Bad HELO - Host impersonating domain name and exim.conf

C

Copra

Verified User
Joined
Apr 29, 2020
Messages
36
Hi,
I hope you can help me out of this.

I have this situation:
  • Domain name + website is on server A (third party)
  • E-mail is with us, server B
  • Nameservers of the domain name are our name servers and the A- and AAAA records for the domain name and www are pointing to server A
When submitting a form from the website, the error is
SERVER -> CLIENT: 550 Bad HELO - Host impersonating domain name [domain.xx]

I figured out that this part of exim.conf will cause this:

PHP: 
# deny if the HELO pretends to be one of the domains hosted on the server
    deny message = HELO_IS_LOCAL_DOMAIN
        condition = ${if match_domain{$sender_helo_name}{+local_domains}{true}{false}}
        hosts = ! +relay_hosts


When commenting this part out, it works and email will send and received from the website.

But it is not an option to change the exim.conf because it will overwritten with each update of exim.
I looked here:

Configuring and customizing Exim | Directadmin Docs

DirectAdmin Knowledge Base
docs.directadmin.com

The proper way is to use /etc/exim.strings.conf.custom and /etc/exim.variables.conf.custom files to customize the exim.conf.
Click to expand...

So I copied exim.strings.conf to exim.strings.conf.custom
Then, on the second line is:

Code: 
HELO_HOST_IMPERSANATION=Bad HELO - Host impersonating hostname [$sender_helo_name]

I removed that line.
And them building exim.
Afther that exim was down.
What did I wrong? Is it not okay to remove that line?
What can I do to get email working from server A to B?

My client asked me if it will help when he move the domain name to us. Then you got this situation:
  • Domain name is with us
  • Website is on third party
  • E-mail is with us
  • Nameservers of the domain name are our name servers and the A- and AAAA records for the domain name and www are pointing to the website
Is moving the domain name a quick solution for this?
 
That's error come from server A or server B ?

Did server A already disable local mail server ? it's on MX record page.
 
Thank you for your thoughts.
The error come from server A (website and domain name) when trying submitting a website form.

On server A they deleted the DNS records 'mail'. I don't know the control panel of server A, I have to ask that to my client.

Do you know why exim is stopping to work when I remove

Code: 
HELO_HOST_IMPERSANATION=Bad HELO - Host impersonating hostname [$sender_helo_name]

in exim.strings.conf.custom ?
 
do not manual remove record.

(if directadmin)
On server A, you must disabled "Use local mail server" before change MX or do anything with MX record.

MX, SPF record must pointing to server B.

Also, server A can't use php mail, it should use smtp connection to server B to sending email.
 
Last edited:
Do you know why exim is stopping to work when I remove
Click to expand...
did it on server B ?

Directadmin not create any custom thing to ".custom" file extension, it will use from normal files. That's files is creating from you.

Maybe you could remove that and rebuild exim_conf or update to latest version. What's version currently using ?

exim:
exim_conf:
 
This is a well-known issue if you have domains on server A and the mail on server B.

You should not mess with the original exim.conf for that.

It might be that line is not allowed in the exim.strings.conf.custom file, so you might want to remove this and rebuild exim and exim.conf.

Most easiest solution to this:
/etc/virtual/whitelist_hosts_ip
add the server ip in there.
 
Hello,

On server A : "Use local mail server" is disabled.

And on server B there is the IPv4 and the IPv6 address from server A in /etc/virtual/whitelist_hosts_ip

But that did not help.

In exim.strings.conf is the line
HELO_HOST_IMPERSANATION=Bad HELO - Host impersonating hostname [$sender_helo_name]

and I thiink that line will give the problem. So I made a copy from the whole file to exim.strings.conf.custom WITHOUT that line. And then rebuild exim. Exim was down after that. But I did not rebuild exim_conf, only exim.
Maybe that's the point. I will try it and let it know.
 
exim.strings.conf.custom
Click to expand...
that's not right place to custom exim.conf

it should be
"./directadmin/custombuild/custom/exim/exim.conf"

and rebuild exim_conf
 
@Copra did you see my answer? Easiest solution without any custom stuff needed?
Something is wrong if it doesn't work. You have to make exim and exim.conf default first and remove that custom exim thing.

Or like @jamgames2 said, use the correct location for a custom exim.conf file.
 
Also check that there are no double entry's on server B. For example, be sure that the server hostname like serverA.domain.com does -not- exist in server B's /etc/virtual directory. There only serverB.domain.com should be present.
 
@Richard G You said
It might be that line is not allowed in the exim.strings.conf.custom file, so you might want to remove this and rebuild exim and exim.conf.
Click to expand...

This line is in exim.strings.conf. So I thougt that this is the way:
- make a copy of exim.strings.conf in exim.strings.conf.custom
- make the customisation in exim.strings.conf.custom (in my case remove the line that gives te problem)
- rebuild exim (I forgot to rebuild exim_conf and maybe that's the problem)
- after rebuilding exim (without rebuilding exim_conf), exim was down.

I thougth that it is not the right way to do customisation to exim.conf. I was looking here:

Configuring and customizing Exim | Directadmin Docs

DirectAdmin Knowledge Base
docs.directadmin.com
and it says
The proper way is to use /etc/exim.strings.conf.custom and /etc/exim.variables.conf.custom files to customize the exim.conf.
Click to expand...

I'm very obedient, so I did it with the exim.strings.conf.custom
Also I added the server IP in /etc/virtual/whitelist_hosts_ip
Then building exim with as result exim down. Maybe, when I also build exim_conf it was okay.

Then @jamgames2 said

that's not right place to custom exim.conf

it should be
"./directadmin/custombuild/custom/exim/exim.conf"
Click to expand...

and @Richard G confirmed it.

And for me that sounds as a easier solution because exim.strings.conf.custom is in the folder /etc and that is not logical for customisations. I have made more customisations and they are all in /directadmin/custombuild/custom/

So I made a copy of exim.conf to /usr/local/directadmin/custombuild/custom/exim/
and commented out the lines:

Code: 
# deny if the HELO pretends to be one of the domains hosted on the server
#    deny message = HELO_IS_LOCAL_DOMAIN
#    condition = ${if match_domain{$sender_helo_name}{+local_domains}{true}{false}}
#    hosts = ! +relay_hosts

Then build exim and exim_conf

And after that: it works! I can submit the form from server A.

Thank you very much for your help!
 
Copra said:
This line is in exim.strings.conf. So I thougt that this is the way:
Click to expand...
Yes indeed normally things in the exim.strings.conf and exim.variables.conf need to be change by using the exim.xxx.conf.custom file as you say.
But docs are not always clear and it's not always true.

For example I use the exim.strings.conf.custom with this content:
RBL_DNS_LIST==bl.spamcop.net : b.barracudacentral.org
and this works, but it's in fact an exim.conf change, because the RBL_DNS_LIST line is not even present in the exim.strings.conf file.

For other things the copy in the /custombuild/custom/exim/ directory is required. This difference, when to one or the other is not quite clear to me either.

Anyway, glad to read it works now. Just remember that if there is any exim.conf update/improvement, you have to put the change manually in your custom exim.conf and then rebuild exim.conf again.
 
You must log in or register to reply here.
Back
Top