Mail appeared to be SPAM or forged. helo/hostname mismatch

tharani

Member
Sep 12, 2004
13
0
151
One of our client is getting following error when sending email to a particular domain.

[email protected]
SMTP error from remote mail server after RCPT TO:<[email protected]>:
host [email protected] [9999:9999::99:99]:
550 5.7.1 <[email protected]>: Recipient address rejected:
Mail appeared to be SPAM or forged. Ask your Mail/DNS-Administrator to
correct
HELO and DNS MX settings or to get removed from DNSBLs; MTA helo:
server-host.domain.com, MTA hostname:
unknown[9999:9999:0000:99ff:0000:0000:0000:0000] (helo/hostname mismatch)

Any help?
 

mtindor

Well-Known Member
Sep 14, 2004
1,363
65
178
inside a catfish
cPanel Access Level
Root Administrator
One of our client is getting following error when sending email to a particular domain.

[email protected]
SMTP error from remote mail server after RCPT TO:<[email protected]>:
host [email protected] [9999:9999::99:99]:
550 5.7.1 <[email protected]>: Recipient address rejected:
Mail appeared to be SPAM or forged. Ask your Mail/DNS-Administrator to
correct
HELO and DNS MX settings or to get removed from DNSBLs; MTA helo:
server-host.domain.com, MTA hostname:
unknown[9999:9999:0000:99ff:0000:0000:0000:0000] (helo/hostname mismatch)

Any help?
If you want to PM me with the real log information (not the fake info you posted above), I'll try and help you out. It's probably an issue between (a) the hostname configured on your server, (b) the IP address that your server sends mail as, and (c) the reverse DNS (PTR) record that exists/doesn't exist for that IP address.

That's the only clue I or anyone else would likely be able to give you without more information. And I understand why you put fake information in your log exerpt above. But if you want help, you'll want to provide someone [maybe me, maybe someone else] with the real log information. Feel free to PM me with the actual log information if you wish.

M
 

mtindor

Well-Known Member
Sep 14, 2004
1,363
65
178
inside a catfish
cPanel Access Level
Root Administrator
Just an FYI for those reading [in case there are no further comments here], I dialoged with this person via PM. I am not sure if the OP is also the server admin or if he is a reseller on a server. It appears to me that the server that his client's website is on has both IP4 and IP6 addresses. His clients connect to the IP4 address to send mail. But since the IP6 address is active, Exim is preferring to deliver email via IP6 to any remote host that supports IP6.

The server's hostname does have an A record and a corresponding PTR record associated with the IP4 address. But the problem I see is that although there is an A-record in DNS for the server's primary hostname, there is not a corresponding AAAA record. Additionally, the IP6 address being used does not have any reverse DNS.

So, it looks to me as if the solution will be either (a) his provider assigns an appropriate AAAA record for the server hostname and an appropriate PTR record for the IP6 address, or (b) his provider disables IP6 in Exim so that Exim only attempts delivery to external hosts via IP4.

M
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,913
2,201
363
Hello :)

Do you have root access to this machine? If so, try disabling IPV6 and letting us know if the issue persists. There is a post on disabling IPV6 for Exim at:

Disable IPV6 for Exim

Thank you.