That's what I'm thinking the problem is. I checked with our upstream and did a test with them. They said that we "are sending a correct EHLO although the forward and reverse do not match"... OTOH, it seems to be using our INTERNAL domain name, which won't resolve outside of our LAN/WAN rather than our public domain name. I'm going to try to convince The Powers That Be here that we ought to block port 25 outbound to help with this issue. The CBL people swear that the problem *must* be due to a mass-mailing virus. If we do this and the blocklist continues to list us, I'm going to have to get them to send me log extracts showing what they're seeing...
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Chris Scharff Sent: Wednesday, September 28, 2005 11:43 AM To: Exchange Discussions Subject: RE: CBL problems IIRC it pulls it from the machine properties (right-click my computer/ properties) but I'm old... so it could be TCP/IP properties.. but I think it's the former. Maybe their software is so stupid when it gets a non-FQDN host name it appends it's own domain name to it. They don't sound very bloody bright to begin with. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of John Aldrich Posted At: Wednesday, September 28, 2005 7:47 AM Posted To: swynk Conversation: CBL problems Subject: RE: CBL problems Question -- if no domain was specified, i.e. just a machine name, would that cause Exchange to append the target domain to the HELO? i.e. if the machine is named "mailserver1" would it send a HELO of "mailserver1.targetdomain" or would it just send "mailserver1" or would it be smart enough to get the domain info from DNS or something else? -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Kennedy, Jim Sent: Tuesday, September 27, 2005 8:31 AM To: Exchange Discussions Subject: RE: CBL problems 5.5 creates it's helo from the machine name when Exchange is installed. So unless you named your machine with their domain they are mistaken. Or is your email being relayed through another machine....through your ISP's email server and they are forging the helo domain? > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On > Behalf Of John Aldrich > Sent: Monday, September 26, 2005 4:14 PM > To: Exchange Discussions > Subject: CBL problems > > We've been having problems with our mail server being listed > by the cbl.abuseat.org. I have finally gotten them to tell me > WHY they keep listing our mail server. Here's what they have to say: > When a mail server connects to another mail server, the first > thing it says in SMTP is "HELO <myname>" (or "EHLO <myname>"). > > When your IP connects to our mail servers, it says "HELO > <domain>", where domain is _our_ domainname, not yours. > Which obviously, we have justification in objecting to. > > We're running Exchange 5.5 on Windows 2000 Pro. How can we > fix this problem? > Thanks > John > > _________________________________________________________________ > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > Web Interface: http://intm-dl.sparklist.com/read/?forum=exchange > To subscribe: http://e-newsletters.internet.com/discussionlists.html/ > To unsubscribe send a blank email to > [EMAIL PROTECTED] > Exchange List admin: [EMAIL PROTECTED] > To unsubscribe via postal mail, please contact us at: > Jupitermedia Corp. > Attn: Discussion List Management > 475 Park Avenue South > New York, NY 10016 > > Please include the email address which you have been contacted with. > > _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/read/?forum=exchange To subscribe: http://e-newsletters.internet.com/discussionlists.html/ To unsubscribe send a blank email to [EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] To unsubscribe via postal mail, please contact us at: Jupitermedia Corp. Attn: Discussion List Management 475 Park Avenue South New York, NY 10016 Please include the email address which you have been contacted with. _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/read/?forum=exchange To subscribe: http://e-newsletters.internet.com/discussionlists.html/ To unsubscribe send a blank email to [EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] To unsubscribe via postal mail, please contact us at: Jupitermedia Corp. Attn: Discussion List Management 475 Park Avenue South New York, NY 10016 Please include the email address which you have been contacted with. _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/read/?forum=exchange To subscribe: http://e-newsletters.internet.com/discussionlists.html/ To unsubscribe send a blank email to [EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] To unsubscribe via postal mail, please contact us at: Jupitermedia Corp. Attn: Discussion List Management 475 Park Avenue South New York, NY 10016 Please include the email address which you have been contacted with. _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/read/?forum=exchange To subscribe: http://e-newsletters.internet.com/discussionlists.html/ To unsubscribe send a blank email to [EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] To unsubscribe via postal mail, please contact us at: Jupitermedia Corp. Attn: Discussion List Management 475 Park Avenue South New York, NY 10016 Please include the email address which you have been contacted with.
