X-Junk-Score: 0 [] X-Cloudmark-Score: 0 [] Return-Path: Received: from cgmail.answervad.it ([217.133.205.90] verified) by mail.stalker.com (CommuniGate Pro SMTP 5.3.9f) with ESMTP id 61475359 for CGatePro@mail.stalker.com; Thu, 26 Aug 2010 07:57:02 -0700 Received-SPF: pass receiver=mail.stalker.com; client-ip=217.133.205.90; envelope-from=massimo.bolzoni@answervad.it Received: from [10.192.50.47] (account massimo.bolzoni@answervad.it HELO [10.192.50.47]) by cgmail.answervad.it (CommuniGate Pro SMTP 5.3.8) with ESMTPA id 1336287 for CGatePro@mail.stalker.com; Thu, 26 Aug 2010 16:59:54 +0200 Message-Id: <488CD9F1-F2A6-497B-BCA4-EFEFDD795713@answervad.it> From: Massimo Bolzoni To: "CommuniGate Pro Discussions" In-Reply-To: Content-Type: multipart/alternative; boundary=Apple-Mail-10--415255703 Mime-Version: 1.0 (Apple Message framework v936) Subject: Re: HELO failure Date: Thu, 26 Aug 2010 16:57:02 +0200 References: X-Mailer: Apple Mail (2.936) --Apple-Mail-10--415255703 Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes Content-Transfer-Encoding: 7bit Ciao, yes this is the right solution, it is easyer and make definitelly sense.... at least for me :) Also, the suggestion I use to give is to use a main domain name that is not going to host any account but postmaster, and use "working domains" as additional ones. This allow much more flexibility in operation. Actually there is no problem at all to use directly the MDN as working domain, so no reason to change the setup, but generally speaking for new set up this is the long term solution with less problem... think about you company or institution define to change the domain name .... Ciao Massimo Il giorno 26/ago/10, alle ore 07:40, Urs Gruetzner ha scritto: > (sorry wrong subject in previous mail) > Thanks for explanations > > Instead to change the FQDN for the mail server to mail.ems.ch, could > it be the easiest solution to change the DNS entry for 212.74.146.1 > to ems.ch than mail.ems.ch instead? > > Also the MX entry should be ems.ch instead of mail.ems.ch ? > > > > Reason: the forward lookup for ems.ch points already to the correct > IP, so there is no need that the reverese lookup is mail.ems.ch. > Also when sending a mail from outside to xy@ems.ch the lookup of MX > of ems.ch has the correct IP as result. There is no need to use > mail.ems.ch. > > Thanks for further help > > >> From: Lyle Giese >> Subject: Re: HELO failure >> Date: Wed, 25 Aug 2010 16:08:57 -0500 >> To: CommuniGate Pro Discussions > > >> your MX record for ems.ch is mail.ems.ch. >> >> The A record for mail.ems.ch is 212.74.146.1. >> >> And the reverse lookup for 212.74.146.1 is mail.ems.ch. >> >> The HELO from your server is ems.ch, not mail.ems.ch. ems.ch is >> your domain. The host name or FQDN(Fully Qualified Domain Name) >> for your mail server should be mail.ems.ch. >> >> Ideally in today's world these four items should be identical, but >> in your case they are not. However to change the HELO greeting in >> CommuniGate, you need a different license key as that parameter is >> linked to the HELO greeting. And that becomes the primary domain >> in your mail server(postmaster(used for logging in to the webadmin) >> and blacklist-admin are linked to the primary domain). >> >> That is one thing I find a fault with in Stalker's >> recommendations. The license key/primary domain should be >> mail.yourdomain.com, not yourdomain.com That also requires the end >> users to use their full email address for their login. That >> however is a good thing as it makes brute force password attacks >> harder. Most of the script kiddies do not use the full email >> address for their password attacks. >> >> Lyle Giese >> LCR Computer Services, Inc. >> >> Gruetzner Urs wrote: >>> >>> Suddenly we have a problem with the HELO identification (so far >>> only with one recipient server sbb.ch) >>> >>> can anyone explain why our host ems.ch is not a fully-qualified >>> hostname? >>> >>> >>> Urs > Massimo Bolzoni - Solution Architect ANSWER SRL CommuniGate System Inc. - CommuniGatePro - www.communigate.com MailSpect Inc. - MPP - www.mailspect.com Sede Legale e Operativa: Via M.K. Gandhi 22 - 42100 - Reggio Emilia (RE) Tel: +39 0522 286545 Fax: +39 0522 286233 Cel: +39 335 5278936 http://www.answervad.it -------------------------------------------------------------------- Le informazioni contenute nella presente comunicazione e i relativi allegati possono essere riservate e sono, comunque, rivolte esclusi- vamente al destinatario. La diffusione, distribuzione e/o copie del documento trasmesso o degli allegati da parte di qualsiasi soggetto diverso dal destinatario e'perseguibile ai sensi dell'articolo 616 Codice Penale e del Decreto Legislativo n. 196/2003. Se avete ricevuto questo messaggio per errore, Vi preghiamo di re- inviarlo al mittente e distruggerlo. Per informazioni potete contattare l'indirizzo privacy@answervad.it *** This message and its attachments are addressed solely to the persons above and may contain confidential information. If you have received the message in error, be informed that any use of the content hereof is prohibited and it is punished by law. Please return it immediately to the sender and delete the message. Should you have any questions, please contact us at privacy@answervad.it -------------------------------------------------------------------- --Apple-Mail-10--415255703 Content-Type: text/html; charset=US-ASCII Content-Transfer-Encoding: quoted-printable Ciao,

yes this is = the right solution, it is easyer and make definitelly sense.... at least = for me :)

Also, the suggestion I use to give is = to use a main domain name that is not going to host any account but = postmaster, and use "working domains" as additional ones. This allow = much more flexibility in = operation.

Actually there is no = problem at all to use directly the MDN as working domain, so no reason = to change the setup, but generally speaking for new set up this is the = long term solution with less problem... think about you company or = institution define to change the domain name = .... 

Ciao

Massimo<= /div>

Il giorno 26/ago/10, alle ore 07:40, Urs = Gruetzner ha scritto:

(sorry wrong subject in = previous mail)
Thanks for explanations 

Instead to change = the FQDN for the mail server to mail.ems.ch, could it be the easiest = solution to change the DNS entry for 212.74.146.1 to ems.ch than = mail.ems.ch instead?

Also the MX entry should be ems.ch instead = of mail.ems.ch ?



Reason: the forward lookup for ems.ch = points already to the correct IP, so there is no need that the reverese = lookup is mail.ems.ch. Also when sending a mail from outside to xy@ems.ch the lookup of MX of ems.ch has = the correct IP as result. There is no need to use = mail.ems.ch.

Thanks for further help


From: Lyle Giese <lyle@lcrcomputer.net> =
Subject: Re: HELO failure =
Date: Wed, 25 Aug 2010 16:08:57 = -0500 =
To:= CommuniGate Pro Discussions <CGatePro@mail.stalker.com>= ;


your = MX record for ems.ch is mail.ems.ch.  

The A record for = mail.ems.ch is 212.74.146.1.

And the reverse lookup for = 212.74.146.1 is mail.ems.ch.

The HELO from your server is ems.ch, = not mail.ems.ch.  ems.ch is your domain.  The host name or = FQDN(Fully Qualified Domain Name) for your mail server should be = mail.ems.ch.

Ideally in today's world these four items should be = identical, but in your case they are not.  However to change the = HELO greeting in CommuniGate, you need a different license key as that = parameter is linked to the HELO greeting.  And that becomes the = primary domain in your mail server(postmaster(used for logging in to the = webadmin) and blacklist-admin are linked to the primary = domain).

That is one thing I find a fault with in Stalker's = recommendations.  The license key/primary domain should be = mail.yourdomain.com, not yourdomain.com  That also requires the end = users to use their full email address for their login.  That = however is a good thing as it makes brute force password attacks = harder.  Most of the script kiddies do not use the full email = address for their password attacks.

Lyle Giese
LCR Computer = Services, Inc.

Gruetzner Urs wrote:
Suddenly we have a problem with the HELO = identification (so far only with one recipient server = sbb.ch) 

can anyone explain why our host = ems.ch is not a fully-qualified = hostname?


Urs


Massimo Bolzoni - Solution = Architect
ANSWER SRL
CommuniGate System Inc. - = CommuniGatePro - www.communigate.com
Mail= Spect Inc. - MPP - www.mailspect.com
Sede&nbs= p;Legale e Operativa: Via M.K. Gandhi 22 - 42100 - Reggio Emilia = (RE)
Tel: +39 0522 286545
Fax: +39 0522 = 286233
Cel: +39 335 5278936
---= -----------------------------------------------------------------
Le informazioni contenute nella presente comunicazione e i = relativi
allegati possono essere riservate e sono, comunque, = rivolte esclusi-
vamente al destinatario. La diffusione, = distribuzione e/o copie del
documento trasmesso o degli = allegati da parte di qualsiasi soggetto
diverso dal = destinatario e'perseguibile ai sensi dell'articolo 616
Codice = Penale e del Decreto Legislativo n. 196/2003.
Se avete = ricevuto questo messaggio per errore, Vi preghiamo di = re-
inviarlo al mittente e distruggerlo.
Per = informazioni potete contattare l'indirizzo privacy@answervad.it
**= *
This message and its attachments are addressed solely to the = persons
above and may contain confidential information. If you = have received
the message in error, be informed that any use = of the content hereof
is prohibited and it is punished by law. = Please return it immediately
to the sender and delete the = message. Should you have any questions,
please contact us at = privacy@answervad.it
--= ------------------------------------------------------------------







=

= --Apple-Mail-10--415255703--