmail ( 553 sorry, your HELO host name has been denied (#5.7.1) ) [ In reply to ]
eduardo at pmaint
Feb 1, 2013, 5:58 AM
Post #4 of 20 (14066 views)
Permalink
Hi Andy,

The real domain is nyct.com and I have not put this domain in the
'badhelo' file, then I do not understand whywhen the client nyct.com
send us emails (to pmaint.com), hereceive as response the mesage " 553
sorry, your HELO host name has been denied ".

Thank you.

Eduardo


On 01/31/2013 11:19 PM, Andy Bradford wrote:
> Thus said Eduardo Mena on Thu, 31 Jan 2013 15:04:40 -0500:
>
>> The /var/qmail/control/badhelo file on my server doesn't have
>> extdomain.com. For me, extdomain.com is not a badhelo.
> How do you know that extdomain.com is what their MTA client said during
> EHLO?
>
> Andy
>
>
>
Re: Problems receiving mail in qmail ( 553 sorry, your HELO host name has been denied (#5.7.1) ) [ In reply to ]
eduardo at pmaint
Feb 1, 2013, 8:06 AM
Post #5 of 20 (14072 views)
Permalink
Hi,

The log from /var/log/qmail/qmail-smtpd is the following:

@400000005108ffe800653c04 tcpserver: ok 13133
boom.pmaint.com:192.168.20.248:25 mail1.nyct.com:170.28.128.9::53330
@400000005108ffe81b39cb94 qmail-smtpd: badhelo: <nyctlmgw.NYCT.COM> at
170.28.128.9
@400000005108ffe81c5d3cf4 tcpserver: end 13133 status 0
@400000005108ffe81c5d40dc tcpserver: status: 0/40
@400000005109001a00ce90dc tcpserver: status: 1/40

Thank you.

Eduardo

On 02/01/2013 08:58 AM, Eduardo Mena wrote:
> Hi Andy,
>
> The real domain is nyct.com and I have not put this domain in the
> 'badhelo' file, then I do not understand whywhen the client nyct.com
> send us emails (to pmaint.com), hereceive as response the mesage " 553
> sorry, your HELO host name has been denied ".
>
> Thank you.
>
> Eduardo
>
>
> On 01/31/2013 11:19 PM, Andy Bradford wrote:
>> Thus said Eduardo Mena on Thu, 31 Jan 2013 15:04:40 -0500:
>>
>>> The /var/qmail/control/badhelo file on my server doesn't have
>>> extdomain.com. For me, extdomain.com is not a badhelo.
>> How do you know that extdomain.com is what their MTA client said during
>> EHLO?
>>
>> Andy
>>
>>
>>
RE: Problems receiving mail in qmail ( 553 sorry, your HELO host name has been denied (#5.7.1) ) [ In reply to ]
jasons at adventureaquarium
Feb 1, 2013, 8:35 AM
Post #6 of 20 (14067 views)
Permalink
look like the helo name doesn't match the dns name. When I was running
my own qmail servers I saw this from time-to-time from doing RDNS
lookups. Are you running any RDNS filters?

Jason
-----Original Message-----
From: Eduardo Mena [mailto:eduardo@pmaint.com]
Sent: Friday, February 01, 2013 11:06 AM
To: Andy Bradford
Cc: qmail@list.cr.yp.to; Shepherd Nhongo
Subject: Re: Problems receiving mail in qmail ( 553 sorry, your HELO
host name has been denied (#5.7.1) )


Hi,

The log from /var/log/qmail/qmail-smtpd is the following:

@400000005108ffe800653c04 tcpserver: ok 13133
boom.pmaint.com:192.168.20.248:25 mail1.nyct.com:170.28.128.9::53330
@400000005108ffe81b39cb94 qmail-smtpd: badhelo: <nyctlmgw.NYCT.COM> at
170.28.128.9
@400000005108ffe81c5d3cf4 tcpserver: end 13133 status 0
@400000005108ffe81c5d40dc tcpserver: status: 0/40
@400000005109001a00ce90dc tcpserver: status: 1/40

Thank you.

Eduardo

On 02/01/2013 08:58 AM, Eduardo Mena wrote:
Hi Andy,


The real domain is nyct.com and I have not put this domain in the
'badhelo' file, then I do not understand why when the client nyct.com
send us emails (to pmaint.com), he receive as response the mesage " 553
sorry, your HELO host name has been denied ".

Thank you.


Eduardo


On 01/31/2013 11:19 PM, Andy Bradford wrote:
Thus said Eduardo Mena on Thu, 31 Jan 2013 15:04:40 -0500:


The /var/qmail/control/badhelo file on my server doesn't have
extdomain.com. For me, extdomain.com is not a badhelo.

How do you know that extdomain.com is what their MTA client said during
EHLO?

Andy







Click here to report this email as spam.


This message has been scanned for malware by Websense. www.websense.com
Re: Problems receiving mail in qmail ( 553 sorry, your HELO host name has been denied (#5.7.1) ) [ In reply to ]
eduardo at pmaint
Feb 1, 2013, 9:04 AM
Post #7 of 20 (14058 views)
Permalink
Hi,

I'm using rhost-check for bad reverse DNS.

In /var/qmail/supervise/qmail-smtpd/run file, I have:

SERVICE=smtp
. /var/qmail/bin/qmail-config-system && \
exec /usr/bin/softlimit ${SOFTLIMIT_OPTS} \
${QMAIL_TCPSERVER_PRE} \
/usr/bin/tcpserver ${TCPSERVER_OPTS} -x ${TCPSERVER_RULESCDB} \
-c ${MAXCONN} -u ${QMAILDUID} -g ${NOFILESGID} \
${TCPSERVER_HOST} ${TCPSERVER_PORT} \
rhost-check ${QMAIL_SMTP_PRE} \
-r sbl-xbl.spamhaus.org \
/var/qmail/bin/qmail-${SERVICE}d ${QMAIL_SMTP_POST} \
2>&1

Regards,

Eduardo

On 02/01/2013 11:35 AM, Jason Staudenmayer wrote:
> look like the helo name doesn't match the dns name. When I was running
> my own qmail servers I saw this from time-to-time from doing RDNS
> lookups. Are you running any RDNS filters?
>
> Jason
> -----Original Message-----
> From: Eduardo Mena [mailto:eduardo@pmaint.com]
> Sent: Friday, February 01, 2013 11:06 AM
> To: Andy Bradford
> Cc: qmail@list.cr.yp.to; Shepherd Nhongo
> Subject: Re: Problems receiving mail in qmail ( 553 sorry, your HELO
> host name has been denied (#5.7.1) )
>
>
> Hi,
>
> The log from /var/log/qmail/qmail-smtpd is the following:
>
> @400000005108ffe800653c04 tcpserver: ok 13133
> boom.pmaint.com:192.168.20.248:25 mail1.nyct.com:170.28.128.9::53330
> @400000005108ffe81b39cb94 qmail-smtpd: badhelo:<nyctlmgw.NYCT.COM> at
> 170.28.128.9
> @400000005108ffe81c5d3cf4 tcpserver: end 13133 status 0
> @400000005108ffe81c5d40dc tcpserver: status: 0/40
> @400000005109001a00ce90dc tcpserver: status: 1/40
>
> Thank you.
>
> Eduardo
>
> On 02/01/2013 08:58 AM, Eduardo Mena wrote:
> Hi Andy,
>
>
> The real domain is nyct.com and I have not put this domain in the
> 'badhelo' file, then I do not understand why when the client nyct.com
> send us emails (to pmaint.com), he receive as response the mesage " 553
> sorry, your HELO host name has been denied ".
>
> Thank you.
>
>
> Eduardo
>
>
> On 01/31/2013 11:19 PM, Andy Bradford wrote:
> Thus said Eduardo Mena on Thu, 31 Jan 2013 15:04:40 -0500:
>
>
> The /var/qmail/control/badhelo file on my server doesn't have
> extdomain.com. For me, extdomain.com is not a badhelo.
>
> How do you know that extdomain.com is what their MTA client said during
> EHLO?
>
> Andy
>
>
>
>
>
>
>
> Click here to report this email as spam.
>
>
> This message has been scanned for malware by Websense. www.websense.com
>
>
RE: Problems receiving mail in qmail ( 553 sorry, your HELO host name has been denied (#5.7.1) ) [ In reply to ]
jasons at adventureaquarium
Feb 1, 2013, 9:11 AM
Post #8 of 20 (14073 views)
Permalink
That could be it try to whitelist that domain in your tcp.smtp relay
list. Something like this should do it

170.28.128.9:allow,TCPREMOTEHOST="",NOBADHELO="",RBLSMTPD=""

Then save tcp.smtp and update the db

> -----Original Message-----
> From: Eduardo Mena [mailto:eduardo@pmaint.com]
> Sent: Friday, February 01, 2013 12:05 PM
> To: Jason Staudenmayer
> Cc: Andy Bradford; qmail@list.cr.yp.to; Shepherd Nhongo
> Subject: Re: Problems receiving mail in qmail ( 553 sorry,
> your HELO host name has been denied (#5.7.1) )
>
>
> Hi,
>
> I'm using rhost-check for bad reverse DNS.
>
> In /var/qmail/supervise/qmail-smtpd/run file, I have:
>
> SERVICE=smtp
> . /var/qmail/bin/qmail-config-system && \
> exec /usr/bin/softlimit ${SOFTLIMIT_OPTS} \
> ${QMAIL_TCPSERVER_PRE} \
> /usr/bin/tcpserver ${TCPSERVER_OPTS} -x ${TCPSERVER_RULESCDB} \
> -c ${MAXCONN} -u ${QMAILDUID} -g ${NOFILESGID} \
> ${TCPSERVER_HOST} ${TCPSERVER_PORT} \
> rhost-check ${QMAIL_SMTP_PRE} \
> -r sbl-xbl.spamhaus.org \
> /var/qmail/bin/qmail-${SERVICE}d ${QMAIL_SMTP_POST} \
> 2>&1
>
> Regards,
>
> Eduardo
>
> On 02/01/2013 11:35 AM, Jason Staudenmayer wrote:
> > look like the helo name doesn't match the dns name. When I
> was running
> > my own qmail servers I saw this from time-to-time from doing RDNS
> > lookups. Are you running any RDNS filters?
> >
> > Jason
> > -----Original Message-----
> > From: Eduardo Mena [mailto:eduardo@pmaint.com]
> > Sent: Friday, February 01, 2013 11:06 AM
> > To: Andy Bradford
> > Cc: qmail@list.cr.yp.to; Shepherd Nhongo
> > Subject: Re: Problems receiving mail in qmail ( 553 sorry, your HELO
> > host name has been denied (#5.7.1) )
> >
> >
> > Hi,
> >
> > The log from /var/log/qmail/qmail-smtpd is the following:
> >
> > @400000005108ffe800653c04 tcpserver: ok 13133
> > boom.pmaint.com:192.168.20.248:25 mail1.nyct.com:170.28.128.9::53330
> > @400000005108ffe81b39cb94 qmail-smtpd:
> badhelo:<nyctlmgw.NYCT.COM> at
> > 170.28.128.9
> > @400000005108ffe81c5d3cf4 tcpserver: end 13133 status 0
> > @400000005108ffe81c5d40dc tcpserver: status: 0/40
> > @400000005109001a00ce90dc tcpserver: status: 1/40
> >
> > Thank you.
> >
> > Eduardo
> >
> > On 02/01/2013 08:58 AM, Eduardo Mena wrote:
> > Hi Andy,
> >
> >
> > The real domain is nyct.com and I have not put this domain in the
> > 'badhelo' file, then I do not understand why when the
> client nyct.com
> > send us emails (to pmaint.com), he receive as response the
> mesage " 553
> > sorry, your HELO host name has been denied ".
> >
> > Thank you.
> >
> >
> > Eduardo
> >
> >
> > On 01/31/2013 11:19 PM, Andy Bradford wrote:
> > Thus said Eduardo Mena on Thu, 31 Jan 2013 15:04:40 -0500:
> >
> >
> > The /var/qmail/control/badhelo file on my server
> doesn't have
> > extdomain.com. For me, extdomain.com is not a badhelo.
> >
> > How do you know that extdomain.com is what their MTA
> client said during
> > EHLO?
> >
> > Andy
> >
> >
> >
> >
> >
> >
> >
> > Click here to report this email as spam.
> >
> >
> > This message has been scanned for malware by Websense.
> www.websense.com
> >
> >
>
Re: Problems receiving mail in qmail ( 553 sorry, your HELO host name has been denied (#5.7.1) ) [ In reply to ]
eduardo at pmaint
Feb 1, 2013, 9:38 AM
Post #9 of 20 (14090 views)
Permalink
Hi,

I done it, but the messages continues.

[root@boom tcprules.d]# vi tcp.qmail-smtp

170.28.128.9:allow,TCPREMOTEHOST="",NOBADHELO="",RBLSMTPD=""


[root@boom tcprules.d]# tcprules /etc/tcprules.d/tcp.qmail-smtp.cdb
/etc/tcprules.d/.tcp.qmail-smtp.tmp < /etc/tcprules.d/tcp.qmail-smtp
[root@boom tcprules.d]# for i in $(ls /service/ |grep qmail); do svc -d
/service/$i; done;
[root@boom tcprules.d]# for i in $(ls /service/ |grep qmail); do svc -u
/service/$i; done;
[root@boom tcprules.d]# telnet mail.pmaint.com 25
Trying 192.168.20.248...
Connected to mail.pmaint.com (192.168.20.248).
Escape character is '^]'.
220 mail.pmaint.com ESMTP
EHLO nyct.com
250-mail.pmaint.com
250-STARTTLS
250-PIPELINING
250-8BITMIME
250-SIZE 22777216
250 AUTH LOGIN PLAIN CRAM-MD5
MAIL FROM:DD@nyct.com
250 ok
RCPT TO:eduardo@pmaint.com NOTIFY=success,failure
553 sorry, your HELO host name has been denied (#5.7.1)

Thank you.

Eduardo




Eduardo Mena
Predictive Maintenance Corporation
Corporation d'entretien prédictif
8330 Decarie Blvd.,
Montreal, Qc., H4P 2P5
Tel. 514 383 6330


On 02/01/2013 12:11 PM, Jason Staudenmayer wrote:
> That could be it try to whitelist that domain in your tcp.smtp relay
> list. Something like this should do it
>
> 170.28.128.9:allow,TCPREMOTEHOST="",NOBADHELO="",RBLSMTPD=""
>
> Then save tcp.smtp and update the db
>
>> -----Original Message-----
>> From: Eduardo Mena [mailto:eduardo@pmaint.com]
>> Sent: Friday, February 01, 2013 12:05 PM
>> To: Jason Staudenmayer
>> Cc: Andy Bradford; qmail@list.cr.yp.to; Shepherd Nhongo
>> Subject: Re: Problems receiving mail in qmail ( 553 sorry,
>> your HELO host name has been denied (#5.7.1) )
>>
>>
>> Hi,
>>
>> I'm using rhost-check for bad reverse DNS.
>>
>> In /var/qmail/supervise/qmail-smtpd/run file, I have:
>>
>> SERVICE=smtp
>> . /var/qmail/bin/qmail-config-system&& \
>> exec /usr/bin/softlimit ${SOFTLIMIT_OPTS} \
>> ${QMAIL_TCPSERVER_PRE} \
>> /usr/bin/tcpserver ${TCPSERVER_OPTS} -x ${TCPSERVER_RULESCDB} \
>> -c ${MAXCONN} -u ${QMAILDUID} -g ${NOFILESGID} \
>> ${TCPSERVER_HOST} ${TCPSERVER_PORT} \
>> rhost-check ${QMAIL_SMTP_PRE} \
>> -r sbl-xbl.spamhaus.org \
>> /var/qmail/bin/qmail-${SERVICE}d ${QMAIL_SMTP_POST} \
>> 2>&1
>>
>> Regards,
>>
>> Eduardo
>>
>> On 02/01/2013 11:35 AM, Jason Staudenmayer wrote:
>>> look like the helo name doesn't match the dns name. When I
>> was running
>>> my own qmail servers I saw this from time-to-time from doing RDNS
>>> lookups. Are you running any RDNS filters?
>>>
>>> Jason
>>> -----Original Message-----
>>> From: Eduardo Mena [mailto:eduardo@pmaint.com]
>>> Sent: Friday, February 01, 2013 11:06 AM
>>> To: Andy Bradford
>>> Cc: qmail@list.cr.yp.to; Shepherd Nhongo
>>> Subject: Re: Problems receiving mail in qmail ( 553 sorry, your HELO
>>> host name has been denied (#5.7.1) )
>>>
>>>
>>> Hi,
>>>
>>> The log from /var/log/qmail/qmail-smtpd is the following:
>>>
>>> @400000005108ffe800653c04 tcpserver: ok 13133
>>> boom.pmaint.com:192.168.20.248:25 mail1.nyct.com:170.28.128.9::53330
>>> @400000005108ffe81b39cb94 qmail-smtpd:
>> badhelo:<nyctlmgw.NYCT.COM> at
>>> 170.28.128.9
>>> @400000005108ffe81c5d3cf4 tcpserver: end 13133 status 0
>>> @400000005108ffe81c5d40dc tcpserver: status: 0/40
>>> @400000005109001a00ce90dc tcpserver: status: 1/40
>>>
>>> Thank you.
>>>
>>> Eduardo
>>>
>>> On 02/01/2013 08:58 AM, Eduardo Mena wrote:
>>> Hi Andy,
>>>
>>>
>>> The real domain is nyct.com and I have not put this domain in the
>>> 'badhelo' file, then I do not understand why when the
>> client nyct.com
>>> send us emails (to pmaint.com), he receive as response the
>> mesage " 553
>>> sorry, your HELO host name has been denied ".
>>>
>>> Thank you.
>>>
>>>
>>> Eduardo
>>>
>>>
>>> On 01/31/2013 11:19 PM, Andy Bradford wrote:
>>> Thus said Eduardo Mena on Thu, 31 Jan 2013 15:04:40 -0500:
>>>
>>>
>>> The /var/qmail/control/badhelo file on my server
>> doesn't have
>>> extdomain.com. For me, extdomain.com is not a badhelo.
>>>
>>> How do you know that extdomain.com is what their MTA
>> client said during
>>> EHLO?
>>>
>>> Andy
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>> Click here to report this email as spam.
>>>
>>>
>>> This message has been scanned for malware by Websense.
>> www.websense.com
>>>
>
RE: Problems receiving mail in qmail ( 553 sorry, your HELO host name has been denied (#5.7.1) ) [ In reply to ]
jasons at adventureaquarium
Feb 1, 2013, 9:48 AM
Post #10 of 20 (14082 views)
Permalink
Your test might have failed due to you coming from your own network and NOT the ip of the nyct server. If you add that rule with your IP then it should pass

> -----Original Message-----
> From: Eduardo Mena [mailto:eduardo@pmaint.com]
> Sent: Friday, February 01, 2013 12:38 PM
> To: Jason Staudenmayer
> Cc: Andy Bradford; qmail@list.cr.yp.to; Shepherd Nhongo
> Subject: Re: Problems receiving mail in qmail ( 553 sorry,
> your HELO host name has been denied (#5.7.1) )
>
>
> Hi,
>
> I done it, but the messages continues.
>
> [root@boom tcprules.d]# vi tcp.qmail-smtp
>
> 170.28.128.9:allow,TCPREMOTEHOST="",NOBADHELO="",RBLSMTPD=""
>
>
> [root@boom tcprules.d]# tcprules /etc/tcprules.d/tcp.qmail-smtp.cdb
> /etc/tcprules.d/.tcp.qmail-smtp.tmp < /etc/tcprules.d/tcp.qmail-smtp
> [root@boom tcprules.d]# for i in $(ls /service/ |grep qmail);
> do svc -d
> /service/$i; done;
> [root@boom tcprules.d]# for i in $(ls /service/ |grep qmail);
> do svc -u
> /service/$i; done;
> [root@boom tcprules.d]# telnet mail.pmaint.com 25
> Trying 192.168.20.248...
> Connected to mail.pmaint.com (192.168.20.248).
> Escape character is '^]'.
> 220 mail.pmaint.com ESMTP
> EHLO nyct.com
> 250-mail.pmaint.com
> 250-STARTTLS
> 250-PIPELINING
> 250-8BITMIME
> 250-SIZE 22777216
> 250 AUTH LOGIN PLAIN CRAM-MD5
> MAIL FROM:DD@nyct.com
> 250 ok
> RCPT TO:eduardo@pmaint.com NOTIFY=success,failure
> 553 sorry, your HELO host name has been denied (#5.7.1)
>
> Thank you.
>
> Eduardo
>
>
>
>
> Eduardo Mena
> Predictive Maintenance Corporation
> Corporation d'entretien prédictif
> 8330 Decarie Blvd.,
> Montreal, Qc., H4P 2P5
> Tel. 514 383 6330
>
>
> On 02/01/2013 12:11 PM, Jason Staudenmayer wrote:
> > That could be it try to whitelist that domain in your tcp.smtp relay
> > list. Something like this should do it
> >
> > 170.28.128.9:allow,TCPREMOTEHOST="",NOBADHELO="",RBLSMTPD=""
> >
> > Then save tcp.smtp and update the db
> >
> >> -----Original Message-----
> >> From: Eduardo Mena [mailto:eduardo@pmaint.com]
> >> Sent: Friday, February 01, 2013 12:05 PM
> >> To: Jason Staudenmayer
> >> Cc: Andy Bradford; qmail@list.cr.yp.to; Shepherd Nhongo
> >> Subject: Re: Problems receiving mail in qmail ( 553 sorry,
> >> your HELO host name has been denied (#5.7.1) )
> >>
> >>
> >> Hi,
> >>
> >> I'm using rhost-check for bad reverse DNS.
> >>
> >> In /var/qmail/supervise/qmail-smtpd/run file, I have:
> >>
> >> SERVICE=smtp
> >> . /var/qmail/bin/qmail-config-system&& \
> >> exec /usr/bin/softlimit ${SOFTLIMIT_OPTS} \
> >> ${QMAIL_TCPSERVER_PRE} \
> >> /usr/bin/tcpserver ${TCPSERVER_OPTS} -x
> ${TCPSERVER_RULESCDB} \
> >> -c ${MAXCONN} -u ${QMAILDUID} -g ${NOFILESGID} \
> >> ${TCPSERVER_HOST} ${TCPSERVER_PORT} \
> >> rhost-check ${QMAIL_SMTP_PRE} \
> >> -r sbl-xbl.spamhaus.org \
> >> /var/qmail/bin/qmail-${SERVICE}d ${QMAIL_SMTP_POST} \
> >> 2>&1
> >>
> >> Regards,
> >>
> >> Eduardo
> >>
> >> On 02/01/2013 11:35 AM, Jason Staudenmayer wrote:
> >>> look like the helo name doesn't match the dns name. When I
> >> was running
> >>> my own qmail servers I saw this from time-to-time from doing RDNS
> >>> lookups. Are you running any RDNS filters?
> >>>
> >>> Jason
> >>> -----Original Message-----
> >>> From: Eduardo Mena [mailto:eduardo@pmaint.com]
> >>> Sent: Friday, February 01, 2013 11:06 AM
> >>> To: Andy Bradford
> >>> Cc: qmail@list.cr.yp.to; Shepherd Nhongo
> >>> Subject: Re: Problems receiving mail in qmail ( 553
> sorry, your HELO
> >>> host name has been denied (#5.7.1) )
> >>>
> >>>
> >>> Hi,
> >>>
> >>> The log from /var/log/qmail/qmail-smtpd is the following:
> >>>
> >>> @400000005108ffe800653c04 tcpserver: ok 13133
> >>> boom.pmaint.com:192.168.20.248:25
> mail1.nyct.com:170.28.128.9::53330
> >>> @400000005108ffe81b39cb94 qmail-smtpd:
> >> badhelo:<nyctlmgw.NYCT.COM> at
> >>> 170.28.128.9
> >>> @400000005108ffe81c5d3cf4 tcpserver: end 13133 status 0
> >>> @400000005108ffe81c5d40dc tcpserver: status: 0/40
> >>> @400000005109001a00ce90dc tcpserver: status: 1/40
> >>>
> >>> Thank you.
> >>>
> >>> Eduardo
> >>>
> >>> On 02/01/2013 08:58 AM, Eduardo Mena wrote:
> >>> Hi Andy,
> >>>
> >>>
> >>> The real domain is nyct.com and I have not put this domain in the
> >>> 'badhelo' file, then I do not understand why when the
> >> client nyct.com
> >>> send us emails (to pmaint.com), he receive as response the
> >> mesage " 553
> >>> sorry, your HELO host name has been denied ".
> >>>
> >>> Thank you.
> >>>
> >>>
> >>> Eduardo
> >>>
> >>>
> >>> On 01/31/2013 11:19 PM, Andy Bradford wrote:
> >>> Thus said Eduardo Mena on Thu, 31 Jan 2013 15:04:40 -0500:
> >>>
> >>>
> >>> The /var/qmail/control/badhelo file on my server
> >> doesn't have
> >>> extdomain.com. For me, extdomain.com is not a badhelo.
> >>>
> >>> How do you know that extdomain.com is what their MTA
> >> client said during
> >>> EHLO?
> >>>
> >>> Andy
> >>>
> >>>
> >>>
> >>>
> >>>
> >>>
> >>>
> >>> Click here to report this email as spam.
> >>>
> >>>
> >>> This message has been scanned for malware by Websense.
> >> www.websense.com
> >>>
> >
>
RE: Problems receiving mail in qmail ( 553 sorry, your HELO host name has been denied (#5.7.1) ) [ In reply to ]
jasons at adventureaquarium
Feb 1, 2013, 12:03 PM
Post #11 of 20 (14068 views)
Permalink
After poking at your mail server seems that it's matching on the ct part of the address

220 mail.pmaint.com ESMTP
ehlo ct.com250-mail.pmaint.com
250-STARTTLS
250-PIPELINING
250-8BITMIME
250-SIZE 22777216
250 AUTH LOGIN PLAIN CRAM-MD5
mail from:test@ct.com250 ok
rcpt to:eduardo@pmaint.com553 sorry, your HELO host name has been denied (#5.7.1)
rcpt to:eduardo@pmaint.com553 sorry, your HELO host name has been denied (#5.7.1)

Check your badhelo for any open ct regex matches

Jason

> -----Original Message-----
> From: Eduardo Mena [mailto:eduardo@pmaint.com]
> Sent: Friday, February 01, 2013 12:38 PM
> To: Jason Staudenmayer
> Cc: Andy Bradford; qmail@list.cr.yp.to; Shepherd Nhongo
> Subject: Re: Problems receiving mail in qmail ( 553 sorry,
> your HELO host name has been denied (#5.7.1) )
>
>
> Hi,
>
> I done it, but the messages continues.
>
> [root@boom tcprules.d]# vi tcp.qmail-smtp
>
> 170.28.128.9:allow,TCPREMOTEHOST="",NOBADHELO="",RBLSMTPD=""
>
>
> [root@boom tcprules.d]# tcprules /etc/tcprules.d/tcp.qmail-smtp.cdb
> /etc/tcprules.d/.tcp.qmail-smtp.tmp < /etc/tcprules.d/tcp.qmail-smtp
> [root@boom tcprules.d]# for i in $(ls /service/ |grep qmail);
> do svc -d
> /service/$i; done;
> [root@boom tcprules.d]# for i in $(ls /service/ |grep qmail);
> do svc -u
> /service/$i; done;
> [root@boom tcprules.d]# telnet mail.pmaint.com 25
> Trying 192.168.20.248...
> Connected to mail.pmaint.com (192.168.20.248).
> Escape character is '^]'.
> 220 mail.pmaint.com ESMTP
> EHLO nyct.com
> 250-mail.pmaint.com
> 250-STARTTLS
> 250-PIPELINING
> 250-8BITMIME
> 250-SIZE 22777216
> 250 AUTH LOGIN PLAIN CRAM-MD5
> MAIL FROM:DD@nyct.com
> 250 ok
> RCPT TO:eduardo@pmaint.com NOTIFY=success,failure
> 553 sorry, your HELO host name has been denied (#5.7.1)
>
> Thank you.
>
> Eduardo
>
>
>
>
> Eduardo Mena
> Predictive Maintenance Corporation
> Corporation d'entretien prédictif
> 8330 Decarie Blvd.,
> Montreal, Qc., H4P 2P5
> Tel. 514 383 6330
>
>
> On 02/01/2013 12:11 PM, Jason Staudenmayer wrote:
> > That could be it try to whitelist that domain in your tcp.smtp relay
> > list. Something like this should do it
> >
> > 170.28.128.9:allow,TCPREMOTEHOST="",NOBADHELO="",RBLSMTPD=""
> >
> > Then save tcp.smtp and update the db
> >
> >> -----Original Message-----
> >> From: Eduardo Mena [mailto:eduardo@pmaint.com]
> >> Sent: Friday, February 01, 2013 12:05 PM
> >> To: Jason Staudenmayer
> >> Cc: Andy Bradford; qmail@list.cr.yp.to; Shepherd Nhongo
> >> Subject: Re: Problems receiving mail in qmail ( 553 sorry,
> >> your HELO host name has been denied (#5.7.1) )
> >>
> >>
> >> Hi,
> >>
> >> I'm using rhost-check for bad reverse DNS.
> >>
> >> In /var/qmail/supervise/qmail-smtpd/run file, I have:
> >>
> >> SERVICE=smtp
> >> . /var/qmail/bin/qmail-config-system&& \
> >> exec /usr/bin/softlimit ${SOFTLIMIT_OPTS} \
> >> ${QMAIL_TCPSERVER_PRE} \
> >> /usr/bin/tcpserver ${TCPSERVER_OPTS} -x
> ${TCPSERVER_RULESCDB} \
> >> -c ${MAXCONN} -u ${QMAILDUID} -g ${NOFILESGID} \
> >> ${TCPSERVER_HOST} ${TCPSERVER_PORT} \
> >> rhost-check ${QMAIL_SMTP_PRE} \
> >> -r sbl-xbl.spamhaus.org \
> >> /var/qmail/bin/qmail-${SERVICE}d ${QMAIL_SMTP_POST} \
> >> 2>&1
> >>
> >> Regards,
> >>
> >> Eduardo
> >>
> >> On 02/01/2013 11:35 AM, Jason Staudenmayer wrote:
> >>> look like the helo name doesn't match the dns name. When I
> >> was running
> >>> my own qmail servers I saw this from time-to-time from doing RDNS
> >>> lookups. Are you running any RDNS filters?
> >>>
> >>> Jason
> >>> -----Original Message-----
> >>> From: Eduardo Mena [mailto:eduardo@pmaint.com]
> >>> Sent: Friday, February 01, 2013 11:06 AM
> >>> To: Andy Bradford
> >>> Cc: qmail@list.cr.yp.to; Shepherd Nhongo
> >>> Subject: Re: Problems receiving mail in qmail ( 553
> sorry, your HELO
> >>> host name has been denied (#5.7.1) )
> >>>
> >>>
> >>> Hi,
> >>>
> >>> The log from /var/log/qmail/qmail-smtpd is the following:
> >>>
> >>> @400000005108ffe800653c04 tcpserver: ok 13133
> >>> boom.pmaint.com:192.168.20.248:25
> mail1.nyct.com:170.28.128.9::53330
> >>> @400000005108ffe81b39cb94 qmail-smtpd:
> >> badhelo:<nyctlmgw.NYCT.COM> at
> >>> 170.28.128.9
> >>> @400000005108ffe81c5d3cf4 tcpserver: end 13133 status 0
> >>> @400000005108ffe81c5d40dc tcpserver: status: 0/40
> >>> @400000005109001a00ce90dc tcpserver: status: 1/40
> >>>
> >>> Thank you.
> >>>
> >>> Eduardo
> >>>
> >>> On 02/01/2013 08:58 AM, Eduardo Mena wrote:
> >>> Hi Andy,
> >>>
> >>>
> >>> The real domain is nyct.com and I have not put this domain in the
> >>> 'badhelo' file, then I do not understand why when the
> >> client nyct.com
> >>> send us emails (to pmaint.com), he receive as response the
> >> mesage " 553
> >>> sorry, your HELO host name has been denied ".
> >>>
> >>> Thank you.
> >>>
> >>>
> >>> Eduardo
> >>>
> >>>
> >>> On 01/31/2013 11:19 PM, Andy Bradford wrote:
> >>> Thus said Eduardo Mena on Thu, 31 Jan 2013 15:04:40 -0500:
> >>>
> >>>
> >>> The /var/qmail/control/badhelo file on my server
> >> doesn't have
> >>> extdomain.com. For me, extdomain.com is not a badhelo.
> >>>
> >>> How do you know that extdomain.com is what their MTA
> >> client said during
> >>> EHLO?
> >>>
> >>> Andy
> >>>
> >>>
> >>>
> >>>
> >>>
> >>>
> >>>
> >>> Click here to report this email as spam.
> >>>
> >>>
> >>> This message has been scanned for malware by Websense.
> >> www.websense.com
> >>>
> >
>
Re: Problems receiving mail in qmail ( 553 sorry, your HELO host name has been denied (#5.7.1) ) [ In reply to ]
eduardo at pmaint
Feb 1, 2013, 1:21 PM
Post #12 of 20 (14097 views)
Permalink
Hi,

I'm sending you part of the badhelo file. I modifed the first line and I
omitted 20O lines of badhelo domains. Here I put only a few domains.

---
!(^pc1$|^pc2$|^pc3|^cust[1-9]$|\.)
163data\.com\.cn
ewe-ip-backbone\.de
rm0001\.net
yahoo2\.com\.cn
tolsz200621cn\.com
songltaylor-studwelding\.com\.cn
---

In the following log file you can look that rm0001.net is a badhelo
because this is in the badhelo file.

@4000000051091b33125fb664 tcpserver: pid 31270 from 216.55.88.86
@4000000051091b332f63acfc tcpserver: ok 31270
boom.pmaint.com:192.168.20.248:25 mail-88-86.rm0001.net:216.55.88.86::55100
@4000000051091b3400148bc4 qmail-smtpd: badhelo: <mail-88-86.rm0001.net>
at 216.55.88.86
@4000000051091b340205ad64 tcpserver: end 31270 status 0

Thanks.
Eduardo

On 01/02/2013 3:03 PM, Jason Staudenmayer wrote:
> After poking at your mail server seems that it's matching on the ct part of the address
>
> 220 mail.pmaint.com ESMTP
> ehlo ct.com250-mail.pmaint.com
> 250-STARTTLS
> 250-PIPELINING
> 250-8BITMIME
> 250-SIZE 22777216
> 250 AUTH LOGIN PLAIN CRAM-MD5
> mail from:test@ct.com250 ok
> rcpt to:eduardo@pmaint.com553 sorry, your HELO host name has been denied (#5.7.1)
> rcpt to:eduardo@pmaint.com553 sorry, your HELO host name has been denied (#5.7.1)
>
> Check your badhelo for any open ct regex matches
>
> Jason
>
>> -----Original Message-----
>> From: Eduardo Mena [mailto:eduardo@pmaint.com]
>> Sent: Friday, February 01, 2013 12:38 PM
>> To: Jason Staudenmayer
>> Cc: Andy Bradford; qmail@list.cr.yp.to; Shepherd Nhongo
>> Subject: Re: Problems receiving mail in qmail ( 553 sorry,
>> your HELO host name has been denied (#5.7.1) )
>>
>>
>> Hi,
>>
>> I done it, but the messages continues.
>>
>> [root@boom tcprules.d]# vi tcp.qmail-smtp
>>
>> 170.28.128.9:allow,TCPREMOTEHOST="",NOBADHELO="",RBLSMTPD=""
>>
>>
>> [root@boom tcprules.d]# tcprules /etc/tcprules.d/tcp.qmail-smtp.cdb
>> /etc/tcprules.d/.tcp.qmail-smtp.tmp< /etc/tcprules.d/tcp.qmail-smtp
>> [root@boom tcprules.d]# for i in $(ls /service/ |grep qmail);
>> do svc -d
>> /service/$i; done;
>> [root@boom tcprules.d]# for i in $(ls /service/ |grep qmail);
>> do svc -u
>> /service/$i; done;
>> [root@boom tcprules.d]# telnet mail.pmaint.com 25
>> Trying 192.168.20.248...
>> Connected to mail.pmaint.com (192.168.20.248).
>> Escape character is '^]'.
>> 220 mail.pmaint.com ESMTP
>> EHLO nyct.com
>> 250-mail.pmaint.com
>> 250-STARTTLS
>> 250-PIPELINING
>> 250-8BITMIME
>> 250-SIZE 22777216
>> 250 AUTH LOGIN PLAIN CRAM-MD5
>> MAIL FROM:DD@nyct.com
>> 250 ok
>> RCPT TO:eduardo@pmaint.com NOTIFY=success,failure
>> 553 sorry, your HELO host name has been denied (#5.7.1)
>>
>> Thank you.
>>
>> Eduardo
>>
>>
>>
>>
>> Eduardo Mena
>> Predictive Maintenance Corporation
>> Corporation d'entretien prédictif
>> 8330 Decarie Blvd.,
>> Montreal, Qc., H4P 2P5
>> Tel. 514 383 6330
>>
>>
>> On 02/01/2013 12:11 PM, Jason Staudenmayer wrote:
>>> That could be it try to whitelist that domain in your tcp.smtp relay
>>> list. Something like this should do it
>>>
>>> 170.28.128.9:allow,TCPREMOTEHOST="",NOBADHELO="",RBLSMTPD=""
>>>
>>> Then save tcp.smtp and update the db
>>>
>>>> -----Original Message-----
>>>> From: Eduardo Mena [mailto:eduardo@pmaint.com]
>>>> Sent: Friday, February 01, 2013 12:05 PM
>>>> To: Jason Staudenmayer
>>>> Cc: Andy Bradford; qmail@list.cr.yp.to; Shepherd Nhongo
>>>> Subject: Re: Problems receiving mail in qmail ( 553 sorry,
>>>> your HELO host name has been denied (#5.7.1) )
>>>>
>>>>
>>>> Hi,
>>>>
>>>> I'm using rhost-check for bad reverse DNS.
>>>>
>>>> In /var/qmail/supervise/qmail-smtpd/run file, I have:
>>>>
>>>> SERVICE=smtp
>>>> . /var/qmail/bin/qmail-config-system&& \
>>>> exec /usr/bin/softlimit ${SOFTLIMIT_OPTS} \
>>>> ${QMAIL_TCPSERVER_PRE} \
>>>> /usr/bin/tcpserver ${TCPSERVER_OPTS} -x
>> ${TCPSERVER_RULESCDB} \
>>>> -c ${MAXCONN} -u ${QMAILDUID} -g ${NOFILESGID} \
>>>> ${TCPSERVER_HOST} ${TCPSERVER_PORT} \
>>>> rhost-check ${QMAIL_SMTP_PRE} \
>>>> -r sbl-xbl.spamhaus.org \
>>>> /var/qmail/bin/qmail-${SERVICE}d ${QMAIL_SMTP_POST} \
>>>> 2>&1
>>>>
>>>> Regards,
>>>>
>>>> Eduardo
>>>>
>>>> On 02/01/2013 11:35 AM, Jason Staudenmayer wrote:
>>>>> look like the helo name doesn't match the dns name. When I
>>>> was running
>>>>> my own qmail servers I saw this from time-to-time from doing RDNS
>>>>> lookups. Are you running any RDNS filters?
>>>>>
>>>>> Jason
>>>>> -----Original Message-----
>>>>> From: Eduardo Mena [mailto:eduardo@pmaint.com]
>>>>> Sent: Friday, February 01, 2013 11:06 AM
>>>>> To: Andy Bradford
>>>>> Cc: qmail@list.cr.yp.to; Shepherd Nhongo
>>>>> Subject: Re: Problems receiving mail in qmail ( 553
>> sorry, your HELO
>>>>> host name has been denied (#5.7.1) )
>>>>>
>>>>>
>>>>> Hi,
>>>>>
>>>>> The log from /var/log/qmail/qmail-smtpd is the following:
>>>>>
>>>>> @400000005108ffe800653c04 tcpserver: ok 13133
>>>>> boom.pmaint.com:192.168.20.248:25
>> mail1.nyct.com:170.28.128.9::53330
>>>>> @400000005108ffe81b39cb94 qmail-smtpd:
>>>> badhelo:<nyctlmgw.NYCT.COM> at
>>>>> 170.28.128.9
>>>>> @400000005108ffe81c5d3cf4 tcpserver: end 13133 status 0
>>>>> @400000005108ffe81c5d40dc tcpserver: status: 0/40
>>>>> @400000005109001a00ce90dc tcpserver: status: 1/40
>>>>>
>>>>> Thank you.
>>>>>
>>>>> Eduardo
>>>>>
>>>>> On 02/01/2013 08:58 AM, Eduardo Mena wrote:
>>>>> Hi Andy,
>>>>>
>>>>>
>>>>> The real domain is nyct.com and I have not put this domain in the
>>>>> 'badhelo' file, then I do not understand why when the
>>>> client nyct.com
>>>>> send us emails (to pmaint.com), he receive as response the
>>>> mesage " 553
>>>>> sorry, your HELO host name has been denied ".
>>>>>
>>>>> Thank you.
>>>>>
>>>>>
>>>>> Eduardo
>>>>>
>>>>>
>>>>> On 01/31/2013 11:19 PM, Andy Bradford wrote:
>>>>> Thus said Eduardo Mena on Thu, 31 Jan 2013 15:04:40 -0500:
>>>>>
>>>>>
>>>>> The /var/qmail/control/badhelo file on my server
>>>> doesn't have
>>>>> extdomain.com. For me, extdomain.com is not a badhelo.
>>>>>
>>>>> How do you know that extdomain.com is what their MTA
>>>> client said during
>>>>> EHLO?
>>>>>
>>>>> Andy
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> Click here to report this email as spam.
>>>>>
>>>>>
>>>>> This message has been scanned for malware by Websense.
>>>> www.websense.com
>
RE: Problems receiving mail in qmail ( 553 sorry, your HELO host name has been denied (#5.7.1) ) [ In reply to ]
jasons at adventureaquarium
Feb 1, 2013, 1:39 PM
Post #13 of 20 (14077 views)
Permalink
It's kind of hard to help if you drop info. I found a match of ct.com so we would need to look over the whole file. You could also try adding LOGREGEX="" to your last entry in your tcp.smtp file and then check the log for the matching regex (this might depend on the patch or build). Hopefuly somebody might jump in as I'm off for the weekend, if not I check back Mon.

> -----Original Message-----
> From: Eduardo Mena [mailto:eduardo@pmaint.com]
> Sent: Friday, February 01, 2013 4:22 PM
> To: Jason Staudenmayer
> Cc: Andy Bradford; qmail@list.cr.yp.to; Shepherd Nhongo
> Subject: Re: Problems receiving mail in qmail ( 553 sorry,
> your HELO host name has been denied (#5.7.1) )
>
>
> Hi,
>
> I'm sending you part of the badhelo file. I modifed the first
> line and I
> omitted 20O lines of badhelo domains. Here I put only a few domains.
>
> ---
> !(^pc1$|^pc2$|^pc3|^cust[1-9]$|\.)
> 163data\.com\.cn
> ewe-ip-backbone\.de
> rm0001\.net
> yahoo2\.com\.cn
> tolsz200621cn\.com
> songltaylor-studwelding\.com\.cn
> ---
>
> In the following log file you can look that rm0001.net is a badhelo
> because this is in the badhelo file.
>
> @4000000051091b33125fb664 tcpserver: pid 31270 from 216.55.88.86
> @4000000051091b332f63acfc tcpserver: ok 31270
> boom.pmaint.com:192.168.20.248:25
> mail-88-86.rm0001.net:216.55.88.86::55100
> @4000000051091b3400148bc4 qmail-smtpd: badhelo:
> <mail-88-86.rm0001.net>
> at 216.55.88.86
> @4000000051091b340205ad64 tcpserver: end 31270 status 0
>
> Thanks.
> Eduardo
>
> On 01/02/2013 3:03 PM, Jason Staudenmayer wrote:
> > After poking at your mail server seems that it's matching
> on the ct part of the address
> >
> > 220 mail.pmaint.com ESMTP
> > ehlo ct.com250-mail.pmaint.com
> > 250-STARTTLS
> > 250-PIPELINING
> > 250-8BITMIME
> > 250-SIZE 22777216
> > 250 AUTH LOGIN PLAIN CRAM-MD5
> > mail from:test@ct.com250 ok
> > rcpt to:eduardo@pmaint.com553 sorry, your HELO host name
> has been denied (#5.7.1)
> > rcpt to:eduardo@pmaint.com553 sorry, your HELO host name
> has been denied (#5.7.1)
> >
> > Check your badhelo for any open ct regex matches
> >
> > Jason
> >
> >> -----Original Message-----
> >> From: Eduardo Mena [mailto:eduardo@pmaint.com]
> >> Sent: Friday, February 01, 2013 12:38 PM
> >> To: Jason Staudenmayer
> >> Cc: Andy Bradford; qmail@list.cr.yp.to; Shepherd Nhongo
> >> Subject: Re: Problems receiving mail in qmail ( 553 sorry,
> >> your HELO host name has been denied (#5.7.1) )
> >>
> >>
> >> Hi,
> >>
> >> I done it, but the messages continues.
> >>
> >> [root@boom tcprules.d]# vi tcp.qmail-smtp
> >>
> >> 170.28.128.9:allow,TCPREMOTEHOST="",NOBADHELO="",RBLSMTPD=""
> >>
> >>
> >> [root@boom tcprules.d]# tcprules /etc/tcprules.d/tcp.qmail-smtp.cdb
> >> /etc/tcprules.d/.tcp.qmail-smtp.tmp<
> /etc/tcprules.d/tcp.qmail-smtp
> >> [root@boom tcprules.d]# for i in $(ls /service/ |grep qmail);
> >> do svc -d
> >> /service/$i; done;
> >> [root@boom tcprules.d]# for i in $(ls /service/ |grep qmail);
> >> do svc -u
> >> /service/$i; done;
> >> [root@boom tcprules.d]# telnet mail.pmaint.com 25
> >> Trying 192.168.20.248...
> >> Connected to mail.pmaint.com (192.168.20.248).
> >> Escape character is '^]'.
> >> 220 mail.pmaint.com ESMTP
> >> EHLO nyct.com
> >> 250-mail.pmaint.com
> >> 250-STARTTLS
> >> 250-PIPELINING
> >> 250-8BITMIME
> >> 250-SIZE 22777216
> >> 250 AUTH LOGIN PLAIN CRAM-MD5
> >> MAIL FROM:DD@nyct.com
> >> 250 ok
> >> RCPT TO:eduardo@pmaint.com NOTIFY=success,failure
> >> 553 sorry, your HELO host name has been denied (#5.7.1)
> >>
> >> Thank you.
> >>
> >> Eduardo
> >>
> >>
> >>
> >>
> >> Eduardo Mena
> >> Predictive Maintenance Corporation
> >> Corporation d'entretien prédictif
> >> 8330 Decarie Blvd.,
> >> Montreal, Qc., H4P 2P5
> >> Tel. 514 383 6330
> >>
> >>
> >> On 02/01/2013 12:11 PM, Jason Staudenmayer wrote:
> >>> That could be it try to whitelist that domain in your
> tcp.smtp relay
> >>> list. Something like this should do it
> >>>
> >>> 170.28.128.9:allow,TCPREMOTEHOST="",NOBADHELO="",RBLSMTPD=""
> >>>
> >>> Then save tcp.smtp and update the db
> >>>
> >>>> -----Original Message-----
> >>>> From: Eduardo Mena [mailto:eduardo@pmaint.com]
> >>>> Sent: Friday, February 01, 2013 12:05 PM
> >>>> To: Jason Staudenmayer
> >>>> Cc: Andy Bradford; qmail@list.cr.yp.to; Shepherd Nhongo
> >>>> Subject: Re: Problems receiving mail in qmail ( 553 sorry,
> >>>> your HELO host name has been denied (#5.7.1) )
> >>>>
> >>>>
> >>>> Hi,
> >>>>
> >>>> I'm using rhost-check for bad reverse DNS.
> >>>>
> >>>> In /var/qmail/supervise/qmail-smtpd/run file, I have:
> >>>>
> >>>> SERVICE=smtp
> >>>> . /var/qmail/bin/qmail-config-system&& \
> >>>> exec /usr/bin/softlimit ${SOFTLIMIT_OPTS} \
> >>>> ${QMAIL_TCPSERVER_PRE} \
> >>>> /usr/bin/tcpserver ${TCPSERVER_OPTS} -x
> >> ${TCPSERVER_RULESCDB} \
> >>>> -c ${MAXCONN} -u ${QMAILDUID} -g ${NOFILESGID} \
> >>>> ${TCPSERVER_HOST} ${TCPSERVER_PORT} \
> >>>> rhost-check ${QMAIL_SMTP_PRE} \
> >>>> -r sbl-xbl.spamhaus.org \
> >>>> /var/qmail/bin/qmail-${SERVICE}d ${QMAIL_SMTP_POST} \
> >>>> 2>&1
> >>>>
> >>>> Regards,
> >>>>
> >>>> Eduardo
> >>>>
> >>>> On 02/01/2013 11:35 AM, Jason Staudenmayer wrote:
> >>>>> look like the helo name doesn't match the dns name. When I
> >>>> was running
> >>>>> my own qmail servers I saw this from time-to-time from
> doing RDNS
> >>>>> lookups. Are you running any RDNS filters?
> >>>>>
> >>>>> Jason
> >>>>> -----Original Message-----
> >>>>> From: Eduardo Mena [mailto:eduardo@pmaint.com]
> >>>>> Sent: Friday, February 01, 2013 11:06 AM
> >>>>> To: Andy Bradford
> >>>>> Cc: qmail@list.cr.yp.to; Shepherd Nhongo
> >>>>> Subject: Re: Problems receiving mail in qmail ( 553
> >> sorry, your HELO
> >>>>> host name has been denied (#5.7.1) )
> >>>>>
> >>>>>
> >>>>> Hi,
> >>>>>
> >>>>> The log from /var/log/qmail/qmail-smtpd is the following:
> >>>>>
> >>>>> @400000005108ffe800653c04 tcpserver: ok 13133
> >>>>> boom.pmaint.com:192.168.20.248:25
> >> mail1.nyct.com:170.28.128.9::53330
> >>>>> @400000005108ffe81b39cb94 qmail-smtpd:
> >>>> badhelo:<nyctlmgw.NYCT.COM> at
> >>>>> 170.28.128.9
> >>>>> @400000005108ffe81c5d3cf4 tcpserver: end 13133 status 0
> >>>>> @400000005108ffe81c5d40dc tcpserver: status: 0/40
> >>>>> @400000005109001a00ce90dc tcpserver: status: 1/40
> >>>>>
> >>>>> Thank you.
> >>>>>
> >>>>> Eduardo
> >>>>>
> >>>>> On 02/01/2013 08:58 AM, Eduardo Mena wrote:
> >>>>> Hi Andy,
> >>>>>
> >>>>>
> >>>>> The real domain is nyct.com and I have not put this
> domain in the
> >>>>> 'badhelo' file, then I do not understand why when the
> >>>> client nyct.com
> >>>>> send us emails (to pmaint.com), he receive as response the
> >>>> mesage " 553
> >>>>> sorry, your HELO host name has been denied ".
> >>>>>
> >>>>> Thank you.
> >>>>>
> >>>>>
> >>>>> Eduardo
> >>>>>
> >>>>>
> >>>>> On 01/31/2013 11:19 PM, Andy Bradford wrote:
> >>>>> Thus said Eduardo Mena on Thu, 31 Jan 2013 15:04:40 -0500:
> >>>>>
> >>>>>
> >>>>> The /var/qmail/control/badhelo file on my server
> >>>> doesn't have
> >>>>> extdomain.com. For me, extdomain.com is not a badhelo.
> >>>>>
> >>>>> How do you know that extdomain.com is what their MTA
> >>>> client said during
> >>>>> EHLO?
> >>>>>
> >>>>> Andy
> >>>>>
> >>>>>
> >>>>>
> >>>>>
> >>>>>
> >>>>>
> >>>>>
> >>>>> Click here to report this email as spam.
> >>>>>
> >>>>>
> >>>>> This message has been scanned for malware by Websense.
> >>>> www.websense.com
> >
>
Re: Problems receiving mail in qmail ( 553 sorry, your HELO host name has been denied (#5.7.1) ) [ In reply to ]
eduardo at pmaint
Feb 1, 2013, 2:35 PM
Post #14 of 20 (14084 views)
Permalink
Hi,

I looked again the file and 'ct.com' was in my badhelo file. I'm sorry
but I got confused becausethis text "ehlo ct.com250-mail.pmaint.com" was
displayed together. Because ct.com is in badhelo file, therefore it
display the message "553 sorry, your HELO host name has been denied
(#5.7.1)"

Thanks

Eduardo

On 01/02/2013 4:39 PM, Jason Staudenmayer wrote:
> It's kind of hard to help if you drop info. I found a match of ct.com so we would need to look over the whole file. You could also try adding LOGREGEX="" to your last entry in your tcp.smtp file and then check the log for the matching regex (this might depend on the patch or build). Hopefuly somebody might jump in as I'm off for the weekend, if not I check back Mon.
>
>> -----Original Message-----
>> From: Eduardo Mena [mailto:eduardo@pmaint.com]
>> Sent: Friday, February 01, 2013 4:22 PM
>> To: Jason Staudenmayer
>> Cc: Andy Bradford; qmail@list.cr.yp.to; Shepherd Nhongo
>> Subject: Re: Problems receiving mail in qmail ( 553 sorry,
>> your HELO host name has been denied (#5.7.1) )
>>
>>
>> Hi,
>>
>> I'm sending you part of the badhelo file. I modifed the first
>> line and I
>> omitted 20O lines of badhelo domains. Here I put only a few domains.
>>
>> ---
>> !(^pc1$|^pc2$|^pc3|^cust[1-9]$|\.)
>> 163data\.com\.cn
>> ewe-ip-backbone\.de
>> rm0001\.net
>> yahoo2\.com\.cn
>> tolsz200621cn\.com
>> songltaylor-studwelding\.com\.cn
>> ---
>>
>> In the following log file you can look that rm0001.net is a badhelo
>> because this is in the badhelo file.
>>
>> @4000000051091b33125fb664 tcpserver: pid 31270 from 216.55.88.86
>> @4000000051091b332f63acfc tcpserver: ok 31270
>> boom.pmaint.com:192.168.20.248:25
>> mail-88-86.rm0001.net:216.55.88.86::55100
>> @4000000051091b3400148bc4 qmail-smtpd: badhelo:
>> <mail-88-86.rm0001.net>
>> at 216.55.88.86
>> @4000000051091b340205ad64 tcpserver: end 31270 status 0
>>
>> Thanks.
>> Eduardo
>>
>> On 01/02/2013 3:03 PM, Jason Staudenmayer wrote:
>>> After poking at your mail server seems that it's matching
>> on the ct part of the address
>>> 220 mail.pmaint.com ESMTP
>>> ehlo ct.com250-mail.pmaint.com
>>> 250-STARTTLS
>>> 250-PIPELINING
>>> 250-8BITMIME
>>> 250-SIZE 22777216
>>> 250 AUTH LOGIN PLAIN CRAM-MD5
>>> mail from:test@ct.com250 ok
>>> rcpt to:eduardo@pmaint.com553 sorry, your HELO host name
>> has been denied (#5.7.1)
>>> rcpt to:eduardo@pmaint.com553 sorry, your HELO host name
>> has been denied (#5.7.1)
>>> Check your badhelo for any open ct regex matches
>>>
>>> Jason
>>>
>>>> -----Original Message-----
>>>> From: Eduardo Mena [mailto:eduardo@pmaint.com]
>>>> Sent: Friday, February 01, 2013 12:38 PM
>>>> To: Jason Staudenmayer
>>>> Cc: Andy Bradford; qmail@list.cr.yp.to; Shepherd Nhongo
>>>> Subject: Re: Problems receiving mail in qmail ( 553 sorry,
>>>> your HELO host name has been denied (#5.7.1) )
>>>>
>>>>
>>>> Hi,
>>>>
>>>> I done it, but the messages continues.
>>>>
>>>> [root@boom tcprules.d]# vi tcp.qmail-smtp
>>>>
>>>> 170.28.128.9:allow,TCPREMOTEHOST="",NOBADHELO="",RBLSMTPD=""
>>>>
>>>>
>>>> [root@boom tcprules.d]# tcprules /etc/tcprules.d/tcp.qmail-smtp.cdb
>>>> /etc/tcprules.d/.tcp.qmail-smtp.tmp<
>> /etc/tcprules.d/tcp.qmail-smtp
>>>> [root@boom tcprules.d]# for i in $(ls /service/ |grep qmail);
>>>> do svc -d
>>>> /service/$i; done;
>>>> [root@boom tcprules.d]# for i in $(ls /service/ |grep qmail);
>>>> do svc -u
>>>> /service/$i; done;
>>>> [root@boom tcprules.d]# telnet mail.pmaint.com 25
>>>> Trying 192.168.20.248...
>>>> Connected to mail.pmaint.com (192.168.20.248).
>>>> Escape character is '^]'.
>>>> 220 mail.pmaint.com ESMTP
>>>> EHLO nyct.com
>>>> 250-mail.pmaint.com
>>>> 250-STARTTLS
>>>> 250-PIPELINING
>>>> 250-8BITMIME
>>>> 250-SIZE 22777216
>>>> 250 AUTH LOGIN PLAIN CRAM-MD5
>>>> MAIL FROM:DD@nyct.com
>>>> 250 ok
>>>> RCPT TO:eduardo@pmaint.com NOTIFY=success,failure
>>>> 553 sorry, your HELO host name has been denied (#5.7.1)
>>>>
>>>> Thank you.
>>>>
>>>> Eduardo
>>>>
>>>>
>>>>
>>>>
>>>> Eduardo Mena
>>>> Predictive Maintenance Corporation
>>>> Corporation d'entretien prédictif
>>>> 8330 Decarie Blvd.,
>>>> Montreal, Qc., H4P 2P5
>>>> Tel. 514 383 6330
>>>>
>>>>
>>>> On 02/01/2013 12:11 PM, Jason Staudenmayer wrote:
>>>>> That could be it try to whitelist that domain in your
>> tcp.smtp relay
>>>>> list. Something like this should do it
>>>>>
>>>>> 170.28.128.9:allow,TCPREMOTEHOST="",NOBADHELO="",RBLSMTPD=""
>>>>>
>>>>> Then save tcp.smtp and update the db
>>>>>
>>>>>> -----Original Message-----
>>>>>> From: Eduardo Mena [mailto:eduardo@pmaint.com]
>>>>>> Sent: Friday, February 01, 2013 12:05 PM
>>>>>> To: Jason Staudenmayer
>>>>>> Cc: Andy Bradford; qmail@list.cr.yp.to; Shepherd Nhongo
>>>>>> Subject: Re: Problems receiving mail in qmail ( 553 sorry,
>>>>>> your HELO host name has been denied (#5.7.1) )
>>>>>>
>>>>>>
>>>>>> Hi,
>>>>>>
>>>>>> I'm using rhost-check for bad reverse DNS.
>>>>>>
>>>>>> In /var/qmail/supervise/qmail-smtpd/run file, I have:
>>>>>>
>>>>>> SERVICE=smtp
>>>>>> . /var/qmail/bin/qmail-config-system&& \
>>>>>> exec /usr/bin/softlimit ${SOFTLIMIT_OPTS} \
>>>>>> ${QMAIL_TCPSERVER_PRE} \
>>>>>> /usr/bin/tcpserver ${TCPSERVER_OPTS} -x
>>>> ${TCPSERVER_RULESCDB} \
>>>>>> -c ${MAXCONN} -u ${QMAILDUID} -g ${NOFILESGID} \
>>>>>> ${TCPSERVER_HOST} ${TCPSERVER_PORT} \
>>>>>> rhost-check ${QMAIL_SMTP_PRE} \
>>>>>> -r sbl-xbl.spamhaus.org \
>>>>>> /var/qmail/bin/qmail-${SERVICE}d ${QMAIL_SMTP_POST} \
>>>>>> 2>&1
>>>>>>
>>>>>> Regards,
>>>>>>
>>>>>> Eduardo
>>>>>>
>>>>>> On 02/01/2013 11:35 AM, Jason Staudenmayer wrote:
>>>>>>> look like the helo name doesn't match the dns name. When I
>>>>>> was running
>>>>>>> my own qmail servers I saw this from time-to-time from
>> doing RDNS
>>>>>>> lookups. Are you running any RDNS filters?
>>>>>>>
>>>>>>> Jason
>>>>>>> -----Original Message-----
>>>>>>> From: Eduardo Mena [mailto:eduardo@pmaint.com]
>>>>>>> Sent: Friday, February 01, 2013 11:06 AM
>>>>>>> To: Andy Bradford
>>>>>>> Cc: qmail@list.cr.yp.to; Shepherd Nhongo
>>>>>>> Subject: Re: Problems receiving mail in qmail ( 553
>>>> sorry, your HELO
>>>>>>> host name has been denied (#5.7.1) )
>>>>>>>
>>>>>>>
>>>>>>> Hi,
>>>>>>>
>>>>>>> The log from /var/log/qmail/qmail-smtpd is the following:
>>>>>>>
>>>>>>> @400000005108ffe800653c04 tcpserver: ok 13133
>>>>>>> boom.pmaint.com:192.168.20.248:25
>>>> mail1.nyct.com:170.28.128.9::53330
>>>>>>> @400000005108ffe81b39cb94 qmail-smtpd:
>>>>>> badhelo:<nyctlmgw.NYCT.COM> at
>>>>>>> 170.28.128.9
>>>>>>> @400000005108ffe81c5d3cf4 tcpserver: end 13133 status 0
>>>>>>> @400000005108ffe81c5d40dc tcpserver: status: 0/40
>>>>>>> @400000005109001a00ce90dc tcpserver: status: 1/40
>>>>>>>
>>>>>>> Thank you.
>>>>>>>
>>>>>>> Eduardo
>>>>>>>
>>>>>>> On 02/01/2013 08:58 AM, Eduardo Mena wrote:
>>>>>>> Hi Andy,
>>>>>>>
>>>>>>>
>>>>>>> The real domain is nyct.com and I have not put this
>> domain in the
>>>>>>> 'badhelo' file, then I do not understand why when the
>>>>>> client nyct.com
>>>>>>> send us emails (to pmaint.com), he receive as response the
>>>>>> mesage " 553
>>>>>>> sorry, your HELO host name has been denied ".
>>>>>>>
>>>>>>> Thank you.
>>>>>>>
>>>>>>>
>>>>>>> Eduardo
>>>>>>>
>>>>>>>
>>>>>>> On 01/31/2013 11:19 PM, Andy Bradford wrote:
>>>>>>> Thus said Eduardo Mena on Thu, 31 Jan 2013 15:04:40 -0500:
>>>>>>>
>>>>>>>
>>>>>>> The /var/qmail/control/badhelo file on my server
>>>>>> doesn't have
>>>>>>> extdomain.com. For me, extdomain.com is not a badhelo.
>>>>>>>
>>>>>>> How do you know that extdomain.com is what their MTA
>>>>>> client said during
>>>>>>> EHLO?
>>>>>>>
>>>>>>> Andy
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> Click here to report this email as spam.
>>>>>>>
>>>>>>>
>>>>>>> This message has been scanned for malware by Websense.
>>>>>> www.websense.com
>
Re: Problems receiving mail in qmail ( 553 sorry, your HELO host name has been denied (#5.7.1) ) [ In reply to ]
amb-sendok-1362358570.fdfepfigmmgjcnhhjjce at bradfo
Feb 1, 2013, 4:56 PM
Post #15 of 20 (14070 views)
Permalink
Thus said Eduardo Mena on Fri, 01 Feb 2013 11:06:29 -0500:

> @400000005108ffe81b39cb94 qmail-smtpd: badhelo: <nyctlmgw.NYCT.COM> at

I don't use badhelo so I don't know what it involves... Maybe it's
complaining about the fact that nyctlmgw.NYCT.COM does not resolve at
all?

$ dnsqr a nyctlmgw.NYCT.COM
1 nyctlmgw.nyct.com:
35 bytes, 1+0+0+0 records, response, authoritative, nxdomain
query: 1 nyctlmgw.nyct.com

Andy
RE: Problems receiving mail in qmail ( 553 sorry, your HELO host name has been denied (#5.7.1) ) [ In reply to ]
jasons at adventureaquarium
Feb 4, 2013, 6:09 AM
Post #16 of 20 (14049 views)
Permalink
Glad you found it.

> -----Original Message-----
> From: Eduardo Mena [mailto:eduardo@pmaint.com]
> Sent: Friday, February 01, 2013 5:36 PM
> To: Jason Staudenmayer
> Cc: Andy Bradford; qmail@list.cr.yp.to; Shepherd Nhongo
> Subject: Re: Problems receiving mail in qmail ( 553 sorry,
> your HELO host name has been denied (#5.7.1) )
>
>
> Hi,
>
> I looked again the file and 'ct.com' was in my badhelo file.
> I'm sorry
> but I got confused becausethis text "ehlo
> ct.com250-mail.pmaint.com" was
> displayed together. Because ct.com is in badhelo file, therefore it
> display the message "553 sorry, your HELO host name has been denied
> (#5.7.1)"
>
> Thanks
>
> Eduardo
>
> On 01/02/2013 4:39 PM, Jason Staudenmayer wrote:
> > It's kind of hard to help if you drop info. I found a match
> of ct.com so we would need to look over the whole file. You
> could also try adding LOGREGEX="" to your last entry in your
> tcp.smtp file and then check the log for the matching regex
> (this might depend on the patch or build). Hopefuly somebody
> might jump in as I'm off for the weekend, if not I check back Mon.
> >
> >> -----Original Message-----
> >> From: Eduardo Mena [mailto:eduardo@pmaint.com]
> >> Sent: Friday, February 01, 2013 4:22 PM
> >> To: Jason Staudenmayer
> >> Cc: Andy Bradford; qmail@list.cr.yp.to; Shepherd Nhongo
> >> Subject: Re: Problems receiving mail in qmail ( 553 sorry,
> >> your HELO host name has been denied (#5.7.1) )
> >>
> >>
> >> Hi,
> >>
> >> I'm sending you part of the badhelo file. I modifed the first
> >> line and I
> >> omitted 20O lines of badhelo domains. Here I put only a
> few domains.
> >>
> >> ---
> >> !(^pc1$|^pc2$|^pc3|^cust[1-9]$|\.)
> >> 163data\.com\.cn
> >> ewe-ip-backbone\.de
> >> rm0001\.net
> >> yahoo2\.com\.cn
> >> tolsz200621cn\.com
> >> songltaylor-studwelding\.com\.cn
> >> ---
> >>
> >> In the following log file you can look that rm0001.net is a badhelo
> >> because this is in the badhelo file.
> >>
> >> @4000000051091b33125fb664 tcpserver: pid 31270 from 216.55.88.86
> >> @4000000051091b332f63acfc tcpserver: ok 31270
> >> boom.pmaint.com:192.168.20.248:25
> >> mail-88-86.rm0001.net:216.55.88.86::55100
> >> @4000000051091b3400148bc4 qmail-smtpd: badhelo:
> >> <mail-88-86.rm0001.net>
> >> at 216.55.88.86
> >> @4000000051091b340205ad64 tcpserver: end 31270 status 0
> >>
> >> Thanks.
> >> Eduardo
> >>
> >> On 01/02/2013 3:03 PM, Jason Staudenmayer wrote:
> >>> After poking at your mail server seems that it's matching
> >> on the ct part of the address
> >>> 220 mail.pmaint.com ESMTP
> >>> ehlo ct.com250-mail.pmaint.com
> >>> 250-STARTTLS
> >>> 250-PIPELINING
> >>> 250-8BITMIME
> >>> 250-SIZE 22777216
> >>> 250 AUTH LOGIN PLAIN CRAM-MD5
> >>> mail from:test@ct.com250 ok
> >>> rcpt to:eduardo@pmaint.com553 sorry, your HELO host name
> >> has been denied (#5.7.1)
> >>> rcpt to:eduardo@pmaint.com553 sorry, your HELO host name
> >> has been denied (#5.7.1)
> >>> Check your badhelo for any open ct regex matches
> >>>
> >>> Jason
> >>>
> >>>> -----Original Message-----
> >>>> From: Eduardo Mena [mailto:eduardo@pmaint.com]
> >>>> Sent: Friday, February 01, 2013 12:38 PM
> >>>> To: Jason Staudenmayer
> >>>> Cc: Andy Bradford; qmail@list.cr.yp.to; Shepherd Nhongo
> >>>> Subject: Re: Problems receiving mail in qmail ( 553 sorry,
> >>>> your HELO host name has been denied (#5.7.1) )
> >>>>
> >>>>
> >>>> Hi,
> >>>>
> >>>> I done it, but the messages continues.
> >>>>
> >>>> [root@boom tcprules.d]# vi tcp.qmail-smtp
> >>>>
> >>>> 170.28.128.9:allow,TCPREMOTEHOST="",NOBADHELO="",RBLSMTPD=""
> >>>>
> >>>>
> >>>> [root@boom tcprules.d]# tcprules
> /etc/tcprules.d/tcp.qmail-smtp.cdb
> >>>> /etc/tcprules.d/.tcp.qmail-smtp.tmp<
> >> /etc/tcprules.d/tcp.qmail-smtp
> >>>> [root@boom tcprules.d]# for i in $(ls /service/ |grep qmail);
> >>>> do svc -d
> >>>> /service/$i; done;
> >>>> [root@boom tcprules.d]# for i in $(ls /service/ |grep qmail);
> >>>> do svc -u
> >>>> /service/$i; done;
> >>>> [root@boom tcprules.d]# telnet mail.pmaint.com 25
> >>>> Trying 192.168.20.248...
> >>>> Connected to mail.pmaint.com (192.168.20.248).
> >>>> Escape character is '^]'.
> >>>> 220 mail.pmaint.com ESMTP
> >>>> EHLO nyct.com
> >>>> 250-mail.pmaint.com
> >>>> 250-STARTTLS
> >>>> 250-PIPELINING
> >>>> 250-8BITMIME
> >>>> 250-SIZE 22777216
> >>>> 250 AUTH LOGIN PLAIN CRAM-MD5
> >>>> MAIL FROM:DD@nyct.com
> >>>> 250 ok
> >>>> RCPT TO:eduardo@pmaint.com NOTIFY=success,failure
> >>>> 553 sorry, your HELO host name has been denied (#5.7.1)
> >>>>
> >>>> Thank you.
> >>>>
> >>>> Eduardo
> >>>>
> >>>>
> >>>>
> >>>>
> >>>> Eduardo Mena
> >>>> Predictive Maintenance Corporation
> >>>> Corporation d'entretien prédictif
> >>>> 8330 Decarie Blvd.,
> >>>> Montreal, Qc., H4P 2P5
> >>>> Tel. 514 383 6330
> >>>>
> >>>>
> >>>> On 02/01/2013 12:11 PM, Jason Staudenmayer wrote:
> >>>>> That could be it try to whitelist that domain in your
> >> tcp.smtp relay
> >>>>> list. Something like this should do it
> >>>>>
> >>>>> 170.28.128.9:allow,TCPREMOTEHOST="",NOBADHELO="",RBLSMTPD=""
> >>>>>
> >>>>> Then save tcp.smtp and update the db
> >>>>>
> >>>>>> -----Original Message-----
> >>>>>> From: Eduardo Mena [mailto:eduardo@pmaint.com]
> >>>>>> Sent: Friday, February 01, 2013 12:05 PM
> >>>>>> To: Jason Staudenmayer
> >>>>>> Cc: Andy Bradford; qmail@list.cr.yp.to; Shepherd Nhongo
> >>>>>> Subject: Re: Problems receiving mail in qmail ( 553 sorry,
> >>>>>> your HELO host name has been denied (#5.7.1) )
> >>>>>>
> >>>>>>
> >>>>>> Hi,
> >>>>>>
> >>>>>> I'm using rhost-check for bad reverse DNS.
> >>>>>>
> >>>>>> In /var/qmail/supervise/qmail-smtpd/run file, I have:
> >>>>>>
> >>>>>> SERVICE=smtp
> >>>>>> . /var/qmail/bin/qmail-config-system&& \
> >>>>>> exec /usr/bin/softlimit ${SOFTLIMIT_OPTS} \
> >>>>>> ${QMAIL_TCPSERVER_PRE} \
> >>>>>> /usr/bin/tcpserver ${TCPSERVER_OPTS} -x
> >>>> ${TCPSERVER_RULESCDB} \
> >>>>>> -c ${MAXCONN} -u ${QMAILDUID} -g ${NOFILESGID} \
> >>>>>> ${TCPSERVER_HOST} ${TCPSERVER_PORT} \
> >>>>>> rhost-check ${QMAIL_SMTP_PRE} \
> >>>>>> -r sbl-xbl.spamhaus.org \
> >>>>>> /var/qmail/bin/qmail-${SERVICE}d ${QMAIL_SMTP_POST} \
> >>>>>> 2>&1
> >>>>>>
> >>>>>> Regards,
> >>>>>>
> >>>>>> Eduardo
> >>>>>>
> >>>>>> On 02/01/2013 11:35 AM, Jason Staudenmayer wrote:
> >>>>>>> look like the helo name doesn't match the dns name. When I
> >>>>>> was running
> >>>>>>> my own qmail servers I saw this from time-to-time from
> >> doing RDNS
> >>>>>>> lookups. Are you running any RDNS filters?
> >>>>>>>
> >>>>>>> Jason
> >>>>>>> -----Original Message-----
> >>>>>>> From: Eduardo Mena [mailto:eduardo@pmaint.com]
> >>>>>>> Sent: Friday, February 01, 2013 11:06 AM
> >>>>>>> To: Andy Bradford
> >>>>>>> Cc: qmail@list.cr.yp.to; Shepherd Nhongo
> >>>>>>> Subject: Re: Problems receiving mail in qmail ( 553
> >>>> sorry, your HELO
> >>>>>>> host name has been denied (#5.7.1) )
> >>>>>>>
> >>>>>>>
> >>>>>>> Hi,
> >>>>>>>
> >>>>>>> The log from /var/log/qmail/qmail-smtpd is the following:
> >>>>>>>
> >>>>>>> @400000005108ffe800653c04 tcpserver: ok 13133
> >>>>>>> boom.pmaint.com:192.168.20.248:25
> >>>> mail1.nyct.com:170.28.128.9::53330
> >>>>>>> @400000005108ffe81b39cb94 qmail-smtpd:
> >>>>>> badhelo:<nyctlmgw.NYCT.COM> at
> >>>>>>> 170.28.128.9
> >>>>>>> @400000005108ffe81c5d3cf4 tcpserver: end 13133 status 0
> >>>>>>> @400000005108ffe81c5d40dc tcpserver: status: 0/40
> >>>>>>> @400000005109001a00ce90dc tcpserver: status: 1/40
> >>>>>>>
> >>>>>>> Thank you.
> >>>>>>>
> >>>>>>> Eduardo
> >>>>>>>
> >>>>>>> On 02/01/2013 08:58 AM, Eduardo Mena wrote:
> >>>>>>> Hi Andy,
> >>>>>>>
> >>>>>>>
> >>>>>>> The real domain is nyct.com and I have not put this
> >> domain in the
> >>>>>>> 'badhelo' file, then I do not understand why when the
> >>>>>> client nyct.com
> >>>>>>> send us emails (to pmaint.com), he receive as response the
> >>>>>> mesage " 553
> >>>>>>> sorry, your HELO host name has been denied ".
> >>>>>>>
> >>>>>>> Thank you.
> >>>>>>>
> >>>>>>>
> >>>>>>> Eduardo
> >>>>>>>
> >>>>>>>
> >>>>>>> On 01/31/2013 11:19 PM, Andy Bradford wrote:
> >>>>>>> Thus said Eduardo Mena on Thu, 31 Jan 2013 15:04:40 -0500:
> >>>>>>>
> >>>>>>>
> >>>>>>> The /var/qmail/control/badhelo file on my server
> >>>>>> doesn't have
> >>>>>>> extdomain.com. For me, extdomain.com is not a badhelo.
> >>>>>>>
> >>>>>>> How do you know that extdomain.com is what their MTA
> >>>>>> client said during
> >>>>>>> EHLO?
> >>>>>>>
> >>>>>>> Andy
> >>>>>>>
> >>>>>>>
> >>>>>>>
> >>>>>>>
> >>>>>>>
> >>>>>>>
> >>>>>>>
> >>>>>>> Click here to report this email as spam.
> >>>>>>>
> >>>>>>>
> >>>>>>> This message has been scanned for malware by Websense.
> >>>>>> www.websense.com
> >
>
Re: Problems receiving mail in qmail ( 553 sorry, your HELO host name has been denied (#5.7.1) ) [ In reply to ]
eduardo at pmaint
Feb 4, 2013, 6:20 AM
Post #17 of 20 (14044 views)
Permalink
Hi,

This is the test for ct.com

# telnet mail.pmaint.com 25
Trying 192.168.20.248...
Connected to mail.pmaint.com.
Escape character is '^]'.
220 mail.pmaint.com ESMTP
ehlo ct.com
250-mail.pmaint.com
250-STARTTLS
250-PIPELINING
250-8BITMIME
250-SIZE 22777216
250 AUTH LOGIN PLAIN CRAM-MD5
MAIL FROM:test@test.com
250 ok
RCPT TO:eduardo@pmaint.com
250 ok

On 02/04/2013 09:09 AM, Jason Staudenmayer wrote:
> Glad you found it.
>
>> -----Original Message-----
>> From: Eduardo Mena [mailto:eduardo@pmaint.com]
>> Sent: Friday, February 01, 2013 5:36 PM
>> To: Jason Staudenmayer
>> Cc: Andy Bradford; qmail@list.cr.yp.to; Shepherd Nhongo
>> Subject: Re: Problems receiving mail in qmail ( 553 sorry,
>> your HELO host name has been denied (#5.7.1) )
>>
>>
>> Hi,
>>
>> I looked again the file and 'ct.com' was in my badhelo file.
>> I'm sorry
>> but I got confused becausethis text "ehlo
>> ct.com250-mail.pmaint.com" was
>> displayed together. Because ct.com is in badhelo file, therefore it
>> display the message "553 sorry, your HELO host name has been denied
>> (#5.7.1)"
>>
>> Thanks
>>
>> Eduardo
>>
>> On 01/02/2013 4:39 PM, Jason Staudenmayer wrote:
>>> It's kind of hard to help if you drop info. I found a match
>> of ct.com so we would need to look over the whole file. You
>> could also try adding LOGREGEX="" to your last entry in your
>> tcp.smtp file and then check the log for the matching regex
>> (this might depend on the patch or build). Hopefuly somebody
>> might jump in as I'm off for the weekend, if not I check back Mon.
>>>> -----Original Message-----
>>>> From: Eduardo Mena [mailto:eduardo@pmaint.com]
>>>> Sent: Friday, February 01, 2013 4:22 PM
>>>> To: Jason Staudenmayer
>>>> Cc: Andy Bradford; qmail@list.cr.yp.to; Shepherd Nhongo
>>>> Subject: Re: Problems receiving mail in qmail ( 553 sorry,
>>>> your HELO host name has been denied (#5.7.1) )
>>>>
>>>>
>>>> Hi,
>>>>
>>>> I'm sending you part of the badhelo file. I modifed the first
>>>> line and I
>>>> omitted 20O lines of badhelo domains. Here I put only a
>> few domains.
>>>> ---
>>>> !(^pc1$|^pc2$|^pc3|^cust[1-9]$|\.)
>>>> 163data\.com\.cn
>>>> ewe-ip-backbone\.de
>>>> rm0001\.net
>>>> yahoo2\.com\.cn
>>>> tolsz200621cn\.com
>>>> songltaylor-studwelding\.com\.cn
>>>> ---
>>>>
>>>> In the following log file you can look that rm0001.net is a badhelo
>>>> because this is in the badhelo file.
>>>>
>>>> @4000000051091b33125fb664 tcpserver: pid 31270 from 216.55.88.86
>>>> @4000000051091b332f63acfc tcpserver: ok 31270
>>>> boom.pmaint.com:192.168.20.248:25
>>>> mail-88-86.rm0001.net:216.55.88.86::55100
>>>> @4000000051091b3400148bc4 qmail-smtpd: badhelo:
>>>> <mail-88-86.rm0001.net>
>>>> at 216.55.88.86
>>>> @4000000051091b340205ad64 tcpserver: end 31270 status 0
>>>>
>>>> Thanks.
>>>> Eduardo
>>>>
>>>> On 01/02/2013 3:03 PM, Jason Staudenmayer wrote:
>>>>> After poking at your mail server seems that it's matching
>>>> on the ct part of the address
>>>>> 220 mail.pmaint.com ESMTP
>>>>> ehlo ct.com250-mail.pmaint.com
>>>>> 250-STARTTLS
>>>>> 250-PIPELINING
>>>>> 250-8BITMIME
>>>>> 250-SIZE 22777216
>>>>> 250 AUTH LOGIN PLAIN CRAM-MD5
>>>>> mail from:test@ct.com250 ok
>>>>> rcpt to:eduardo@pmaint.com553 sorry, your HELO host name
>>>> has been denied (#5.7.1)
>>>>> rcpt to:eduardo@pmaint.com553 sorry, your HELO host name
>>>> has been denied (#5.7.1)
>>>>> Check your badhelo for any open ct regex matches
>>>>>
>>>>> Jason
>>>>>
>>>>>> -----Original Message-----
>>>>>> From: Eduardo Mena [mailto:eduardo@pmaint.com]
>>>>>> Sent: Friday, February 01, 2013 12:38 PM
>>>>>> To: Jason Staudenmayer
>>>>>> Cc: Andy Bradford; qmail@list.cr.yp.to; Shepherd Nhongo
>>>>>> Subject: Re: Problems receiving mail in qmail ( 553 sorry,
>>>>>> your HELO host name has been denied (#5.7.1) )
>>>>>>
>>>>>>
>>>>>> Hi,
>>>>>>
>>>>>> I done it, but the messages continues.
>>>>>>
>>>>>> [root@boom tcprules.d]# vi tcp.qmail-smtp
>>>>>>
>>>>>> 170.28.128.9:allow,TCPREMOTEHOST="",NOBADHELO="",RBLSMTPD=""
>>>>>>
>>>>>>
>>>>>> [root@boom tcprules.d]# tcprules
>> /etc/tcprules.d/tcp.qmail-smtp.cdb
>>>>>> /etc/tcprules.d/.tcp.qmail-smtp.tmp<
>>>> /etc/tcprules.d/tcp.qmail-smtp
>>>>>> [root@boom tcprules.d]# for i in $(ls /service/ |grep qmail);
>>>>>> do svc -d
>>>>>> /service/$i; done;
>>>>>> [root@boom tcprules.d]# for i in $(ls /service/ |grep qmail);
>>>>>> do svc -u
>>>>>> /service/$i; done;
>>>>>> [root@boom tcprules.d]# telnet mail.pmaint.com 25
>>>>>> Trying 192.168.20.248...
>>>>>> Connected to mail.pmaint.com (192.168.20.248).
>>>>>> Escape character is '^]'.
>>>>>> 220 mail.pmaint.com ESMTP
>>>>>> EHLO nyct.com
>>>>>> 250-mail.pmaint.com
>>>>>> 250-STARTTLS
>>>>>> 250-PIPELINING
>>>>>> 250-8BITMIME
>>>>>> 250-SIZE 22777216
>>>>>> 250 AUTH LOGIN PLAIN CRAM-MD5
>>>>>> MAIL FROM:DD@nyct.com
>>>>>> 250 ok
>>>>>> RCPT TO:eduardo@pmaint.com NOTIFY=success,failure
>>>>>> 553 sorry, your HELO host name has been denied (#5.7.1)
>>>>>>
>>>>>> Thank you.
>>>>>>
>>>>>> Eduardo
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> Eduardo Mena
>>>>>> Predictive Maintenance Corporation
>>>>>> Corporation d'entretien prédictif
>>>>>> 8330 Decarie Blvd.,
>>>>>> Montreal, Qc., H4P 2P5
>>>>>> Tel. 514 383 6330
>>>>>>
>>>>>>
>>>>>> On 02/01/2013 12:11 PM, Jason Staudenmayer wrote:
>>>>>>> That could be it try to whitelist that domain in your
>>>> tcp.smtp relay
>>>>>>> list. Something like this should do it
>>>>>>>
>>>>>>> 170.28.128.9:allow,TCPREMOTEHOST="",NOBADHELO="",RBLSMTPD=""
>>>>>>>
>>>>>>> Then save tcp.smtp and update the db
>>>>>>>
>>>>>>>> -----Original Message-----
>>>>>>>> From: Eduardo Mena [mailto:eduardo@pmaint.com]
>>>>>>>> Sent: Friday, February 01, 2013 12:05 PM
>>>>>>>> To: Jason Staudenmayer
>>>>>>>> Cc: Andy Bradford; qmail@list.cr.yp.to; Shepherd Nhongo
>>>>>>>> Subject: Re: Problems receiving mail in qmail ( 553 sorry,
>>>>>>>> your HELO host name has been denied (#5.7.1) )
>>>>>>>>
>>>>>>>>
>>>>>>>> Hi,
>>>>>>>>
>>>>>>>> I'm using rhost-check for bad reverse DNS.
>>>>>>>>
>>>>>>>> In /var/qmail/supervise/qmail-smtpd/run file, I have:
>>>>>>>>
>>>>>>>> SERVICE=smtp
>>>>>>>> . /var/qmail/bin/qmail-config-system&& \
>>>>>>>> exec /usr/bin/softlimit ${SOFTLIMIT_OPTS} \
>>>>>>>> ${QMAIL_TCPSERVER_PRE} \
>>>>>>>> /usr/bin/tcpserver ${TCPSERVER_OPTS} -x
>>>>>> ${TCPSERVER_RULESCDB} \
>>>>>>>> -c ${MAXCONN} -u ${QMAILDUID} -g ${NOFILESGID} \
>>>>>>>> ${TCPSERVER_HOST} ${TCPSERVER_PORT} \
>>>>>>>> rhost-check ${QMAIL_SMTP_PRE} \
>>>>>>>> -r sbl-xbl.spamhaus.org \
>>>>>>>> /var/qmail/bin/qmail-${SERVICE}d ${QMAIL_SMTP_POST} \
>>>>>>>> 2>&1
>>>>>>>>
>>>>>>>> Regards,
>>>>>>>>
>>>>>>>> Eduardo
>>>>>>>>
>>>>>>>> On 02/01/2013 11:35 AM, Jason Staudenmayer wrote:
>>>>>>>>> look like the helo name doesn't match the dns name. When I
>>>>>>>> was running
>>>>>>>>> my own qmail servers I saw this from time-to-time from
>>>> doing RDNS
>>>>>>>>> lookups. Are you running any RDNS filters?
>>>>>>>>>
>>>>>>>>> Jason
>>>>>>>>> -----Original Message-----
>>>>>>>>> From: Eduardo Mena [mailto:eduardo@pmaint.com]
>>>>>>>>> Sent: Friday, February 01, 2013 11:06 AM
>>>>>>>>> To: Andy Bradford
>>>>>>>>> Cc: qmail@list.cr.yp.to; Shepherd Nhongo
>>>>>>>>> Subject: Re: Problems receiving mail in qmail ( 553
>>>>>> sorry, your HELO
>>>>>>>>> host name has been denied (#5.7.1) )
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> Hi,
>>>>>>>>>
>>>>>>>>> The log from /var/log/qmail/qmail-smtpd is the following:
>>>>>>>>>
>>>>>>>>> @400000005108ffe800653c04 tcpserver: ok 13133
>>>>>>>>> boom.pmaint.com:192.168.20.248:25
>>>>>> mail1.nyct.com:170.28.128.9::53330
>>>>>>>>> @400000005108ffe81b39cb94 qmail-smtpd:
>>>>>>>> badhelo:<nyctlmgw.NYCT.COM> at
>>>>>>>>> 170.28.128.9
>>>>>>>>> @400000005108ffe81c5d3cf4 tcpserver: end 13133 status 0
>>>>>>>>> @400000005108ffe81c5d40dc tcpserver: status: 0/40
>>>>>>>>> @400000005109001a00ce90dc tcpserver: status: 1/40
>>>>>>>>>
>>>>>>>>> Thank you.
>>>>>>>>>
>>>>>>>>> Eduardo
>>>>>>>>>
>>>>>>>>> On 02/01/2013 08:58 AM, Eduardo Mena wrote:
>>>>>>>>> Hi Andy,
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> The real domain is nyct.com and I have not put this
>>>> domain in the
>>>>>>>>> 'badhelo' file, then I do not understand why when the
>>>>>>>> client nyct.com
>>>>>>>>> send us emails (to pmaint.com), he receive as response the
>>>>>>>> mesage " 553
>>>>>>>>> sorry, your HELO host name has been denied ".
>>>>>>>>>
>>>>>>>>> Thank you.
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> Eduardo
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> On 01/31/2013 11:19 PM, Andy Bradford wrote:
>>>>>>>>> Thus said Eduardo Mena on Thu, 31 Jan 2013 15:04:40 -0500:
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> The /var/qmail/control/badhelo file on my server
>>>>>>>> doesn't have
>>>>>>>>> extdomain.com. For me, extdomain.com is not a badhelo.
>>>>>>>>>
>>>>>>>>> How do you know that extdomain.com is what their MTA
>>>>>>>> client said during
>>>>>>>>> EHLO?
>>>>>>>>>
>>>>>>>>> Andy
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> Click here to report this email as spam.
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> This message has been scanned for malware by Websense.
>>>>>>>> www.websense.com
>
Re: Problems receiving mail in qmail ( 553 sorry, your HELO host name has been denied (#5.7.1) ) [ In reply to ]
eduardo at pmaint
Feb 4, 2013, 6:33 AM
Post #18 of 20 (14132 views)
Permalink
Hi,

I removed ct.com from badhelo file, I restarted qmail and I tested
again. This is the output :

# telnet mail.pmaint.com 25
Trying 192.168.20.248...
Connected to mail.pmaint.com.
Escape character is '^]'.
220 mail.pmaint.com ESMTP
ehlo ct.com
250-mail.pmaint.com
250-STARTTLS
250-PIPELINING
250-8BITMIME
250-SIZE 22777216
250 AUTH LOGIN PLAIN CRAM-MD5
mail from:test@ct.com
250 ok
rcpt to:eduardo@pmaint.com
553 sorry, your envelope sender has been denied (#5.7.1)

Thanks

Eduardo


On 02/04/2013 09:20 AM, Eduardo Mena wrote:
> Hi,
>
> This is the test for ct.com
>
> # telnet mail.pmaint.com 25
> Trying 192.168.20.248...
> Connected to mail.pmaint.com.
> Escape character is '^]'.
> 220 mail.pmaint.com ESMTP
> ehlo ct.com
> 250-mail.pmaint.com
> 250-STARTTLS
> 250-PIPELINING
> 250-8BITMIME
> 250-SIZE 22777216
> 250 AUTH LOGIN PLAIN CRAM-MD5
> MAIL FROM:test@test.com
> 250 ok
> RCPT TO:eduardo@pmaint.com
> 250 ok
>
> On 02/04/2013 09:09 AM, Jason Staudenmayer wrote:
>> Glad you found it.
>>
>>> -----Original Message-----
>>> From: Eduardo Mena [mailto:eduardo@pmaint.com]
>>> Sent: Friday, February 01, 2013 5:36 PM
>>> To: Jason Staudenmayer
>>> Cc: Andy Bradford; qmail@list.cr.yp.to; Shepherd Nhongo
>>> Subject: Re: Problems receiving mail in qmail ( 553 sorry,
>>> your HELO host name has been denied (#5.7.1) )
>>>
>>>
>>> Hi,
>>>
>>> I looked again the file and 'ct.com' was in my badhelo file.
>>> I'm sorry
>>> but I got confused becausethis text "ehlo
>>> ct.com250-mail.pmaint.com" was
>>> displayed together. Because ct.com is in badhelo file, therefore it
>>> display the message "553 sorry, your HELO host name has been denied
>>> (#5.7.1)"
>>>
>>> Thanks
>>>
>>> Eduardo
>>>
>>> On 01/02/2013 4:39 PM, Jason Staudenmayer wrote:
>>>> It's kind of hard to help if you drop info. I found a match
>>> of ct.com so we would need to look over the whole file. You
>>> could also try adding LOGREGEX="" to your last entry in your
>>> tcp.smtp file and then check the log for the matching regex
>>> (this might depend on the patch or build). Hopefuly somebody
>>> might jump in as I'm off for the weekend, if not I check back Mon.
>>>>> -----Original Message-----
>>>>> From: Eduardo Mena [mailto:eduardo@pmaint.com]
>>>>> Sent: Friday, February 01, 2013 4:22 PM
>>>>> To: Jason Staudenmayer
>>>>> Cc: Andy Bradford; qmail@list.cr.yp.to; Shepherd Nhongo
>>>>> Subject: Re: Problems receiving mail in qmail ( 553 sorry,
>>>>> your HELO host name has been denied (#5.7.1) )
>>>>>
>>>>>
>>>>> Hi,
>>>>>
>>>>> I'm sending you part of the badhelo file. I modifed the first
>>>>> line and I
>>>>> omitted 20O lines of badhelo domains. Here I put only a
>>> few domains.
>>>>> ---
>>>>> !(^pc1$|^pc2$|^pc3|^cust[1-9]$|\.)
>>>>> 163data\.com\.cn
>>>>> ewe-ip-backbone\.de
>>>>> rm0001\.net
>>>>> yahoo2\.com\.cn
>>>>> tolsz200621cn\.com
>>>>> songltaylor-studwelding\.com\.cn
>>>>> ---
>>>>>
>>>>> In the following log file you can look that rm0001.net is a badhelo
>>>>> because this is in the badhelo file.
>>>>>
>>>>> @4000000051091b33125fb664 tcpserver: pid 31270 from 216.55.88.86
>>>>> @4000000051091b332f63acfc tcpserver: ok 31270
>>>>> boom.pmaint.com:192.168.20.248:25
>>>>> mail-88-86.rm0001.net:216.55.88.86::55100
>>>>> @4000000051091b3400148bc4 qmail-smtpd: badhelo:
>>>>> <mail-88-86.rm0001.net>
>>>>> at 216.55.88.86
>>>>> @4000000051091b340205ad64 tcpserver: end 31270 status 0
>>>>>
>>>>> Thanks.
>>>>> Eduardo
>>>>>
>>>>> On 01/02/2013 3:03 PM, Jason Staudenmayer wrote:
>>>>>> After poking at your mail server seems that it's matching
>>>>> on the ct part of the address
>>>>>> 220 mail.pmaint.com ESMTP
>>>>>> ehlo ct.com250-mail.pmaint.com
>>>>>> 250-STARTTLS
>>>>>> 250-PIPELINING
>>>>>> 250-8BITMIME
>>>>>> 250-SIZE 22777216
>>>>>> 250 AUTH LOGIN PLAIN CRAM-MD5
>>>>>> mail from:test@ct.com250 ok
>>>>>> rcpt to:eduardo@pmaint.com553 sorry, your HELO host name
>>>>> has been denied (#5.7.1)
>>>>>> rcpt to:eduardo@pmaint.com553 sorry, your HELO host name
>>>>> has been denied (#5.7.1)
>>>>>> Check your badhelo for any open ct regex matches
>>>>>>
>>>>>> Jason
>>>>>>
>>>>>>> -----Original Message-----
>>>>>>> From: Eduardo Mena [mailto:eduardo@pmaint.com]
>>>>>>> Sent: Friday, February 01, 2013 12:38 PM
>>>>>>> To: Jason Staudenmayer
>>>>>>> Cc: Andy Bradford; qmail@list.cr.yp.to; Shepherd Nhongo
>>>>>>> Subject: Re: Problems receiving mail in qmail ( 553 sorry,
>>>>>>> your HELO host name has been denied (#5.7.1) )
>>>>>>>
>>>>>>>
>>>>>>> Hi,
>>>>>>>
>>>>>>> I done it, but the messages continues.
>>>>>>>
>>>>>>> [root@boom tcprules.d]# vi tcp.qmail-smtp
>>>>>>>
>>>>>>> 170.28.128.9:allow,TCPREMOTEHOST="",NOBADHELO="",RBLSMTPD=""
>>>>>>>
>>>>>>>
>>>>>>> [root@boom tcprules.d]# tcprules
>>> /etc/tcprules.d/tcp.qmail-smtp.cdb
>>>>>>> /etc/tcprules.d/.tcp.qmail-smtp.tmp<
>>>>> /etc/tcprules.d/tcp.qmail-smtp
>>>>>>> [root@boom tcprules.d]# for i in $(ls /service/ |grep qmail);
>>>>>>> do svc -d
>>>>>>> /service/$i; done;
>>>>>>> [root@boom tcprules.d]# for i in $(ls /service/ |grep qmail);
>>>>>>> do svc -u
>>>>>>> /service/$i; done;
>>>>>>> [root@boom tcprules.d]# telnet mail.pmaint.com 25
>>>>>>> Trying 192.168.20.248...
>>>>>>> Connected to mail.pmaint.com (192.168.20.248).
>>>>>>> Escape character is '^]'.
>>>>>>> 220 mail.pmaint.com ESMTP
>>>>>>> EHLO nyct.com
>>>>>>> 250-mail.pmaint.com
>>>>>>> 250-STARTTLS
>>>>>>> 250-PIPELINING
>>>>>>> 250-8BITMIME
>>>>>>> 250-SIZE 22777216
>>>>>>> 250 AUTH LOGIN PLAIN CRAM-MD5
>>>>>>> MAIL FROM:DD@nyct.com
>>>>>>> 250 ok
>>>>>>> RCPT TO:eduardo@pmaint.com NOTIFY=success,failure
>>>>>>> 553 sorry, your HELO host name has been denied (#5.7.1)
>>>>>>>
>>>>>>> Thank you.
>>>>>>>
>>>>>>> Eduardo
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> Eduardo Mena
>>>>>>> Predictive Maintenance Corporation
>>>>>>> Corporation d'entretien prédictif
>>>>>>> 8330 Decarie Blvd.,
>>>>>>> Montreal, Qc., H4P 2P5
>>>>>>> Tel. 514 383 6330
>>>>>>>
>>>>>>>
>>>>>>> On 02/01/2013 12:11 PM, Jason Staudenmayer wrote:
>>>>>>>> That could be it try to whitelist that domain in your
>>>>> tcp.smtp relay
>>>>>>>> list. Something like this should do it
>>>>>>>>
>>>>>>>> 170.28.128.9:allow,TCPREMOTEHOST="",NOBADHELO="",RBLSMTPD=""
>>>>>>>>
>>>>>>>> Then save tcp.smtp and update the db
>>>>>>>>
>>>>>>>>> -----Original Message-----
>>>>>>>>> From: Eduardo Mena [mailto:eduardo@pmaint.com]
>>>>>>>>> Sent: Friday, February 01, 2013 12:05 PM
>>>>>>>>> To: Jason Staudenmayer
>>>>>>>>> Cc: Andy Bradford; qmail@list.cr.yp.to; Shepherd Nhongo
>>>>>>>>> Subject: Re: Problems receiving mail in qmail ( 553 sorry,
>>>>>>>>> your HELO host name has been denied (#5.7.1) )
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> Hi,
>>>>>>>>>
>>>>>>>>> I'm using rhost-check for bad reverse DNS.
>>>>>>>>>
>>>>>>>>> In /var/qmail/supervise/qmail-smtpd/run file, I have:
>>>>>>>>>
>>>>>>>>> SERVICE=smtp
>>>>>>>>> . /var/qmail/bin/qmail-config-system&& \
>>>>>>>>> exec /usr/bin/softlimit ${SOFTLIMIT_OPTS} \
>>>>>>>>> ${QMAIL_TCPSERVER_PRE} \
>>>>>>>>> /usr/bin/tcpserver ${TCPSERVER_OPTS} -x
>>>>>>> ${TCPSERVER_RULESCDB} \
>>>>>>>>> -c ${MAXCONN} -u ${QMAILDUID} -g ${NOFILESGID} \
>>>>>>>>> ${TCPSERVER_HOST} ${TCPSERVER_PORT} \
>>>>>>>>> rhost-check ${QMAIL_SMTP_PRE} \
>>>>>>>>> -r sbl-xbl.spamhaus.org \
>>>>>>>>> /var/qmail/bin/qmail-${SERVICE}d ${QMAIL_SMTP_POST} \
>>>>>>>>> 2>&1
>>>>>>>>>
>>>>>>>>> Regards,
>>>>>>>>>
>>>>>>>>> Eduardo
>>>>>>>>>
>>>>>>>>> On 02/01/2013 11:35 AM, Jason Staudenmayer wrote:
>>>>>>>>>> look like the helo name doesn't match the dns name. When I
>>>>>>>>> was running
>>>>>>>>>> my own qmail servers I saw this from time-to-time from
>>>>> doing RDNS
>>>>>>>>>> lookups. Are you running any RDNS filters?
>>>>>>>>>>
>>>>>>>>>> Jason
>>>>>>>>>> -----Original Message-----
>>>>>>>>>> From: Eduardo Mena [mailto:eduardo@pmaint.com]
>>>>>>>>>> Sent: Friday, February 01, 2013 11:06 AM
>>>>>>>>>> To: Andy Bradford
>>>>>>>>>> Cc: qmail@list.cr.yp.to; Shepherd Nhongo
>>>>>>>>>> Subject: Re: Problems receiving mail in qmail ( 553
>>>>>>> sorry, your HELO
>>>>>>>>>> host name has been denied (#5.7.1) )
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> Hi,
>>>>>>>>>>
>>>>>>>>>> The log from /var/log/qmail/qmail-smtpd is the following:
>>>>>>>>>>
>>>>>>>>>> @400000005108ffe800653c04 tcpserver: ok 13133
>>>>>>>>>> boom.pmaint.com:192.168.20.248:25
>>>>>>> mail1.nyct.com:170.28.128.9::53330
>>>>>>>>>> @400000005108ffe81b39cb94 qmail-smtpd:
>>>>>>>>> badhelo:<nyctlmgw.NYCT.COM> at
>>>>>>>>>> 170.28.128.9
>>>>>>>>>> @400000005108ffe81c5d3cf4 tcpserver: end 13133 status 0
>>>>>>>>>> @400000005108ffe81c5d40dc tcpserver: status: 0/40
>>>>>>>>>> @400000005109001a00ce90dc tcpserver: status: 1/40
>>>>>>>>>>
>>>>>>>>>> Thank you.
>>>>>>>>>>
>>>>>>>>>> Eduardo
>>>>>>>>>>
>>>>>>>>>> On 02/01/2013 08:58 AM, Eduardo Mena wrote:
>>>>>>>>>> Hi Andy,
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> The real domain is nyct.com and I have not put this
>>>>> domain in the
>>>>>>>>>> 'badhelo' file, then I do not understand why when the
>>>>>>>>> client nyct.com
>>>>>>>>>> send us emails (to pmaint.com), he receive as response the
>>>>>>>>> mesage " 553
>>>>>>>>>> sorry, your HELO host name has been denied ".
>>>>>>>>>>
>>>>>>>>>> Thank you.
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> Eduardo
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> On 01/31/2013 11:19 PM, Andy Bradford wrote:
>>>>>>>>>> Thus said Eduardo Mena on Thu, 31 Jan 2013 15:04:40 -0500:
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> The /var/qmail/control/badhelo file on my server
>>>>>>>>> doesn't have
>>>>>>>>>> extdomain.com. For me, extdomain.com is not a badhelo.
>>>>>>>>>>
>>>>>>>>>> How do you know that extdomain.com is what their MTA
>>>>>>>>> client said during
>>>>>>>>>> EHLO?
>>>>>>>>>>
>>>>>>>>>> Andy
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> Click here to report this email as spam.
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> This message has been scanned for malware by Websense.
>>>>>>>>> www.websense.com
>>
>
>
Re: Problems receiving mail in qmail ( 553 sorry, your HELO host name has been denied (#5.7.1) ) [ In reply to ]
eduardo at pmaint
Feb 4, 2013, 6:44 AM
Post #19 of 20 (14071 views)
Permalink
Hi,

I removed ct.com from badmailfrom file and this is the output :

# telnet mail.pmaint.com 25
Trying 192.168.20.248...
Connected to mail.pmaint.com (192.168.20.248).
Escape character is '^]'.
220 mail.pmaint.com ESMTP
ehlo ct.com
250-mail.pmaint.com
250-STARTTLS
250-PIPELINING
250-8BITMIME
250-SIZE 22777216
250 AUTH LOGIN PLAIN CRAM-MD5
mail from:test@ct.com
250 ok
rcpt to:eduardo@pmaint.com
250 ok

Thanks

Eduardo

On 02/04/2013 09:33 AM, Eduardo Mena wrote:
> Hi,
>
> I removed ct.com from badhelo file, I restarted qmail and I tested
> again. This is the output :
>
> # telnet mail.pmaint.com 25
> Trying 192.168.20.248...
> Connected to mail.pmaint.com.
> Escape character is '^]'.
> 220 mail.pmaint.com ESMTP
> ehlo ct.com
> 250-mail.pmaint.com
> 250-STARTTLS
> 250-PIPELINING
> 250-8BITMIME
> 250-SIZE 22777216
> 250 AUTH LOGIN PLAIN CRAM-MD5
> mail from:test@ct.com
> 250 ok
> rcpt to:eduardo@pmaint.com
> 553 sorry, your envelope sender has been denied (#5.7.1)
>
> Thanks
>
> Eduardo
>
>
> On 02/04/2013 09:20 AM, Eduardo Mena wrote:
>> Hi,
>>
>> This is the test for ct.com
>>
>> # telnet mail.pmaint.com 25
>> Trying 192.168.20.248...
>> Connected to mail.pmaint.com.
>> Escape character is '^]'.
>> 220 mail.pmaint.com ESMTP
>> ehlo ct.com
>> 250-mail.pmaint.com
>> 250-STARTTLS
>> 250-PIPELINING
>> 250-8BITMIME
>> 250-SIZE 22777216
>> 250 AUTH LOGIN PLAIN CRAM-MD5
>> MAIL FROM:test@test.com
>> 250 ok
>> RCPT TO:eduardo@pmaint.com
>> 250 ok
>>
>> On 02/04/2013 09:09 AM, Jason Staudenmayer wrote:
>>> Glad you found it.
>>>
>>>> -----Original Message-----
>>>> From: Eduardo Mena [mailto:eduardo@pmaint.com]
>>>> Sent: Friday, February 01, 2013 5:36 PM
>>>> To: Jason Staudenmayer
>>>> Cc: Andy Bradford; qmail@list.cr.yp.to; Shepherd Nhongo
>>>> Subject: Re: Problems receiving mail in qmail ( 553 sorry,
>>>> your HELO host name has been denied (#5.7.1) )
>>>>
>>>>
>>>> Hi,
>>>>
>>>> I looked again the file and 'ct.com' was in my badhelo file.
>>>> I'm sorry
>>>> but I got confused becausethis text "ehlo
>>>> ct.com250-mail.pmaint.com" was
>>>> displayed together. Because ct.com is in badhelo file, therefore it
>>>> display the message "553 sorry, your HELO host name has been denied
>>>> (#5.7.1)"
>>>>
>>>> Thanks
>>>>
>>>> Eduardo
>>>>
>>>> On 01/02/2013 4:39 PM, Jason Staudenmayer wrote:
>>>>> It's kind of hard to help if you drop info. I found a match
>>>> of ct.com so we would need to look over the whole file. You
>>>> could also try adding LOGREGEX="" to your last entry in your
>>>> tcp.smtp file and then check the log for the matching regex
>>>> (this might depend on the patch or build). Hopefuly somebody
>>>> might jump in as I'm off for the weekend, if not I check back Mon.
>>>>>> -----Original Message-----
>>>>>> From: Eduardo Mena [mailto:eduardo@pmaint.com]
>>>>>> Sent: Friday, February 01, 2013 4:22 PM
>>>>>> To: Jason Staudenmayer
>>>>>> Cc: Andy Bradford; qmail@list.cr.yp.to; Shepherd Nhongo
>>>>>> Subject: Re: Problems receiving mail in qmail ( 553 sorry,
>>>>>> your HELO host name has been denied (#5.7.1) )
>>>>>>
>>>>>>
>>>>>> Hi,
>>>>>>
>>>>>> I'm sending you part of the badhelo file. I modifed the first
>>>>>> line and I
>>>>>> omitted 20O lines of badhelo domains. Here I put only a
>>>> few domains.
>>>>>> ---
>>>>>> !(^pc1$|^pc2$|^pc3|^cust[1-9]$|\.)
>>>>>> 163data\.com\.cn
>>>>>> ewe-ip-backbone\.de
>>>>>> rm0001\.net
>>>>>> yahoo2\.com\.cn
>>>>>> tolsz200621cn\.com
>>>>>> songltaylor-studwelding\.com\.cn
>>>>>> ---
>>>>>>
>>>>>> In the following log file you can look that rm0001.net is a badhelo
>>>>>> because this is in the badhelo file.
>>>>>>
>>>>>> @4000000051091b33125fb664 tcpserver: pid 31270 from 216.55.88.86
>>>>>> @4000000051091b332f63acfc tcpserver: ok 31270
>>>>>> boom.pmaint.com:192.168.20.248:25
>>>>>> mail-88-86.rm0001.net:216.55.88.86::55100
>>>>>> @4000000051091b3400148bc4 qmail-smtpd: badhelo:
>>>>>> <mail-88-86.rm0001.net>
>>>>>> at 216.55.88.86
>>>>>> @4000000051091b340205ad64 tcpserver: end 31270 status 0
>>>>>>
>>>>>> Thanks.
>>>>>> Eduardo
>>>>>>
>>>>>> On 01/02/2013 3:03 PM, Jason Staudenmayer wrote:
>>>>>>> After poking at your mail server seems that it's matching
>>>>>> on the ct part of the address
>>>>>>> 220 mail.pmaint.com ESMTP
>>>>>>> ehlo ct.com250-mail.pmaint.com
>>>>>>> 250-STARTTLS
>>>>>>> 250-PIPELINING
>>>>>>> 250-8BITMIME
>>>>>>> 250-SIZE 22777216
>>>>>>> 250 AUTH LOGIN PLAIN CRAM-MD5
>>>>>>> mail from:test@ct.com250 ok
>>>>>>> rcpt to:eduardo@pmaint.com553 sorry, your HELO host name
>>>>>> has been denied (#5.7.1)
>>>>>>> rcpt to:eduardo@pmaint.com553 sorry, your HELO host name
>>>>>> has been denied (#5.7.1)
>>>>>>> Check your badhelo for any open ct regex matches
>>>>>>>
>>>>>>> Jason
>>>>>>>
>>>>>>>> -----Original Message-----
>>>>>>>> From: Eduardo Mena [mailto:eduardo@pmaint.com]
>>>>>>>> Sent: Friday, February 01, 2013 12:38 PM
>>>>>>>> To: Jason Staudenmayer
>>>>>>>> Cc: Andy Bradford; qmail@list.cr.yp.to; Shepherd Nhongo
>>>>>>>> Subject: Re: Problems receiving mail in qmail ( 553 sorry,
>>>>>>>> your HELO host name has been denied (#5.7.1) )
>>>>>>>>
>>>>>>>>
>>>>>>>> Hi,
>>>>>>>>
>>>>>>>> I done it, but the messages continues.
>>>>>>>>
>>>>>>>> [root@boom tcprules.d]# vi tcp.qmail-smtp
>>>>>>>>
>>>>>>>> 170.28.128.9:allow,TCPREMOTEHOST="",NOBADHELO="",RBLSMTPD=""
>>>>>>>>
>>>>>>>>
>>>>>>>> [root@boom tcprules.d]# tcprules
>>>> /etc/tcprules.d/tcp.qmail-smtp.cdb
>>>>>>>> /etc/tcprules.d/.tcp.qmail-smtp.tmp<
>>>>>> /etc/tcprules.d/tcp.qmail-smtp
>>>>>>>> [root@boom tcprules.d]# for i in $(ls /service/ |grep qmail);
>>>>>>>> do svc -d
>>>>>>>> /service/$i; done;
>>>>>>>> [root@boom tcprules.d]# for i in $(ls /service/ |grep qmail);
>>>>>>>> do svc -u
>>>>>>>> /service/$i; done;
>>>>>>>> [root@boom tcprules.d]# telnet mail.pmaint.com 25
>>>>>>>> Trying 192.168.20.248...
>>>>>>>> Connected to mail.pmaint.com (192.168.20.248).
>>>>>>>> Escape character is '^]'.
>>>>>>>> 220 mail.pmaint.com ESMTP
>>>>>>>> EHLO nyct.com
>>>>>>>> 250-mail.pmaint.com
>>>>>>>> 250-STARTTLS
>>>>>>>> 250-PIPELINING
>>>>>>>> 250-8BITMIME
>>>>>>>> 250-SIZE 22777216
>>>>>>>> 250 AUTH LOGIN PLAIN CRAM-MD5
>>>>>>>> MAIL FROM:DD@nyct.com
>>>>>>>> 250 ok
>>>>>>>> RCPT TO:eduardo@pmaint.com NOTIFY=success,failure
>>>>>>>> 553 sorry, your HELO host name has been denied (#5.7.1)
>>>>>>>>
>>>>>>>> Thank you.
>>>>>>>>
>>>>>>>> Eduardo
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> Eduardo Mena
>>>>>>>> Predictive Maintenance Corporation
>>>>>>>> Corporation d'entretien prédictif
>>>>>>>> 8330 Decarie Blvd.,
>>>>>>>> Montreal, Qc., H4P 2P5
>>>>>>>> Tel. 514 383 6330
>>>>>>>>
>>>>>>>>
>>>>>>>> On 02/01/2013 12:11 PM, Jason Staudenmayer wrote:
>>>>>>>>> That could be it try to whitelist that domain in your
>>>>>> tcp.smtp relay
>>>>>>>>> list. Something like this should do it
>>>>>>>>>
>>>>>>>>> 170.28.128.9:allow,TCPREMOTEHOST="",NOBADHELO="",RBLSMTPD=""
>>>>>>>>>
>>>>>>>>> Then save tcp.smtp and update the db
>>>>>>>>>
>>>>>>>>>> -----Original Message-----
>>>>>>>>>> From: Eduardo Mena [mailto:eduardo@pmaint.com]
>>>>>>>>>> Sent: Friday, February 01, 2013 12:05 PM
>>>>>>>>>> To: Jason Staudenmayer
>>>>>>>>>> Cc: Andy Bradford; qmail@list.cr.yp.to; Shepherd Nhongo
>>>>>>>>>> Subject: Re: Problems receiving mail in qmail ( 553 sorry,
>>>>>>>>>> your HELO host name has been denied (#5.7.1) )
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> Hi,
>>>>>>>>>>
>>>>>>>>>> I'm using rhost-check for bad reverse DNS.
>>>>>>>>>>
>>>>>>>>>> In /var/qmail/supervise/qmail-smtpd/run file, I have:
>>>>>>>>>>
>>>>>>>>>> SERVICE=smtp
>>>>>>>>>> . /var/qmail/bin/qmail-config-system&& \
>>>>>>>>>> exec /usr/bin/softlimit ${SOFTLIMIT_OPTS} \
>>>>>>>>>> ${QMAIL_TCPSERVER_PRE} \
>>>>>>>>>> /usr/bin/tcpserver ${TCPSERVER_OPTS} -x
>>>>>>>> ${TCPSERVER_RULESCDB} \
>>>>>>>>>> -c ${MAXCONN} -u ${QMAILDUID} -g ${NOFILESGID} \
>>>>>>>>>> ${TCPSERVER_HOST} ${TCPSERVER_PORT} \
>>>>>>>>>> rhost-check ${QMAIL_SMTP_PRE} \
>>>>>>>>>> -r sbl-xbl.spamhaus.org \
>>>>>>>>>> /var/qmail/bin/qmail-${SERVICE}d ${QMAIL_SMTP_POST} \
>>>>>>>>>> 2>&1
>>>>>>>>>>
>>>>>>>>>> Regards,
>>>>>>>>>>
>>>>>>>>>> Eduardo
>>>>>>>>>>
>>>>>>>>>> On 02/01/2013 11:35 AM, Jason Staudenmayer wrote:
>>>>>>>>>>> look like the helo name doesn't match the dns name. When I
>>>>>>>>>> was running
>>>>>>>>>>> my own qmail servers I saw this from time-to-time from
>>>>>> doing RDNS
>>>>>>>>>>> lookups. Are you running any RDNS filters?
>>>>>>>>>>>
>>>>>>>>>>> Jason
>>>>>>>>>>> -----Original Message-----
>>>>>>>>>>> From: Eduardo Mena [mailto:eduardo@pmaint.com]
>>>>>>>>>>> Sent: Friday, February 01, 2013 11:06 AM
>>>>>>>>>>> To: Andy Bradford
>>>>>>>>>>> Cc: qmail@list.cr.yp.to; Shepherd Nhongo
>>>>>>>>>>> Subject: Re: Problems receiving mail in qmail ( 553
>>>>>>>> sorry, your HELO
>>>>>>>>>>> host name has been denied (#5.7.1) )
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> Hi,
>>>>>>>>>>>
>>>>>>>>>>> The log from /var/log/qmail/qmail-smtpd is the following:
>>>>>>>>>>>
>>>>>>>>>>> @400000005108ffe800653c04 tcpserver: ok 13133
>>>>>>>>>>> boom.pmaint.com:192.168.20.248:25
>>>>>>>> mail1.nyct.com:170.28.128.9::53330
>>>>>>>>>>> @400000005108ffe81b39cb94 qmail-smtpd:
>>>>>>>>>> badhelo:<nyctlmgw.NYCT.COM> at
>>>>>>>>>>> 170.28.128.9
>>>>>>>>>>> @400000005108ffe81c5d3cf4 tcpserver: end 13133 status 0
>>>>>>>>>>> @400000005108ffe81c5d40dc tcpserver: status: 0/40
>>>>>>>>>>> @400000005109001a00ce90dc tcpserver: status: 1/40
>>>>>>>>>>>
>>>>>>>>>>> Thank you.
>>>>>>>>>>>
>>>>>>>>>>> Eduardo
>>>>>>>>>>>
>>>>>>>>>>> On 02/01/2013 08:58 AM, Eduardo Mena wrote:
>>>>>>>>>>> Hi Andy,
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> The real domain is nyct.com and I have not put this
>>>>>> domain in the
>>>>>>>>>>> 'badhelo' file, then I do not understand why when the
>>>>>>>>>> client nyct.com
>>>>>>>>>>> send us emails (to pmaint.com), he receive as response the
>>>>>>>>>> mesage " 553
>>>>>>>>>>> sorry, your HELO host name has been denied ".
>>>>>>>>>>>
>>>>>>>>>>> Thank you.
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> Eduardo
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> On 01/31/2013 11:19 PM, Andy Bradford wrote:
>>>>>>>>>>> Thus said Eduardo Mena on Thu, 31 Jan 2013 15:04:40 -0500:
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> The /var/qmail/control/badhelo file on my server
>>>>>>>>>> doesn't have
>>>>>>>>>>> extdomain.com. For me, extdomain.com is not a badhelo.
>>>>>>>>>>>
>>>>>>>>>>> How do you know that extdomain.com is what their MTA
>>>>>>>>>> client said during
>>>>>>>>>>> EHLO?
>>>>>>>>>>>
>>>>>>>>>>> Andy
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> Click here to report this email as spam.
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> This message has been scanned for malware by Websense.
>>>>>>>>>> www.websense.com
>>>
>>
>>
>
>
Re: Problems receiving mail in qmail ( 553 sorry, your HELO host name has been denied (#5.7.1) ) [ In reply to ]
eduardo at pmaint
Feb 4, 2013, 9:46 AM
Post #20 of 20 (14069 views)
Permalink
Hi,

Now is working !

The ct.com domain was defined in badhelo file, then when I used
nyct.com, it was considered as part of ct.com.

Thank you everybody for your time and support.

Eduardo

On 02/04/2013 09:44 AM, Eduardo Mena wrote:
> Hi,
>
> I removed ct.com from badmailfrom file and this is the output :
>
> # telnet mail.pmaint.com 25
> Trying 192.168.20.248...
> Connected to mail.pmaint.com (192.168.20.248).
> Escape character is '^]'.
> 220 mail.pmaint.com ESMTP
> ehlo ct.com
> 250-mail.pmaint.com
> 250-STARTTLS
> 250-PIPELINING
> 250-8BITMIME
> 250-SIZE 22777216
> 250 AUTH LOGIN PLAIN CRAM-MD5
> mail from:test@ct.com
> 250 ok
> rcpt to:eduardo@pmaint.com
> 250 ok
>
> Thanks
>
> Eduardo
>
> On 02/04/2013 09:33 AM, Eduardo Mena wrote:
>> Hi,
>>
>> I removed ct.com from badhelo file, I restarted qmail and I tested
>> again. This is the output :
>>
>> # telnet mail.pmaint.com 25
>> Trying 192.168.20.248...
>> Connected to mail.pmaint.com.
>> Escape character is '^]'.
>> 220 mail.pmaint.com ESMTP
>> ehlo ct.com
>> 250-mail.pmaint.com
>> 250-STARTTLS
>> 250-PIPELINING
>> 250-8BITMIME
>> 250-SIZE 22777216
>> 250 AUTH LOGIN PLAIN CRAM-MD5
>> mail from:test@ct.com
>> 250 ok
>> rcpt to:eduardo@pmaint.com
>> 553 sorry, your envelope sender has been denied (#5.7.1)
>>
>> Thanks
>>
>> Eduardo
>>
>>
>> On 02/04/2013 09:20 AM, Eduardo Mena wrote:
>>> Hi,
>>>
>>> This is the test for ct.com
>>>
>>> # telnet mail.pmaint.com 25
>>> Trying 192.168.20.248...
>>> Connected to mail.pmaint.com.
>>> Escape character is '^]'.
>>> 220 mail.pmaint.com ESMTP
>>> ehlo ct.com
>>> 250-mail.pmaint.com
>>> 250-STARTTLS
>>> 250-PIPELINING
>>> 250-8BITMIME
>>> 250-SIZE 22777216
>>> 250 AUTH LOGIN PLAIN CRAM-MD5
>>> MAIL FROM:test@test.com
>>> 250 ok
>>> RCPT TO:eduardo@pmaint.com
>>> 250 ok
>>>
>>> On 02/04/2013 09:09 AM, Jason Staudenmayer wrote:
>>>> Glad you found it.
>>>>
>>>>> -----Original Message-----
>>>>> From: Eduardo Mena [mailto:eduardo@pmaint.com]
>>>>> Sent: Friday, February 01, 2013 5:36 PM
>>>>> To: Jason Staudenmayer
>>>>> Cc: Andy Bradford; qmail@list.cr.yp.to; Shepherd Nhongo
>>>>> Subject: Re: Problems receiving mail in qmail ( 553 sorry,
>>>>> your HELO host name has been denied (#5.7.1) )
>>>>>
>>>>>
>>>>> Hi,
>>>>>
>>>>> I looked again the file and 'ct.com' was in my badhelo file.
>>>>> I'm sorry
>>>>> but I got confused becausethis text "ehlo
>>>>> ct.com250-mail.pmaint.com" was
>>>>> displayed together. Because ct.com is in badhelo file, therefore it
>>>>> display the message "553 sorry, your HELO host name has been denied
>>>>> (#5.7.1)"
>>>>>
>>>>> Thanks
>>>>>
>>>>> Eduardo
>>>>>
>>>>> On 01/02/2013 4:39 PM, Jason Staudenmayer wrote:
>>>>>> It's kind of hard to help if you drop info. I found a match
>>>>> of ct.com so we would need to look over the whole file. You
>>>>> could also try adding LOGREGEX="" to your last entry in your
>>>>> tcp.smtp file and then check the log for the matching regex
>>>>> (this might depend on the patch or build). Hopefuly somebody
>>>>> might jump in as I'm off for the weekend, if not I check back Mon.
>>>>>>> -----Original Message-----
>>>>>>> From: Eduardo Mena [mailto:eduardo@pmaint.com]
>>>>>>> Sent: Friday, February 01, 2013 4:22 PM
>>>>>>> To: Jason Staudenmayer
>>>>>>> Cc: Andy Bradford; qmail@list.cr.yp.to; Shepherd Nhongo
>>>>>>> Subject: Re: Problems receiving mail in qmail ( 553 sorry,
>>>>>>> your HELO host name has been denied (#5.7.1) )
>>>>>>>
>>>>>>>
>>>>>>> Hi,
>>>>>>>
>>>>>>> I'm sending you part of the badhelo file. I modifed the first
>>>>>>> line and I
>>>>>>> omitted 20O lines of badhelo domains. Here I put only a
>>>>> few domains.
>>>>>>> ---
>>>>>>> !(^pc1$|^pc2$|^pc3|^cust[1-9]$|\.)
>>>>>>> 163data\.com\.cn
>>>>>>> ewe-ip-backbone\.de
>>>>>>> rm0001\.net
>>>>>>> yahoo2\.com\.cn
>>>>>>> tolsz200621cn\.com
>>>>>>> songltaylor-studwelding\.com\.cn
>>>>>>> ---
>>>>>>>
>>>>>>> In the following log file you can look that rm0001.net is a badhelo
>>>>>>> because this is in the badhelo file.
>>>>>>>
>>>>>>> @4000000051091b33125fb664 tcpserver: pid 31270 from 216.55.88.86
>>>>>>> @4000000051091b332f63acfc tcpserver: ok 31270
>>>>>>> boom.pmaint.com:192.168.20.248:25
>>>>>>> mail-88-86.rm0001.net:216.55.88.86::55100
>>>>>>> @4000000051091b3400148bc4 qmail-smtpd: badhelo:
>>>>>>> <mail-88-86.rm0001.net>
>>>>>>> at 216.55.88.86
>>>>>>> @4000000051091b340205ad64 tcpserver: end 31270 status 0
>>>>>>>
>>>>>>> Thanks.
>>>>>>> Eduardo
>>>>>>>
>>>>>>> On 01/02/2013 3:03 PM, Jason Staudenmayer wrote:
>>>>>>>> After poking at your mail server seems that it's matching
>>>>>>> on the ct part of the address
>>>>>>>> 220 mail.pmaint.com ESMTP
>>>>>>>> ehlo ct.com250-mail.pmaint.com
>>>>>>>> 250-STARTTLS
>>>>>>>> 250-PIPELINING
>>>>>>>> 250-8BITMIME
>>>>>>>> 250-SIZE 22777216
>>>>>>>> 250 AUTH LOGIN PLAIN CRAM-MD5
>>>>>>>> mail from:test@ct.com250 ok
>>>>>>>> rcpt to:eduardo@pmaint.com553 sorry, your HELO host name
>>>>>>> has been denied (#5.7.1)
>>>>>>>> rcpt to:eduardo@pmaint.com553 sorry, your HELO host name
>>>>>>> has been denied (#5.7.1)
>>>>>>>> Check your badhelo for any open ct regex matches
>>>>>>>>
>>>>>>>> Jason
>>>>>>>>
>>>>>>>>> -----Original Message-----
>>>>>>>>> From: Eduardo Mena [mailto:eduardo@pmaint.com]
>>>>>>>>> Sent: Friday, February 01, 2013 12:38 PM
>>>>>>>>> To: Jason Staudenmayer
>>>>>>>>> Cc: Andy Bradford; qmail@list.cr.yp.to; Shepherd Nhongo
>>>>>>>>> Subject: Re: Problems receiving mail in qmail ( 553 sorry,
>>>>>>>>> your HELO host name has been denied (#5.7.1) )
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> Hi,
>>>>>>>>>
>>>>>>>>> I done it, but the messages continues.
>>>>>>>>>
>>>>>>>>> [root@boom tcprules.d]# vi tcp.qmail-smtp
>>>>>>>>>
>>>>>>>>> 170.28.128.9:allow,TCPREMOTEHOST="",NOBADHELO="",RBLSMTPD=""
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> [root@boom tcprules.d]# tcprules
>>>>> /etc/tcprules.d/tcp.qmail-smtp.cdb
>>>>>>>>> /etc/tcprules.d/.tcp.qmail-smtp.tmp<
>>>>>>> /etc/tcprules.d/tcp.qmail-smtp
>>>>>>>>> [root@boom tcprules.d]# for i in $(ls /service/ |grep qmail);
>>>>>>>>> do svc -d
>>>>>>>>> /service/$i; done;
>>>>>>>>> [root@boom tcprules.d]# for i in $(ls /service/ |grep qmail);
>>>>>>>>> do svc -u
>>>>>>>>> /service/$i; done;
>>>>>>>>> [root@boom tcprules.d]# telnet mail.pmaint.com 25
>>>>>>>>> Trying 192.168.20.248...
>>>>>>>>> Connected to mail.pmaint.com (192.168.20.248).
>>>>>>>>> Escape character is '^]'.
>>>>>>>>> 220 mail.pmaint.com ESMTP
>>>>>>>>> EHLO nyct.com
>>>>>>>>> 250-mail.pmaint.com
>>>>>>>>> 250-STARTTLS
>>>>>>>>> 250-PIPELINING
>>>>>>>>> 250-8BITMIME
>>>>>>>>> 250-SIZE 22777216
>>>>>>>>> 250 AUTH LOGIN PLAIN CRAM-MD5
>>>>>>>>> MAIL FROM:DD@nyct.com
>>>>>>>>> 250 ok
>>>>>>>>> RCPT TO:eduardo@pmaint.com NOTIFY=success,failure
>>>>>>>>> 553 sorry, your HELO host name has been denied (#5.7.1)
>>>>>>>>>
>>>>>>>>> Thank you.
>>>>>>>>>
>>>>>>>>> Eduardo
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> Eduardo Mena
>>>>>>>>> Predictive Maintenance Corporation
>>>>>>>>> Corporation d'entretien prédictif
>>>>>>>>> 8330 Decarie Blvd.,
>>>>>>>>> Montreal, Qc., H4P 2P5
>>>>>>>>> Tel. 514 383 6330
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> On 02/01/2013 12:11 PM, Jason Staudenmayer wrote:
>>>>>>>>>> That could be it try to whitelist that domain in your
>>>>>>> tcp.smtp relay
>>>>>>>>>> list. Something like this should do it
>>>>>>>>>>
>>>>>>>>>> 170.28.128.9:allow,TCPREMOTEHOST="",NOBADHELO="",RBLSMTPD=""
>>>>>>>>>>
>>>>>>>>>> Then save tcp.smtp and update the db
>>>>>>>>>>
>>>>>>>>>>> -----Original Message-----
>>>>>>>>>>> From: Eduardo Mena [mailto:eduardo@pmaint.com]
>>>>>>>>>>> Sent: Friday, February 01, 2013 12:05 PM
>>>>>>>>>>> To: Jason Staudenmayer
>>>>>>>>>>> Cc: Andy Bradford; qmail@list.cr.yp.to; Shepherd Nhongo
>>>>>>>>>>> Subject: Re: Problems receiving mail in qmail ( 553 sorry,
>>>>>>>>>>> your HELO host name has been denied (#5.7.1) )
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> Hi,
>>>>>>>>>>>
>>>>>>>>>>> I'm using rhost-check for bad reverse DNS.
>>>>>>>>>>>
>>>>>>>>>>> In /var/qmail/supervise/qmail-smtpd/run file, I have:
>>>>>>>>>>>
>>>>>>>>>>> SERVICE=smtp
>>>>>>>>>>> . /var/qmail/bin/qmail-config-system&& \
>>>>>>>>>>> exec /usr/bin/softlimit ${SOFTLIMIT_OPTS} \
>>>>>>>>>>> ${QMAIL_TCPSERVER_PRE} \
>>>>>>>>>>> /usr/bin/tcpserver ${TCPSERVER_OPTS} -x
>>>>>>>>> ${TCPSERVER_RULESCDB} \
>>>>>>>>>>> -c ${MAXCONN} -u ${QMAILDUID} -g ${NOFILESGID} \
>>>>>>>>>>> ${TCPSERVER_HOST} ${TCPSERVER_PORT} \
>>>>>>>>>>> rhost-check ${QMAIL_SMTP_PRE} \
>>>>>>>>>>> -r sbl-xbl.spamhaus.org \
>>>>>>>>>>> /var/qmail/bin/qmail-${SERVICE}d ${QMAIL_SMTP_POST} \
>>>>>>>>>>> 2>&1
>>>>>>>>>>>
>>>>>>>>>>> Regards,
>>>>>>>>>>>
>>>>>>>>>>> Eduardo
>>>>>>>>>>>
>>>>>>>>>>> On 02/01/2013 11:35 AM, Jason Staudenmayer wrote:
>>>>>>>>>>>> look like the helo name doesn't match the dns name. When I
>>>>>>>>>>> was running
>>>>>>>>>>>> my own qmail servers I saw this from time-to-time from
>>>>>>> doing RDNS
>>>>>>>>>>>> lookups. Are you running any RDNS filters?
>>>>>>>>>>>>
>>>>>>>>>>>> Jason
>>>>>>>>>>>> -----Original Message-----
>>>>>>>>>>>> From: Eduardo Mena [mailto:eduardo@pmaint.com]
>>>>>>>>>>>> Sent: Friday, February 01, 2013 11:06 AM
>>>>>>>>>>>> To: Andy Bradford
>>>>>>>>>>>> Cc: qmail@list.cr.yp.to; Shepherd Nhongo
>>>>>>>>>>>> Subject: Re: Problems receiving mail in qmail ( 553
>>>>>>>>> sorry, your HELO
>>>>>>>>>>>> host name has been denied (#5.7.1) )
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> Hi,
>>>>>>>>>>>>
>>>>>>>>>>>> The log from /var/log/qmail/qmail-smtpd is the following:
>>>>>>>>>>>>
>>>>>>>>>>>> @400000005108ffe800653c04 tcpserver: ok 13133
>>>>>>>>>>>> boom.pmaint.com:192.168.20.248:25
>>>>>>>>> mail1.nyct.com:170.28.128.9::53330
>>>>>>>>>>>> @400000005108ffe81b39cb94 qmail-smtpd:
>>>>>>>>>>> badhelo:<nyctlmgw.NYCT.COM> at
>>>>>>>>>>>> 170.28.128.9
>>>>>>>>>>>> @400000005108ffe81c5d3cf4 tcpserver: end 13133 status 0
>>>>>>>>>>>> @400000005108ffe81c5d40dc tcpserver: status: 0/40
>>>>>>>>>>>> @400000005109001a00ce90dc tcpserver: status: 1/40
>>>>>>>>>>>>
>>>>>>>>>>>> Thank you.
>>>>>>>>>>>>
>>>>>>>>>>>> Eduardo
>>>>>>>>>>>>
>>>>>>>>>>>> On 02/01/2013 08:58 AM, Eduardo Mena wrote:
>>>>>>>>>>>> Hi Andy,
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> The real domain is nyct.com and I have not put this
>>>>>>> domain in the
>>>>>>>>>>>> 'badhelo' file, then I do not understand why when the
>>>>>>>>>>> client nyct.com
>>>>>>>>>>>> send us emails (to pmaint.com), he receive as response the
>>>>>>>>>>> mesage " 553
>>>>>>>>>>>> sorry, your HELO host name has been denied ".
>>>>>>>>>>>>
>>>>>>>>>>>> Thank you.
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> Eduardo
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> On 01/31/2013 11:19 PM, Andy Bradford wrote:
>>>>>>>>>>>> Thus said Eduardo Mena on Thu, 31 Jan 2013 15:04:40 -0500:
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> The /var/qmail/control/badhelo file on my server
>>>>>>>>>>> doesn't have
>>>>>>>>>>>> extdomain.com. For me, extdomain.com is not a badhelo.
>>>>>>>>>>>>
>>>>>>>>>>>> How do you know that extdomain.com is what their MTA
>>>>>>>>>>> client said during
>>>>>>>>>>>> EHLO?
>>>>>>>>>>>>
>>>>>>>>>>>> Andy
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> Click here to report this email as spam.
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> This message has been scanned for malware by Websense.
>>>>>>>>>>> www.websense.com
>>>>
>>>
>>>
>>
>>
>
>

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal