rblsmtpd causes error to show in Outlook from linux server

I have a redhat/plesk/qmail with rbl, odeiavir, spamassasin install.

One domain XXX.com has started having problems. There are about 130 email account and only 2 or 3 are experiencing this.

When they send an email they get
"Task 'XXX.copm' - Sending' reported error (0x8000CCC60):'Your outgoing (SMTP-e-mail server has reported an internal error... blah blah blah... The server responded "rblsmtpd: pid 27817: 451 http://www.spamhaus.org/query/bl?ip='"
This was reported by outlook on their laptop.

Ok - First I checked at spamhaus is listed as a CBL.
The customer is working that issue. It is the IP address for their main business office.

Now my questions are - This is my customer sending out an email. I thought the rblsmtpd primarily checked emails coming TO my customers, not being sent out FROM my customers. Is this correct?

Second: This is only happening on 2 or 3 computers at the customers site. They have about 60 workers at this site. Why only 2 or 3?

Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

CBL is the Composite Blocking List. It lists individual IP's that have been caught sending Spam or Viral content to Spam Traps (frequently as a result of viral infections). Most likely someone at your customer's office got a virus on one or more machines that sent spam/viral content to one of the Spam Traps and caused that IP to be listed.

The blacklist  is being checked as the message is being received and it will be rejected if the IP is blacklisted whether it is for a local account or it is to be relayed elsewhere. On a Sendmail system that is doing blacklist checks at the SMTP server level you can use an entry in the access database to disable the RBL check for that IP(s). There's probably something similar than can be done for qmail/rblsmtpd. Check the docs.
bSparkmanAuthor Commented:
Thank You jlevie.

I understand both of your points.  However it still does not explain why every PC in the office is not being treated the same way.  55 PCs now have never experience a failure.  4 pcs fail sometimes.  1 notebook fails all the time and he finally had to change back to his telephone/ISP provider instead of me - the hosting provider.  This fails when sending an email out - not when receiving an email.  Another piece of the puzzle.

It may not be as mysterous as you think. I assume this site isn't on your server's local network, but rather somewhere on the Internet. Does this office/site have a block of Internet IP's where each system gets an Internet IP?

The CBL black lists any IP it catches sending spam or viral mail to one of the spamtraps. If the notebook system uses the same Internet IP all the time and has ever been infected with a mass mailer virus it could get listed at CBL. Since your mail server is using the CBL black list it will reject SMTP traffic from that IP when that user attempts to send mail to or through your server.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Email Servers

From novice to tech pro — start learning today.