2 causes for “550 REJECTED – Dangerous HELO – Host impersonating [DOMAIN]” & tips on how to repair it

Mail errors. They hit you’re your most susceptible, and make you need to smash your laptop computer.

We all know. As a result of we assist web site homeowners resolve e mail errors and different technical points as a part of our Outsourced Hosting Support providers for webhosting suppliers.

Internet hosting customers annoyed with cryptic e mail errors would submit a assist request, and we’;ll repair it for them in a couple of minutes.

Right here’;s an e mail bounce error we fastened not too long ago in a Linux cPanel/WHM server:

user2@recipient.com
 host server.recipient.com [zz.zz.zz.zz]
 SMTP error from distant mail server after pipelined MAIL FROM: SIZE=3964:
 550 "REJECTED - Bad HELO - Host impersonating [mx.sender.com]"

 

Right here’;s one other variant of this error we’;ve seen:

 user2@recipient.com
  SMTP error from distant mail server after HELO mx.sender.com:
  host server.recipient.com [zz.zz.zz.zz]:
  550 Dangerous HELO - Host impersonating area title [mx.sender.com]

 

What’s the error “550 Bad HELO –; Host impersonating domain name [mx.sender.com]”;?

You’;ve seen in spy motion pictures how they use the uniform of workmen or firm workers to get into the constructing.

Spammers use an identical approach referred to as Greeting Forgery, the place a spam mail bypasses anti-spam checks by pretending to be a official area hosted contained in the server.

Older servers would let in that spam pondering it originated from inside the server.

However newer servers know higher.

They’;ll reject mails from outdoors that faux to return from contained in the server.

And the error they ship is “550 Dangerous HELO –; Host impersonating area title [mx.sender.com]”;

 

However how does this anti-spam test have an effect on legit mails?

The Greeting Forgery anti-spam measure comprises two checks:

  • Area title forgery –; If an incoming mail greets with a site title hosted inside the server.
  • Server hostname forgery –; If an incoming mail greets with the mail server’;s personal title. For eg. If smtp.myserver.com will get a mail from smtp.myserver.com!

Now, it may appear that solely spam mails will try one thing as ridiculous as this.

However, in actuality, we’;ve seen duplicate area information between two servers inflicting this. It may be after an internet site migration, or when establishing a multi-server web site infrastructure.

 

What causes “550 Rejected –; Bad HELO –; Host impersonating”; error?

We’;ve seen largely two conditions the place this will occur.

 

1. Duplicate information after an internet site migration

Web site migrations usually depart a large number of their wake.

From undeleted information to previous area information, a whole lot of issues may stay again within the previous server, lengthy after the area migration is full.

Now, what’;s the difficulty with undeleted previous area information?

Nicely, the Outdated server thinks it’;s nonetheless internet hosting area.com, whereas the New server rightfully thinks it’s the proprietor of area.com.

Let’;s say now the New server tries to ship a mail to Outdated server. Each servers assume they host area.com.

So, the brand new server sends an SMTP greeting with “area.com“. Outdated server checks its information, sees “area.com”; listed in it, and assumes the incoming mail is pretend.

The mail will get rejected with : “550 rejected –; unhealthy helo –; host impersonating“.

Resolution : We resolve this by deleting all traces of area.com from the previous server together with /and so forth/maildomains, /and so forth/mailhelo, /and so forth/localdomains, and extra.

 

2. Separate net server and mail server utilizing the identical hostname

We’;ve seen multi-server clusters wherein the online server runs in a single VPS, and the mail server runs in one other.

They each work for a similar website, say area.com.

In some such networks, we’;ve seen each the online server and the mail server could have the identical server title –; area.com.

And confusion ensues in SMTP connections.

The net server connects to the mail server by greeting it with area.com.

The mail server thinks, “Hey that’;s MY name. This connection must be fake.”;, and rejects the mail.

Resolution : There are 3 ways wherein we resolve this:

  • Change the hostnames –; The best method is to only give distinctive hostnames to totally different servers. For eg. net.area.com for net server and mail.area.com for mail server.
  • Change greetings –; If altering the hostnames just isn’t potential, we’;ll change the SMTP greeting by fixing the web site code.
  • Whitelist sending IP –; A easy technique to repair that is so as to add the sending server’;s IP into the mail server whitelist so that every one anti-spam checks might be bypassed. However the draw back is that if ever the sending server is contaminated, spam will flood the mail server.

 

Conclusion

550 Rejected –; Dangerous HELO –; Host impersonating is an anti-spam test failure error. Right here we’;ve mentioned two causes our Dedicated Hosting Engineers have seen and the way we repair it.

 

The put up 2 causes for “550 REJECTED –; Bad HELO –; Host impersonating [DOMAIN]”; &; how to fix it appeared first on Bobcares.