550 Bad HELO - Host impersonating hostname [echo.mxrouting.net]

#1

So, I recently setup a pipedrive account (it’s a CRM type of system). It has the option of synchronizing with your email account, which is useful since I can then communicate with users with all the relevant information at hand.

While the syncing of the inbox works great, sending an email through their interface doesn’t work (I get a generic error like ‘sorry, couldn’t send your email’).
I’ve contacted their support, and they’re reporting the following error:

550 Bad HELO - Host impersonating hostname [echo.mxrouting.net]

Unfortunately, they’re so far unable to tell me the command they’re sending, just that they get this error.
I tried to reproduce the error using a telnet session, and I get this exact same error if I send the following:

HELO echo.mxrouting.net

which makes sense to me, since the HELO should identify the initiating server, not my SMTP server, right?

Now to my questions:

  1. Are there other ways to trigger this error?
  2. Is there something I can do to fix this on my end (if pipedrive can’t/won’t change things on their end I mean)?

Any help or pointers are greatly appreciated!

PS Regular email sending using my email client has been fine for over a year and is still doing fine. So, I think it’s about how pipedrive is trying to send the email

#2

Thanks for writing this up with such great detail :slight_smile:

That is in fact the only way to trigger that specific error. If they’re taking your configured SMTP server and repeating it as the HELO statement, that is definitely an indication of faulty code. It is certain that this is what they’re doing in this case.

It’s a fairly significant oversight and personally I’d pause a bit before continuing down the path of using their software if no one there is able to escalate that problem to an engineer. It just makes me wonder what support might be like down the road when problems arise that you can’t work around without them acknowledging the issue.

With that said, I do believe that I know a way to work around it. Use this guide to create a custom mail subdomain and get it signed for SSL: https://mxroutehelp.com/index.php/2019/08/25/custom-webmail-pop-imap-smtp-domain/

Then in their software use that custom mail subdomain instead of echo.mxrouting.net for the SMTP server. The way that exim is aware of that hostname should not extend to such a degree that it treats it as a local hostname and then fails at a spoofed HELO statement.

#3

Thanks for the quick reply Jarland!
Getting such a detailed and knowledgeable reply feels great and indeed the converse: NOT getting real useful help is a bit of a red flag, but unfortunately pretty common with a lot of online tools in my experience :frowning:

I’m going to push a bit more now that you have confirmed that most likely the error is on their part, and if that doesn’t work I’ll try the workaround you suggested.

Have a great day!