Solved

reason: 554 5.7.1 Rejected [IP address] SPAM Not Welcome here

Posted on 2004-09-14
9
55,246 Views
Last Modified: 2013-12-17
I don't know why even some simple text messages are bounced back as SPAMs from our email server?. We installed Spamassassin 2.42-3. Clients are complaining abt keep getting bounced emails. We are not receiving them. I am new to this.

I attached one of the bounced email.
------------------------------------------------------------------------------------------

From: Mail Delivery Subsystem <MAILER-DAEMON@XXX.net>
Date: Tue Sep 14, 2004 10:56:02 AM bla bla
To: <user@domain1.org>
Subject: Returned mail: see transcript for details

The original message was received at Tue, 14 Sep 2004 10:55:56 -0400
from xx.yy.zzz.net [IP Address]

----- The following addresses had permanent fatal errors -----
<abc@domain2.org>
(reason: 554 5.7.1 Rejected [IP address] SPAM Not Welcome here)

----- Transcript of session follows -----
... while talking to mail.domian2.org.:

MAIL From:<user@domain1.org>

<<< 554 5.7.1 Rejected [IP address] SPAM Not Welcome here
554 5.0.0 Service unavailable
Reporting-MTA: dns; xx.yy.zzz.net
Received-From-MTA: DNS; xx.yy.zzz.net
Arrival-Date: Tue, 14 Sep 2004 10:55:56 -0400

Final-Recipient: RFC822; user@domain1.org
Action: failed
Status: 5.7.1
Diagnostic-Code: SMTP; 554 5.7.1 Rejected [IP address] SPAM Not Welcome here
Last-Attempt-Date: Tue, 14 Sep 2004 10:56:02 -0400
-------------------------------------------------------------------------------------------------

Why even simple messages get bounced back? Any way to prevent it?

Thanks
0
Comment
Question by:karthikeyanTP
  • 4
  • 4
9 Comments
 
LVL 40

Expert Comment

by:jlevie
ID: 12060086
It is hard to say anything intelligent about this without knowing:

o What OS
o Where your copy of SpamAssassin came from
o What xx.yy.zzz.net [IP Address] is
o Whether SpamAssassin is being run stand-alone or from something like MIMEdefang, MailScanner, etc.

I'd hazard a guess, and it is only that at this point, that xx.yy.zzz.net is black listed somewhere and SpamAssassin is doing RBL checks.
0
 
LVL 2

Author Comment

by:karthikeyanTP
ID: 12060120
o  What OS

Redhat Linux 7.1

o Where your copy of SpamAssassin came from

the client emailed to us and I just posted here

o What xx.yy.zzz.net [IP Address] is

I put xx.yy.zz.net and [IP address] to protect web address and actual IP address.

o Whether SpamAssassin is being run stand-alone or from something like MIMEdefang, MailScanner, etc.

It is run with sendmail and SpamAssassin is run as Mail scanner.

Does it help?
0
 
LVL 40

Expert Comment

by:jlevie
ID: 12060572
> the client emailed to us and I just posted here

I presume you mean the message. I'm interested in where you downloaded the SpamAssassin package from.

> I put xx.yy.zz.net and [IP address] to protect web address and actual IP address.

I realize that's why you hid the data, but do do any checking on why SpamAssassin rejected the message we have to know what the real data is for the source of the message. Note that releasing that data doesn't expose the client's email address, only the IP of the system they are sending the email from. So there's no real risk.
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 2

Author Comment

by:karthikeyanTP
ID: 12063972

Hai jlevie,

>I'm interested in where you downloaded the SpamAssassin package from.

The person who worked before me did all the installation. I don't know from where he downloaded. I very much hope that he got it from reliable source - spamassassin.org.  It is working good. Only thing is, some geniune messages are returned back as SPAMs.

>I realize that's why you hid the data, but do do any checking ......................

See if the following data help you. I used clientDomain and ourDomain for more readability. Let  me know if you need anything.

From: Mail Delivery Subsystem <MAILER-DAEMON@mxsf26.cluster1.charter.net>
Date: Tue Sep 14, 2004 10:56:02 AM America/Detroit
To: <client@clientDomain.org>
Subject: Returned mail: see transcript for details

The original message was received at Tue, 14 Sep 2004 10:55:56 -0400
from mxip06a.cluster1.charter.net [209.225.28.136]

----- The following addresses had permanent fatal errors -----
<ourEmail@ourDomain.org>
(reason: 554 5.7.1 Rejected 209.225.28.226 SPAM Not Welcome here)

----- Transcript of session follows -----
... while talking to mail.ourDomain.org.:

MAIL From:<client@clientDomain.org>

<<< 554 5.7.1 Rejected 209.225.28.226 SPAM Not Welcome here
554 5.0.0 Service unavailable
Reporting-MTA: dns; mxsf26.cluster1.charter.net
Received-From-MTA: DNS; mxip06a.cluster1.charter.net
Arrival-Date: Tue, 14 Sep 2004 10:55:56 -0400

Final-Recipient: RFC822; ourEmail@ourDomain.org
Action: failed
Status: 5.7.1
Diagnostic-Code: SMTP; 554 5.7.1 Rejected 209.225.28.226 SPAM Not Welcome here
Last-Attempt-Date: Tue, 14 Sep 2004 10:56:02 -0400


Thanks,
0
 
LVL 40

Expert Comment

by:jlevie
ID: 12066319
I'm sorry, but without full disclosure I can't tell where this message was from or to. All I can say from the above is that a mail server at charter.net objected to the message. It isn't possible from that bounce to tell why.
0
 
LVL 2

Author Comment

by:karthikeyanTP
ID: 12066514
Hai jlevie,

Thanks.

I agreed that mail server at charter.net objected to the message. Some clients (who tried to sent email to us) from Italy said that their email returned back to them. Is there anything that I need to configure from my side so that geniune messages (not SPAMS) gets through Spamassassin?

0
 
LVL 40

Accepted Solution

by:
jlevie earned 250 total points
ID: 12067245
Since it was Charter's servers that blocked the message before they made it to your mail server, there's nothing that you could do with your config to affect that other than arrainging for mail to be delivered directly to your server and bypass Charter.
0
 
LVL 5

Expert Comment

by:cgrey
ID: 12067266
Is SpamAssassin running as a milter? If not, I don't believe it's being rejected by Spam Assassin. This looks like something in access.db or another milter or even a dnsrbl configured within sendmail.mc.  Have you looked in your access file and sendmail.mc to see what other controls are being used?
0
 
LVL 2

Author Comment

by:karthikeyanTP
ID: 12070418
Thanks jlevie
0

Featured Post

Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Creating a reverse DNS record 3 68
Distribution groups exchange 2013 6 56
exchange out of office 8 53
The disk onto which one mailbox database is going to be full 13 34
New-MailboxSearch Powershell Command and step by step approach to Search and Extract Emails form Exchange 2013 Journaling server.
Resolve DNS query failed errors for Exchange
Familiarize people with the process of utilizing SQL Server functions from within Microsoft Access. Microsoft Access is a very powerful client/server development tool. One of the SQL Server objects that you can interact with from within Microsoft Ac…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

790 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question