Go Premium for a chance to win a PS4. Enter to Win


Problem sending to hotmail - "Command rejected for policy reasons"

Posted on 2006-10-25
Medium Priority
Last Modified: 2012-05-05
Hi - this is a bit of a big question / couple rolled into one!

We recently placed the spamhaus and ordb connection filters into exchange within our SBS 2003 server. We also support numerous other SBS 2003 servers which we were going to roll out the same settings to. After setting up ours, and one of our customers - we hit our first problem.... WE HAD BEEN BLACKLISTED!
As our server is on the same network as our workshop (where we repair domestic pc's etc) we believe that we were on the CBL for this reason (viruses/spambots). We have now managed to remove ourselves, but would like to stop this happening again. Any suggestions?

As for the second part of my question, which I believe is related to the first - we are unable to send to hotmail:

|The following recipient(s) could not be reached:
|  xxxxxxxxxxx@hotmail.co.uk on 25/10/2006 09:39
|  There was a SMTP communication problem with the recipient's email server. Please contact your system administrator.
|  <fivenines.co.uk #5.5.0 smtp;550 Command rejected for policy reasons.>

I have checked using www.dnsstuff.com with the SPAM database lookup and we are now clean - BUT we were on 3 lists (all running from the CBL list) 24 hours ago.

I didn't know if I should list my IP or my domain name - but if it helps, let me know

This is quite an urgent one - as we need to resume normal communications - so I have allocated 500 points
Question by:mikcanavan
  • 2
  • 2
LVL 21

Expert Comment

ID: 17801853
Hi mikcanavan,

do you have reverse dns?
make sure you aren't on the blacklistst anymore and make sure that your server ain't an open relay

LVL 21

Expert Comment

ID: 17801862
LVL 74

Accepted Solution

Jeffrey Kane - TechSoEasy earned 2000 total points
ID: 17827902
FYI, you are technically violating EE rules by putting more than one question into a post.  I won't edit that out this time, but please refrain from the practice in the future because it otherwise doesn't make it very easy for folks to search from the database of PAQs. (Previously Answered Questions)...

The NDR error message may be related to being blacklisted... however asking how to avoid blacklisting is certainly a separate question.

If you really were blacklisted, and you think it may have been caused by having computers you repair connected to the network... then you need to not connect a computer that you suspect MAY have a virus (ie, any computer you are repairing) to the network/Internet until you have turned it on and verified that there is no virus.  Becuse otherwise you are being blacklisted for very good reason.

However, I wonder if you really WERE blacklisted?  According to http://mxtoolbox.com/index.aspx, you have THREE MX records... (assuming your domain is fivenines.co.uk).  Two of which are from 1and1, which are still blacklisted.  You should remove those unless you are using them as a backup mailserver, which I wouldn't recommend.

You can then run the diagnostic at mxtoolbox.com to see that your server is running just fine... however your Reverse DNS has not been modified to match your domain name.  This generally doesn't cause a problem, but some larger mail servers don't like it.  (I've never heard of a problem with Hotmail, though).  You can contact your ISP (ZEN Internet) to have them modify the reverse DNS.  Another view of your settings is here:  http://www.robtex.com/ip/

I'd also note that while I was reviewing your settings, I checked your server's SSL certificate which was not created with the appropriate name.  When you run the Configure Email and Internet Connection Wizard (CEICW -- which is linked as Connect to the Internet in the Server Management Console > Internet and Email) you should put "mail.fivenines.co.uk" in as the FQDN of your server (even if your server has a different host name, your certificate needs to match what is listed as your HOST A record in your 1and1 DNS zone file).  Rerun the CEICW to change this.

A visual how-to is here:  http://sbsurl.com/ceicw and a full networking overview for SBS is at http://sbsurl.com/msicw

Within that wizard you'll see a "more information" button on each screen that has invaluable help in deciding which options to select.  
Be sure to check those out as well.

I don't know if I directly answered anything for you here... but I would troubleshoot by removing the spamhaus and ordb connection filters since it is unclear whether adding those is the cause of you getting these NDR's.  If you remove those and you stop getting the NDRs, then you can add them back to see if they are truly the cause.


Author Comment

ID: 17921285
Thanks Jeff

There was a lot to go through there... and it has taken a couple of weeks for things like the rDNS requests to go through, but we have learnt a great deal from just your post alone!!!

We are now able to send to Hotmail - and are no longer listed in any of dnsstuff's Spam database lookups.

I will try over the next week or so - adding the spamhaus and ordb connection filters again... and see if that is the cause.

Thanks again Jeff
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 17922540
There's no real need to add the spamhaus and ordb filters if you are using Exchange SP2 with the Intelligent Message Filter. That'll filter out just as much as using those blacklists without nearly as much effort by your server's resources.


Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The articles for turning off the Client firewall policy on the internet are for SBS 2008 and don't really help for SBS 2011. They actually moved the Client firewall policy. In 2011, the client firewall policy has moved to the SBS computers conta…
Because virtualization becomes more and more common, and, with Microsoft Hyper-V included in Windows Server at no additional costs, and, most server hardware nowadays is more than capable of running a physical Small Business Server (SBS) 2008 or 201…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an anti-spam), the admin…
Look below the covers at a subform control , and the form that is inside it. Explore properties and see how easy it is to aggregate, get statistics, and synchronize results for your data. A Microsoft Access subform is used to show relevant calcul…

972 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question