• Please be aware: Kaspersky Anti-Virus has been deprecated
    With the upgrade to Plesk Obsidian 18.0.64, "Kaspersky Anti-Virus for Servers" will be automatically removed from the servers it is installed on. We recommend that you migrate to Sophos Anti-Virus for Servers.
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

Issue Problem Mail SpamHaust - HELO/EHLO & DNS CHECKS

M

meditrust

New Pleskian
Server operating system version
CentOS Linux 7.9.2009 (Core)
Plesk version and microupdate number
Plesk Obsidian Version 18.0.58 Mise à jour 2
Hello

I need help. i tried everything. All my mails are not send and blocked by SPAMHAUS

The most recent connection was on: February 14 2024, 23:15:00 UTC (+/- 5 minutes). The observed HELO value(s) were:

81.93.244.252 2024-02-14 23:15:00 srv2921.sd-france.net

HELO/EHLO & DNS CHECKS:
**************************************

[root@srv2921 ~]# dig +short meditrust.io A
81.93.244.252
[root@srv2921 ~]# dig +short -x 81.93.244.252
meditrust.io.

*************************************

[root@srv2921 ~]# telnet 81.93.244.252 25
Trying 81.93.244.252...
Connected to 81.93.244.252.
Escape character is '^]'.
220 srv2921.sd-france.net ESMTP Postfix
ehlo meditrust.io
250-srv2921.sd-france.net
250-PIPELINING
250-SIZE 10240000
250-ETRN
250-STARTTLS
250-AUTH DIGEST-MD5 CRAM-MD5 PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-DSN
250 CHUNKING

***********************************

Problem is that it is server name : srv2921.sd-france.net instead of domain name.

I have many domains and website on servers. I have only problem for that domain.

I tried to change /etc/postfix/master.cf

plesk-81.93.244.252- unix - - n - - smtp -o smtp_bind_address=81.93.244.252 -o smtp_bind_address6= -o smtp_address_preference=ipv4 -o inet_protocols=ipv4

By

plesk-81.93.244.252- unix - - n - - smtp -o smtp_bind_address=81.93.244.252 -o smtp_bind_address6= -o smtp_address_preference=ipv4 -o inet_protocols=ipv4 -o myhostname=meditrust.io

I added that -o myhostname=meditrust.io
Then

[root@srv2921 ~]# postfix reload
postfix/postfix-script: refreshing the Postfix mail system
[root@srv2921 ~]# systemctl reload postfix


But i try again ehlo it is always server name instead of domain.

Thx a lot for helping.
 
What is the sender domain setting in your mailserver configuration? (Tools & Settings > Mail Server Settings) You have options there how to send mail. The best for "Outgoing mail mode" to be Spamhaus compatible is "Send from domain IP addresses".
 
Ok so this is the one i made, how can i do to solve my problem

if i change hostname inside main.cf it will impact all other website . And for those i have no problems...

There is another way to change the ehlo for only one domain ? (in the server, i have many website, and many differents ip)

i saw online to update master.cf by adding this command -o myhostname=meditrust.io

plesk-81.93.244.252- unix - - n - - smtp -o smtp_bind_address=81.93.244.252 -o smtp_bind_address6= -o smtp_address_preference=ipv4 -o inet_protocols=ipv4 -o myhostname=meditrust.io

But there is no impact when i refresh postfix.
 
so there is no way to correct my problem and make that elho answer is not the server name but the domain name ?
 
Changing the EHLO/HELO is not the solution to your problem. Using the hostname for the EHLO/HELO is actually a very common practice and it's what I would recommend to use. If your problem is that emails are blocked by Spamhaus, then you'll have to find out why your email are blocked.

I also want to point out that it looks like you are using a very generic hosting name for your server. Which is probably configured by your provider. It would be better to use your own hostname, for example something like plesk.meditrust.io or server.meditrust.io (and configure the appropriate rDNS). That would probably save you already a bit of trouble.
 
in master.cf i changed by meditrust.io

and few minutes after i got that by spamhaus...

**************************************

Thank you for contacting Spamhaus CSS Removals,

We have removed the IP from the CSS; please allow some time for propagation. Note that there are no whitelists here. If the problem has not been solved, the IP will be relisted.

NOTE: If you had a spambot and got delisted by limiting outbound port 25, we strongly advise finding the compromised devices and removing or fixing them. Closing outbound port 25 will solve your Spamhaus listing problem, but effectively removes your canary in the coalmine - if you have not found that proxy, it's still there!

If outbound port 25 has not been restricted to mail servers, this needs to be done. This URL contains a simple explanation why this is so important: Let's talk about the danger of residential proxy networks - Spamhaus Technology

**************************************

What do you suggest I do? To summarize there are 30 domains on the servers, with 10 ips.
I have no problem with the other domains.
Only with this domain which has an IP (not shared with other domains)
 
You must log in or register to reply here.

Similar threads

M
Resolved Help request: SSL certificate seems to have trust issues. How to resolve?
Replies
4
Views
848
MHC_1
M
R
Issue Postfix generates a lot of processes after a hacker attack
Replies
0
Views
608
RomanLed
R
F
Issue Amavis (10024: Connection refused) no transport
Replies
7
Views
19K
cambrantskv
C
JulienCaroff
Issue Wrong SMTP Banner with Postfix
Replies
1
Views
3K
abashurov
abashurov
C
Resolved Port 587 stopped working
Replies
2
Views
3K
celest
C
Back
Top