Knowledgebase

Exim HELO/EHLO Protections

HELO/EHLO is a greeting used by the sender mail server to the recipient mail server, to identify itself before initiating email sending.

The recently upgraded cPanel 11 comes with Exim HELO/EHLO protections, which detects and blocks remote hosts attempting to use a forged local host/domain name as their sender address or HELO/EHLO.


The Exim HELO/EHLO will be checked based on the following 5 conditions :


1) HELO/EHLO is empty or not sent : The sender mail server not specified / blank (empty).



2) HELO/EHLO is not a fully qualified domain name (FQDN) : The mail server specified were 'abc' instead of 'abc.com', which does not meet the requirement as a Fully Qualified Domain Name.



3) IP Only is sent as the HELO/EHLO : The mail server is specified in a plain IP address format instead of the accepted Fully Qualified Domain Name.



4) Someone is trying to spoof the mail server IP :
An unauthorized sender is using IP Address of the receiving mail server as a mean to impersonate that it exist valid hence tricking the receiving mail server to receive the email.



5) Someone is trying to spoof a domain on the server :
An unauthorized sender is using domain name of the receiving mail server as a mean to impersonate that it exist valid hence tricking the receiving mail server to receive the email.



NOTE : Users that run their own local mail servers are required to update their hosts/remote name to any other names excluding hostnames that already existed in cPanel (addon/sub domains), in order to be able to send inbound messages using a local or relay domain name without being rejected as a forged sender.

 



Was this answer helpful?

Add to Favourites Add to Favourites

Print this Article Print this Article

Also Read
Bounce Back Emails (Views: 806)
SPAM IP Check (Views: 632)

Powered by WHMCompleteSolution

Quick Navigation

Client Login

Email

Password

Remember Me

Search


 
Domain Names
Web Hosting
SSL & Security
Company
Get Support