Knowledgebase

Exim HELO/EHLO Protections

HELO/EHLO is a greeting used by the sender mail server to the recipient mail server, to identify itself before initiating email sending.

The recently upgraded cPanel 11 comes with Exim HELO/EHLO protections, which detects and blocks remote hosts attempting to use a forged local host/domain name as their sender address or HELO/EHLO.


The Exim HELO/EHLO will be checked based on the following 5 conditions :


1) HELO/EHLO is empty or not sent : The sender mail server not specified / blank (empty).



2) HELO/EHLO is not a fully qualified domain name (FQDN) : The mail server specified were 'abc' instead of 'abc.com', which does not meet the requirement as a Fully Qualified Domain Name.



3) IP Only is sent as the HELO/EHLO : The mail server is specified in a plain IP address format instead of the accepted Fully Qualified Domain Name.



4) Someone is trying to spoof the mail server IP :
An unauthorized sender is using IP Address of the receiving mail server as a mean to impersonate that it exist valid hence tricking the receiving mail server to receive the email.



5) Someone is trying to spoof a domain on the server :
An unauthorized sender is using domain name of the receiving mail server as a mean to impersonate that it exist valid hence tricking the receiving mail server to receive the email.



NOTE : Users that run their own local mail servers are required to update their hosts/remote name to any other names excluding hostnames that already existed in cPanel (addon/sub domains), in order to be able to send inbound messages using a local or relay domain name without being rejected as a forged sender.

 



Was this answer helpful?

Add to Favourites Add to Favourites

Print this Article Print this Article

Also Read

Powered by WHMCompleteSolution

Quick Navigation

Client Login

Email

Password

Remember Me

Search


 
Domain Names
Web Hosting
SSL & Security
Company
Get Support