Why are ALL of my outgoing e-mails being blocked and returned as undeliverable?

Your WAN IP adress has been "seen" as a spammers IP adres. This means that your internet connection has used the internet to spam all around the world. I have checked if your IP adress is listed, and it was:

http://www.mxtoolbox.com/blacklists.aspx


Check this page how to remove you ip adress from the blacklist. Then check again if you are listed, and send email.

http://cbl.abuseat.org/removeX.cgi?ip=66.208.121.98

http://www.mxtoolbox.com/blacklists.aspx
You need to go to http://www.mxtoolbox.com/BlacklistSuggestions.aspx and follow the suggestions.

I suggest you check your email server to ensure the forwarding is not active and use smtpdiag from MS to test the smtp services.

It may be a workstation that is acting as a spam engine so checking for unusual traffic would also be a good idea.

GS

I went to http://www.mxtoolbox.com/blacklists.aspx and put in our static IP address which is 66.208.121.98 and it showed on 147 black list companies that we were OK.  I am downloading the SMTPDIAG onto our server right now to check that.  I wish that I knew more about this, but I am an audio guy, not a computer guy, but I have been put in charge of this new server as part of my job so I have to comply.

As suggested,   you should check the forwarding rules of your mail server. It should forward all incoming mail to local users (seems to work!) and locally originated mail to anyone outside, but never forward on behalf of external requests to other external addresses (the last part would be called "open relay" or similar; not good). Once that is OK, you need to set your firewall to block SMTP (port 25) traffic for all computers except your mail server, thus blocking any zombied workstations that may reside on your network to send spam on their own from/via your external IP.
/RID

How do I check the forwarding rules in Exchange?  As far as our firewall, we have a D-Link router that was provided by the ISP and the firewall that we are using is the one that is built into that router.  How would I configure my D-Link to block port 25 on every computer except my server?

http://articles.techrepublic.com.com/5100-10878_11-6058582.html

Checking your vulnerability

You can check your organization's Exchange servers to determine whether they're vulnerable to mail relay. The best way to do so is using a workstation from outside the company's network.

To check your servers, you need to know the fully qualified domain name (FQDN) for your e-mail server. If you don't know the FQDN, you can find it rather easily. Follow these steps:

   1. Go to Start | Run, type cmd, and click OK.
   2. At the command prompt, type nslookup, and press [Enter].
   3. Type set type=mx, and press [Enter].
   4. Type the domain name of your organization (e.g., techrepublic.com).

The results will show an MX preference that lists the name(s) of the Exchange server.

To determine whether your Exchange servers are vulnerable to open relays, follow these steps:

   1. Go to Start | Run, type telnet, and click OK.
   2. At the Telnet command prompt, type set localecho, and press [Enter].
   3. Type open <name.of.exchange.server> 25, replacing <name.of.exchange.server> with the FQDN of the Exchange server. 25 signifies the port you want to connect to. (TCP/IP port 25 is for SMTP.)

Your telnet console should return a result that looks something like the following. (The Version will vary, depending on the version of your Exchange server.)

220 <name.of.exchange.server> Microsoft ESMTP MAIL Service,
Version: 6.0.3790.1830 ready at date- -0500

   4. Next, type ehlo <anotherdomain.com>, replacing <anotherdomain.com> with any domain except your own, and press [Enter].

This will return some output, and the last line of the result should be:

250 OK

   5. Type mail from:<youremailaddress@anotherdomain.com>, replacing youremailaddress@anotherdomain.com with a valid e-mail address, and press [Enter].

This will return some more output, and the last line of the result should say:

250 2.1.0 youremailaddress@anotherdomain.com...Sender OK

   6. Type rcpt to:hacker@spammail.com, and press [Enter].

If you see the following result, you have an open relay and need to take action.

250 2.1.5 hacker@spammail.com

Stopping the relay

If you discover that your organization has an open relay, you need to stop it. To stop open relaying on the Default SMTP Virtual Server, follow these steps:

   1. Go to Start | All Programs | Microsoft Exchange | Exchange System Manager.
   2. Expand Servers, expand <Servername> (the name of your Exchange server), expand Protocols, and expand SMTP.
   3. Right-click Default SMTP Virtual Server, and select Properties.
   4. On the Access tab, click the Relay button at the bottom.
   5. Select the Only The List Below check box, and remove any entries in the list that aren't a part of your business network.
   6. Select the Allow All Computers Which Successfully Authenticate To Relay, Regardless Of The List Above check box.
   7. Close all dialog boxes.

Your Exchange server will now only relay mail for authenticated computers and computers that you have specifically allowed.

GS

I am at my computer at home and I went to the command prompt and did the nslookup, set type=mx, with the domain name of 4grace.org  It came back with a lot of information and I am unsure which one is the FQDN of our Exchange Server.  I believe that it is mail.4grace.org but I am unsure.  I will list exactly what my command prompt says.

Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.

C:\Documents and Settings\default>nslookup
Default Server:  computer.Belkin
Address:  192.168.2.1

> set type=mx
> 4grace.org
Server:  computer.Belkin
Address:  192.168.2.1

Non-authoritative answer:
4grace.org      MX preference = 10, mail exchanger = mail.4grace.org

4grace.org      nameserver = ns2.rushwebdesign.net
4grace.org      nameserver = ns1.rushwebdesign.net
mail.4grace.org internet address = 66.208.121.98
ns1.rushwebdesign.net   internet address = 216.216.95.9
ns2.rushwebdesign.net   internet address = 209.219.51.9
>

I also went into the SMTP Virtual Server in the Exchange System Manager and followed those steps and it is set up correctly according to the information that you gave in your last comment.  Out of the information above, what would be the FQDN?

I have just tested your FQDN (4grace.org) through mxtoolbox and can advise that you have been removed from the blacklists so email should start to flow again.

http://www.mxtoolbox.com/blacklists.aspx?IP=66.208.121.98

I also did an SMTPDIAG test and got an error
Connecting to the server failed. Error: 10060
Failed to submit mail to mail.4grace.org.

Is the server on at present?

GS

A bit more info:

Sounds to me like something is blocking you from getting you through to port 25.

It's possible that your ISP is blocking you from sending mail . If this is the case, you're going to have to call them up, there's no way around this issue. Some ISPs also have strict policies on how they will take oubound port 25 traffic, some forbid it completely while others require some form of authentication.

I will give my ISP a call and find out what the issue is.  The crazy thing is that our new e-mail server was working fine and then it just wasn't.  Come to find out, we are not receiving mail either.  We found a workstation computer that had the virus Antivirus XP 2008 on it, but we have gotten that resolved.  Speaking of, do you have any recommendations on a very good antivirus software both for our server as well as the workstations?  Thank you so much for all of your help.