In article <bdf316415c.chris@mytardis>,
Chris Hughes <news13@noonehere.co.uk> wrote:

In message <5c410cd720bob@sick-of-spam.invalid>
Bob Latham <bob@sick-of-spam.invalid> wrote:

What sort of errors?

Complaining about my host name and domain name.

Hmm for email it's mail.<your domain name>.org.uk
for both SMTP and POP3

It is indeed and mine has been set that way for a very long time
which is why I didn't wish to reveal that full url as it publishes my
email address.

Have you turned on detailed logging on in Hermes for your accounts
that use Xencentric,

Yes, first thing I did.

as they will show the interaction between your computer
and their server and might give you more information.

The xentric (or whatever its called) people told me my problem is in
the helo message but having got passed the issues of certificates and
AcornSSL it is not preventing me posting so I have time to fiddle.

Their error log tells me to look at certain rfc specs and that tells
me that the helo needs to be either an ip address in square brackets
[x.x.x.x] or an FQDN. The logs from Hermes shows that mine is neither
at the moment. My best efforts to change that in RISC OS not Hermes
didn't do anything according to Hermes logs. I'm working on it...

I'm at a loss to understand why the "local domain" field is greyed
out unless you have "try name server too" ticked. The whole local
domain thing makes zero sense to me.

Yes, I do know that Hermes can set the helo for each smtp server it
connects to and no, I'm not using that feature at the moment.

I want to experiment to learn more before I decide which path suits
me best.

Bob.


--- MBSE BBS v1.1.2 (Linux-x86_64)
* Origin: None (3:633/280.2@fidonet)

Bob Latham <bob@sick-of-spam.invalid> wrote:

The xentric (or whatever its called) people told me my problem is in
the helo message but having got passed the issues of certificates and AcornSSL it is not preventing me posting so I have time to fiddle.

Their error log tells me to look at certain rfc specs and that tells
me that the helo needs to be either an ip address in square brackets [x.x.x.x] or an FQDN. The logs from Hermes shows that mine is neither
at the moment. My best efforts to change that in RISC OS not Hermes
didn't do anything according to Hermes logs. I'm working on it...

I'm at a loss to understand why the "local domain" field is greyed
out unless you have "try name server too" ticked. The whole local
domain thing makes zero sense to me.

I think you're conflating two things. The HELO/EHLO is something said
during the SMTP handshaking - I type 'HELO example.wibble' when connecting
to the SMTP server:

$ nc -v Server2.xencentrichosting.uk 25
Connection to Server2.xencentrichosting.uk (193.35.57.251) 25 port [tcp/smtp] succeeded!
220 server2.xencentrichosting.uk ESMTP Exim 4.98.2 Thu, 24 Jul 2025 10:46:29 +0100
HELO example.wibble
250 server2.xencentrichosting.uk Hello example.wibble [redacted.my.publicip.address]
QUIT
221 server2.xencentrichosting.uk closing connection

That's entirely different from anything set in your machine's IP address
config for talking to the local network.

Perhaps Xencentric are deciding that anyone who declares themselves to be a made up name like example.wibble is a spammer and blocking them.

Yes, I do know that Hermes can set the helo for each smtp server it
connects to and no, I'm not using that feature at the moment.

Try using that. Thunderbird sends the string 'ehlo.thunderbird.net' to
any server (in order to avoid leaking the local IP address): https://support.mozilla.org/en-US/kb/thunderbird-smtp-ehlo

You could tell Hermes to use the same. At least then it would be identical
to a popular mail client.


There's a second issue with Server2.xencentrichosting.uk specifically that
it's using a self-signed certificate, but I suspect that might be different with the mail.yourdomain.com servers. So may not be relevant in your case.

Theo

--- MBSE BBS v1.1.2 (Linux-x86_64)
* Origin: University of Cambridge, England (3:633/280.2@fidonet)

In article <ioE*-diiA@news.chiark.greenend.org.uk>,
Theo <theom+news@chiark.greenend.org.uk> wrote:

Bob Latham <bob@sick-of-spam.invalid> wrote:

The xentric (or whatever its called) people told me my problem is
in the helo message but having got passed the issues of
certificates and AcornSSL it is not preventing me posting so I
have time to fiddle.

Their error log tells me to look at certain rfc specs and that
tells me that the helo needs to be either an ip address in square
brackets [x.x.x.x] or an FQDN. The logs from Hermes shows that
mine is neither at the moment. My best efforts to change that in
RISC OS not Hermes didn't do anything according to Hermes logs.
I'm working on it...

I'm at a loss to understand why the "local domain" field is
greyed out unless you have "try name server too" ticked. The
whole local domain thing makes zero sense to me.

I think you're conflating two things. The HELO/EHLO is something
said during the SMTP handshaking - I type 'HELO example.wibble'
when connecting to the SMTP server:

Yes, that is where that issue occurs.

That's entirely different from anything set in your machine's IP
address config for talking to the local network.

I'm confused again.

Here is what the isp sent to me from their logs...

2025-07-23 10:46:43 H=dudl [snip details] .virginm.net (iMX6-1)
[82.34.xx.xx] F=bob@somewhere.org.uk rejected RCPT rcomp@rcomp.co.uk:
R1: HELO should be a FQDN or address literal (See RFC 2821 4.1.1.1)

So I looked at the RFC. It says either an ip address in square
brackets or an FQDN.

Mine is/was just iMX6-1.

So my reading of that is it should be either:

[192.168.1.31] Can't be a WAN address that changes quite a bit and
it seems to need to specify the machine which the
Wan address can't do due to NAT. On the other hand
the LAN address is irrelevant to anything on the
WAN.
or
iMX6-1.somewhere.org.org.uk

Why can't articles be clear what they mean by IP address !

Try using that. Thunderbird sends the string
'ehlo.thunderbird.net' to any server (in order to avoid leaking the
local IP address):
https://support.mozilla.org/en-US/kb/thunderbird-smtp-ehlo

That article suggests its the WAN IP address it's after. Grrrr.

Sorry but what do you mean by local IP address? Lan or Wan?

You could tell Hermes to use the same. At least then it would be
identical to a popular mail client.

Right so we don't touch the OS settings just the smtp setting in
Hermes for that account?

I'll give that a spin over the next day or two. Bit sick of it at the
moment.

There's a second issue with Server2.xencentrichosting.uk
specifically that it's using a self-signed certificate, but I
suspect that might be different with the mail.yourdomain.com
servers. So may not be relevant in your case.

Oh no. Please make it stop !!

Thanks,

Bob.


--- MBSE BBS v1.1.2 (Linux-x86_64)
* Origin: None (3:633/280.2@fidonet)

Bob Latham <bob@sick-of-spam.invalid> wrote:

In article <ioE*-diiA@news.chiark.greenend.org.uk>,
Theo <theom+news@chiark.greenend.org.uk> wrote:

Bob Latham <bob@sick-of-spam.invalid> wrote:

I'm confused again.

Here is what the isp sent to me from their logs...

2025-07-23 10:46:43 H=dudl [snip details] .virginm.net (iMX6-1)
[82.34.xx.xx] F=bob@somewhere.org.uk rejected RCPT rcomp@rcomp.co.uk:
R1: HELO should be a FQDN or address literal (See RFC 2821 4.1.1.1)

So I looked at the RFC. It says either an ip address in square
brackets or an FQDN.

Mine is/was just iMX6-1.

So my reading of that is it should be either:

[192.168.1.31] Can't be a WAN address that changes quite a bit and
it seems to need to specify the machine which the
Wan address can't do due to NAT. On the other hand
the LAN address is irrelevant to anything on the
WAN.
or
iMX6-1.somewhere.org.org.uk

It doesn't really matter. It used to, years ago, but nowadays it's only
being used by the spam filtering rules as a shibboleth: if you say something silly the server will decide you're a spammer and tell you to go away. As
long as you say something sensible the server will be happy. What you say
will appear in the headers of your sent emails but that doesn't mean very
much.

eg if I find a mail you sent to the StrongEd mailing list I see this in the headers:

Received: from dudl....virginm.net ([82.34.xx.xx] helo=iMX6-1)
by server4.xencentrichosting.uk with esmtpsa (TLS1.2) tls TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
(Exim 4.98.2)
(envelope-from <you@yourdomain.com>)
id <message-id>

but those header lines are the only place it'll show up.

Why can't articles be clear what they mean by IP address !

Try using that. Thunderbird sends the string
'ehlo.thunderbird.net' to any server (in order to avoid leaking the
local IP address): https://support.mozilla.org/en-US/kb/thunderbird-smtp-ehlo

That article suggests its the WAN IP address it's after. Grrrr.

Sorry but what do you mean by local IP address? Lan or Wan?

In this particular case Thunderbird are worried about people connecting via
a VPN to hide their location. If you connect from a VPN provider IP address but say:

HELO bob.pentagon.mil

then it's leaked something about where you happen to be, ie the VPN didn't properly hide your location. That's why they just set it to something valid but not real, that's the same for everyone.

You could tell Hermes to use the same. At least then it would be
identical to a popular mail client.

Right so we don't touch the OS settings just the smtp setting in
Hermes for that account?

Exactly. It's a mail client setting not a networking setting.

Theo

--- MBSE BBS v1.1.2 (Linux-x86_64)
* Origin: University of Cambridge, England (3:633/280.2@fidonet)

In article <koE*hKkiA@news.chiark.greenend.org.uk>,
Theo <theom+news@chiark.greenend.org.uk> wrote:

It doesn't really matter.

Okay. So to sum up.

The 'helo' setting for smtp outgoing email must adhere to a
specification ie. an ip address in square brackets or a fully
qualified domain name BUT !!! the values in those setting no longer
matters, it's only the format that matters.

It is therefore okay to use ehlo.thunderbird.net or similar. I have
tested that as far as I can and it works but I can't see the server
logs.

Best to do this in Hermes smtp settings and not the machines network
settings. This will prevent your domain being 'published' in that
setting.

Have I got it at last?

Thanks Theo.

Cheers,

Bob.


--- MBSE BBS v1.1.2 (Linux-x86_64)
* Origin: None (3:633/280.2@fidonet)

Bob Latham <bob@sick-of-spam.invalid> wrote:

In article <koE*hKkiA@news.chiark.greenend.org.uk>,
Theo <theom+news@chiark.greenend.org.uk> wrote:

It doesn't really matter.

Okay. So to sum up.

The 'helo' setting for smtp outgoing email must adhere to a
specification ie. an ip address in square brackets or a fully
qualified domain name BUT !!! the values in those setting no longer
matters, it's only the format that matters.

It is therefore okay to use ehlo.thunderbird.net or similar. I have
tested that as far as I can and it works but I can't see the server
logs.

Best to do this in Hermes smtp settings and not the machines network settings. This will prevent your domain being 'published' in that
setting.

Have I got it at last?

Yes, that's all correct.

Theo

--- MBSE BBS v1.1.2 (Linux-x86_64)
* Origin: University of Cambridge, England (3:633/280.2@fidonet)