Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 735
  • Last Modified:

Error 550 when sending mail

Sometimes when sending mail, we will get the following message:

550 rejected cannot route to sender

So far I have not been able to figure this out.  What causes this message and how do I fix it?  We are running Exchange 5.5 with service pack 4.  Our website is external and we have mail accounts there as well.  Either account returns the same message.
0
HrdwareGuy
Asked:
HrdwareGuy
  • 4
  • 2
1 Solution
 
pamster00Commented:
Hey Hardware:

There may be something amiss with your mail server's DNS info.  The address inside the angle <> brackets following the word "sender" in the full error message may give a clue.

Some receiving servers' anti-spam setups will look for spoofed addresses by comparing the MX info associated with the sender (resolution of what follows HELO or EHLO) with the info in the reverse path (resolution of what follows MAIL FROM:).  If they don't match, or a lookup fails, the receiving server sends 550 reject:  Cannot route to sender <address>.

0
 
HrdwareGuyAuthor Commented:
Is there any way that I can check what information the recipients mail server is getting to determine that this should be bounced?
0
 
pamster00Commented:
I did a google search for "reverse dns lookup" and pulled up this site.

http://remote.12dt.com/rns/

Put in your mail server's IP address and you'll see what domain name a spam blocker would be comparing against the domain name in your email address.

About three years ago, my ISP stopped supporting reverse lookups to customer domains.  My own WAN IP address resolves to my ISP's domain name.  I haven't yet encountered the bounce you're seeing, but I was unable to register at abuse.net because the domain name in my WAN IP's resolution is different than the domain name in my email address.

I also did a google search on "550 reject:  Cannot route" and retrieved citations mostly for unix environments.  Since the issue is reverse DNS lookups, it's platform independent and you could glean something even though you've got windows.

Some of the posts advised correspondents receiving the 550 rejection to contact the target, who would work out a way for their email to get through.  This bodes well for you.  If you're having a DNS problem that's out of your control, you should be able to contact administrator in the domains that're bouncing your mail.  I suspect the blocker has a list of allowed IP addresses to which yours can be added.



0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
HrdwareGuyAuthor Commented:
I also contacted my ISP to see if they could change the reverse lookup information.
0
 
pamster00Commented:
Glad to help.  Tasty little problem.
0
 
cursedzeusCommented:
sounds like your mail server has been used by spammers, and your ISP has blocked any emails being relayed from your Server.

Check the relaying settings in Exchange.

Also see if you can telnet onto the Exchange Server,
telnet <IP Address> 25  (25 is the port number for SMTP)

should should get

220  server ready message if not then check relay settings.
0
 
pamster00Commented:
Hey Zeus:

There doesn't appear to be a block by the ISP because some mail does go through.

The first two steps in the mail exchange, initiation (which can be done via telnet) and MAIL FROM: <return address> are used by the receiver's spam filter to discriminate against traffic that appears to originate from other than the source that initiates the connection.

Relay discrimination doesn't take place until the third step in the mail exchange, RCPT TO: <forwarding address>.  The domain in the forwarding address is checked to see if mail may be routed to it and "550 Relaying is prohibited" is returned if not.

The spam filter compares the domain listed in the return address with the domain resolved by doing a reverse DNS lookup on the object that initiated the mail exchange.  If they don't match, the exchange fails at that point, the 550 reject message is returned, and the third step is not reached.

Incidentally, one use of the 550 return code is to indicate message rejection based on a policy, such as a posture against spam or relaying.

0

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

  • 4
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now