Skip to main content

Suspicious HELO leading to XBL listing

Comments

2 comments

  • quietFinn

    if you go to WHM -> Email -> Email Deliverability
    does it show the correct HELO?

    Check also file:
    /etc/mailhelo
    (if it exists).

     

    0
  • cPRex Jurassic Moderator

    Hey there!  Let's not assume anything - I would start by seeing if you could find the message in WHM >> Mail Delivery Reports to see if there is any useful data there about who sent it.  You can also find out how Exim sets the HELO message here:

    https://support.cpanel.net/hc/en-us/articles/360057877894-How-do-I-configure-mailhelo-for-Exim

    so it would be good to know if that has been changed.

    Leaving those restrictions on is the best method to ensure this doesn't happen, so it would be good to figure out an alternative solution for those other mail users.

    0

Please sign in to leave a comment.