[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 55347
  • Last Modified:

reason: 554 5.7.1 Rejected [IP address] SPAM Not Welcome here

I don't know why even some simple text messages are bounced back as SPAMs from our email server?. We installed Spamassassin 2.42-3. Clients are complaining abt keep getting bounced emails. We are not receiving them. I am new to this.

I attached one of the bounced email.
------------------------------------------------------------------------------------------

From: Mail Delivery Subsystem <MAILER-DAEMON@XXX.net>
Date: Tue Sep 14, 2004 10:56:02 AM bla bla
To: <user@domain1.org>
Subject: Returned mail: see transcript for details

The original message was received at Tue, 14 Sep 2004 10:55:56 -0400
from xx.yy.zzz.net [IP Address]

----- The following addresses had permanent fatal errors -----
<abc@domain2.org>
(reason: 554 5.7.1 Rejected [IP address] SPAM Not Welcome here)

----- Transcript of session follows -----
... while talking to mail.domian2.org.:

MAIL From:<user@domain1.org>

<<< 554 5.7.1 Rejected [IP address] SPAM Not Welcome here
554 5.0.0 Service unavailable
Reporting-MTA: dns; xx.yy.zzz.net
Received-From-MTA: DNS; xx.yy.zzz.net
Arrival-Date: Tue, 14 Sep 2004 10:55:56 -0400

Final-Recipient: RFC822; user@domain1.org
Action: failed
Status: 5.7.1
Diagnostic-Code: SMTP; 554 5.7.1 Rejected [IP address] SPAM Not Welcome here
Last-Attempt-Date: Tue, 14 Sep 2004 10:56:02 -0400
-------------------------------------------------------------------------------------------------

Why even simple messages get bounced back? Any way to prevent it?

Thanks
0
karthikeyanTP
Asked:
karthikeyanTP
  • 4
  • 4
1 Solution
 
jlevieCommented:
It is hard to say anything intelligent about this without knowing:

o What OS
o Where your copy of SpamAssassin came from
o What xx.yy.zzz.net [IP Address] is
o Whether SpamAssassin is being run stand-alone or from something like MIMEdefang, MailScanner, etc.

I'd hazard a guess, and it is only that at this point, that xx.yy.zzz.net is black listed somewhere and SpamAssassin is doing RBL checks.
0
 
karthikeyanTPAuthor Commented:
o  What OS

Redhat Linux 7.1

o Where your copy of SpamAssassin came from

the client emailed to us and I just posted here

o What xx.yy.zzz.net [IP Address] is

I put xx.yy.zz.net and [IP address] to protect web address and actual IP address.

o Whether SpamAssassin is being run stand-alone or from something like MIMEdefang, MailScanner, etc.

It is run with sendmail and SpamAssassin is run as Mail scanner.

Does it help?
0
 
jlevieCommented:
> the client emailed to us and I just posted here

I presume you mean the message. I'm interested in where you downloaded the SpamAssassin package from.

> I put xx.yy.zz.net and [IP address] to protect web address and actual IP address.

I realize that's why you hid the data, but do do any checking on why SpamAssassin rejected the message we have to know what the real data is for the source of the message. Note that releasing that data doesn't expose the client's email address, only the IP of the system they are sending the email from. So there's no real risk.
0
Nothing ever in the clear!

This technical paper will help you implement VMware’s VM encryption as well as implement Veeam encryption which together will achieve the nothing ever in the clear goal. If a bad guy steals VMs, backups or traffic they get nothing.

 
karthikeyanTPAuthor Commented:

Hai jlevie,

>I'm interested in where you downloaded the SpamAssassin package from.

The person who worked before me did all the installation. I don't know from where he downloaded. I very much hope that he got it from reliable source - spamassassin.org.  It is working good. Only thing is, some geniune messages are returned back as SPAMs.

>I realize that's why you hid the data, but do do any checking ......................

See if the following data help you. I used clientDomain and ourDomain for more readability. Let  me know if you need anything.

From: Mail Delivery Subsystem <MAILER-DAEMON@mxsf26.cluster1.charter.net>
Date: Tue Sep 14, 2004 10:56:02 AM America/Detroit
To: <client@clientDomain.org>
Subject: Returned mail: see transcript for details

The original message was received at Tue, 14 Sep 2004 10:55:56 -0400
from mxip06a.cluster1.charter.net [209.225.28.136]

----- The following addresses had permanent fatal errors -----
<ourEmail@ourDomain.org>
(reason: 554 5.7.1 Rejected 209.225.28.226 SPAM Not Welcome here)

----- Transcript of session follows -----
... while talking to mail.ourDomain.org.:

MAIL From:<client@clientDomain.org>

<<< 554 5.7.1 Rejected 209.225.28.226 SPAM Not Welcome here
554 5.0.0 Service unavailable
Reporting-MTA: dns; mxsf26.cluster1.charter.net
Received-From-MTA: DNS; mxip06a.cluster1.charter.net
Arrival-Date: Tue, 14 Sep 2004 10:55:56 -0400

Final-Recipient: RFC822; ourEmail@ourDomain.org
Action: failed
Status: 5.7.1
Diagnostic-Code: SMTP; 554 5.7.1 Rejected 209.225.28.226 SPAM Not Welcome here
Last-Attempt-Date: Tue, 14 Sep 2004 10:56:02 -0400


Thanks,
0
 
jlevieCommented:
I'm sorry, but without full disclosure I can't tell where this message was from or to. All I can say from the above is that a mail server at charter.net objected to the message. It isn't possible from that bounce to tell why.
0
 
karthikeyanTPAuthor Commented:
Hai jlevie,

Thanks.

I agreed that mail server at charter.net objected to the message. Some clients (who tried to sent email to us) from Italy said that their email returned back to them. Is there anything that I need to configure from my side so that geniune messages (not SPAMS) gets through Spamassassin?

0
 
jlevieCommented:
Since it was Charter's servers that blocked the message before they made it to your mail server, there's nothing that you could do with your config to affect that other than arrainging for mail to be delivered directly to your server and bypass Charter.
0
 
cgreyCommented:
Is SpamAssassin running as a milter? If not, I don't believe it's being rejected by Spam Assassin. This looks like something in access.db or another milter or even a dnsrbl configured within sendmail.mc.  Have you looked in your access file and sendmail.mc to see what other controls are being used?
0
 
karthikeyanTPAuthor Commented:
Thanks jlevie
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

  • 4
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now