The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Mail appeared to be SPAM or forged. helo/hostname mismatch

Discussion in 'E-mail Discussions' started by tharani, Sep 28, 2013.

  1. tharani

    tharani Member

    Joined:
    Sep 12, 2004
    Messages:
    13
    Likes Received:
    0
    Trophy Points:
    1
    One of our client is getting following error when sending email to a particular domain.

    user@destinationdomain.de
    SMTP error from remote mail server after RCPT TO:<user@destinationdomain.de>:
    host mx1.user@destinationdomain.de [9999:9999::99:99]:
    550 5.7.1 <user@destinationdomain.de>: Recipient address rejected:
    Mail appeared to be SPAM or forged. Ask your Mail/DNS-Administrator to
    correct
    HELO and DNS MX settings or to get removed from DNSBLs; MTA helo:
    server-host.domain.com, MTA hostname:
    unknown[9999:9999:0000:99ff:0000:0000:0000:0000] (helo/hostname mismatch)

    Any help?
     
  2. mtindor

    mtindor Well-Known Member

    Joined:
    Sep 14, 2004
    Messages:
    1,281
    Likes Received:
    37
    Trophy Points:
    48
    Location:
    inside a catfish
    cPanel Access Level:
    Root Administrator
    If you want to PM me with the real log information (not the fake info you posted above), I'll try and help you out. It's probably an issue between (a) the hostname configured on your server, (b) the IP address that your server sends mail as, and (c) the reverse DNS (PTR) record that exists/doesn't exist for that IP address.

    That's the only clue I or anyone else would likely be able to give you without more information. And I understand why you put fake information in your log exerpt above. But if you want help, you'll want to provide someone [maybe me, maybe someone else] with the real log information. Feel free to PM me with the actual log information if you wish.

    M
     
  3. mtindor

    mtindor Well-Known Member

    Joined:
    Sep 14, 2004
    Messages:
    1,281
    Likes Received:
    37
    Trophy Points:
    48
    Location:
    inside a catfish
    cPanel Access Level:
    Root Administrator
    Just an FYI for those reading [in case there are no further comments here], I dialoged with this person via PM. I am not sure if the OP is also the server admin or if he is a reseller on a server. It appears to me that the server that his client's website is on has both IP4 and IP6 addresses. His clients connect to the IP4 address to send mail. But since the IP6 address is active, Exim is preferring to deliver email via IP6 to any remote host that supports IP6.

    The server's hostname does have an A record and a corresponding PTR record associated with the IP4 address. But the problem I see is that although there is an A-record in DNS for the server's primary hostname, there is not a corresponding AAAA record. Additionally, the IP6 address being used does not have any reverse DNS.

    So, it looks to me as if the solution will be either (a) his provider assigns an appropriate AAAA record for the server hostname and an appropriate PTR record for the IP6 address, or (b) his provider disables IP6 in Exim so that Exim only attempts delivery to external hosts via IP4.

    M
     
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    676
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    Do you have root access to this machine? If so, try disabling IPV6 and letting us know if the issue persists. There is a post on disabling IPV6 for Exim at:

    Disable IPV6 for Exim

    Thank you.
     
Loading...

Share This Page