Announcement

Collapse
No announcement yet.

advertised FQDN that is sent in HELO/EHLO commands in SMTP

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • advertised FQDN that is sent in HELO/EHLO commands in SMTP

    Hi,

    I have just installed Exchange 2007 (after many issues). 1 cas+hub role server , and 1 mailbox role server.

    I am reading some guides to tun things up and read this:

    "...Because your server (cas+hub roles) is sitting directly on the Internet, you may want to change the advertised FQDN that is sent in HELO/EHLO commands in SMTP. The UI for both send and receive connectors allows you to configure this..."

    (Source: http://blogs.technet.com/b/exchange/...rnet-mail.aspx )

    In both my send and receive connectors I see "cas-hub-2007-1.mydomain.eu" , and I am not sure whether I should type there "mail.mydomain.eu".

    Thanks in advance.
    -
    Madrid (Spain).

  • #2
    Re: advertised FQDN that is sent in HELO/EHLO commands in SMTP

    Only change the FQDN on the Send Connector. Do not touch the FQDN on the receive connector. You will find others who say otherwise, but that is usually to pass poor tests like those at mxtoolbox (which presume that the same configuration for inbound email is being used for outbound, which is not the case with Exchange 2007 and higher).

    Simon.
    --
    Simon Butler
    Exchange MVP

    Blog: http://blog.sembee.co.uk/
    More Exchange Content: http://exchange.sembee.info/
    Exchange Resources List: http://exbpa.com/
    In the UK? Hire me: http://www.sembee.co.uk/

    Sembee is a registered trademark, used here with permission.

    Comment


    • #3
      Re: advertised FQDN that is sent in HELO/EHLO commands in SMTP

      Thanks a lot Sembee.

      If is it not too much to ask...What am I doing when I change that parameter?
      -
      Madrid (Spain).

      Comment


      • #4
        Re: advertised FQDN that is sent in HELO/EHLO commands in SMTP

        I have just read this:

        "...We need to specify FQDN for each send connector we created for internet delivery..."

        (Source:
        http://blog.mreza.info/post/2008/10/...lo-banner.aspx )

        But it does not say why.
        -
        Madrid (Spain).

        Comment


        • #5
          Re: advertised FQDN that is sent in HELO/EHLO commands in SMTP

          Because each send connector may be sending messages, so you would want them all to behave the same way....

          How many send to internet connectors do you have - more than one is unusual unless there is a particular business case
          Tom Jones
          MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
          PhD, MSc, FIAP, MIITT
          IT Trainer / Consultant
          Ossian Ltd
          Scotland

          ** Remember to give credit where credit is due and leave reputation points where appropriate **

          Comment


          • #6
            Re: advertised FQDN that is sent in HELO/EHLO commands in SMTP

            Thanks a lot Ossian, sorry for the delay, sort of very busy. sorry !!

            What I don't fully undertsand is the difference if I type in "cas-hub-2007-1.mydomain.com" or "mail.mydomain.com" in that FQDN field.

            Needless to say, "mail" is the alias and the mx record, but I don't understand why the need of putting "mail.mydomain.com" and not "cas-hub-2007-1.mydomain.com" , which is written by default, by the way.

            Answering your question Ossian: I have only one internet connector.
            Last edited by loureed4; 23rd December 2014, 14:13.
            -
            Madrid (Spain).

            Comment


            • #7
              Re: advertised FQDN that is sent in HELO/EHLO commands in SMTP

              The FQDN field is used by the server when it is talking to other remote servers. Remote systems use it as a way to verify that you are a legitimate email server and not a spam bot. They also want it to match the PTR and have a valid A record. Your internal server name would not have a valid A record on the internet, so you have to put in the public name, not the internal server's name.

              Simon.
              --
              Simon Butler
              Exchange MVP

              Blog: http://blog.sembee.co.uk/
              More Exchange Content: http://exchange.sembee.info/
              Exchange Resources List: http://exbpa.com/
              In the UK? Hire me: http://www.sembee.co.uk/

              Sembee is a registered trademark, used here with permission.

              Comment


              • #8
                Re: advertised FQDN that is sent in HELO/EHLO commands in SMTP

                Thanks a lot Sembee.

                So, any server I send an email to, is going to check the FQDN Hello name?. But a question arises in my mind: Could not any mail spammer put a valid fqdn name in that field, pretending to be a valid, fine email server?.

                When you say, the PTR Record, I know what that is, but, why would I need it? I mean, do the mail servers check also the PTR to feel confident that the email comes from a reliable source?. I had read this before, but now I don't have such PTR record and hotmail is accepting my emails, and so is gmail.

                Thanks once more for your invaluable help !!
                -
                Madrid (Spain).

                Comment


                • #9
                  Re: advertised FQDN that is sent in HELO/EHLO commands in SMTP

                  It is the combination of the three items that are being used as a check.

                  Simply put.

                  Your server says - hello, I am mail.example.com. The remote server can see that the IP address is 123.456.789.0.

                  The remote server checks that mail.example.com resolves to 123.456.789.0 via the A record. Then to ensure that it matches, the PTR is checked to ensure that 123.456.789.0 resolves to mail.example.com.

                  As you need to have DNS records in place, plus the FQDN and the PTR is set by the ISP in almost all cases, that is a pretty good check for spam. A spammer cannot setup most of those, unless they can compromise a legitimate server.

                  If the spammer is using their own SMTP engine, then they really don't care, because spammers work on a very high failure rate.

                  Simon.
                  --
                  Simon Butler
                  Exchange MVP

                  Blog: http://blog.sembee.co.uk/
                  More Exchange Content: http://exchange.sembee.info/
                  Exchange Resources List: http://exbpa.com/
                  In the UK? Hire me: http://www.sembee.co.uk/

                  Sembee is a registered trademark, used here with permission.

                  Comment


                  • #10
                    Re: advertised FQDN that is sent in HELO/EHLO commands in SMTP

                    I see. Thanks a lot Sembee!

                    I remember placing an A record in the public side, but not a PTR record.

                    If my mail reaches both hotmail and gmail, does that mean that I have a PTR record set up somehow in the public side, without me being aware of it ?.

                    Very grateful for your help!
                    -
                    Madrid (Spain).

                    Comment


                    • #11
                      Re: advertised FQDN that is sent in HELO/EHLO commands in SMTP

                      You don't create PTR records - your ISP does.
                      Therefore it isn't really possible to "somehow" create the record. It must be something that you positively do.
                      It is possible for the email to get through to the major providers without a PTR record, but you increase your chances of doing so with one in place.

                      Simon.
                      --
                      Simon Butler
                      Exchange MVP

                      Blog: http://blog.sembee.co.uk/
                      More Exchange Content: http://exchange.sembee.info/
                      Exchange Resources List: http://exbpa.com/
                      In the UK? Hire me: http://www.sembee.co.uk/

                      Sembee is a registered trademark, used here with permission.

                      Comment

                      Working...
                      X