Solved

Problem sending to hotmail - "Command rejected for policy reasons"

Posted on 2006-10-25
5
889 Views
Last Modified: 2012-05-05
Hi - this is a bit of a big question / couple rolled into one!

We recently placed the spamhaus and ordb connection filters into exchange within our SBS 2003 server. We also support numerous other SBS 2003 servers which we were going to roll out the same settings to. After setting up ours, and one of our customers - we hit our first problem.... WE HAD BEEN BLACKLISTED!
As our server is on the same network as our workshop (where we repair domestic pc's etc) we believe that we were on the CBL for this reason (viruses/spambots). We have now managed to remove ourselves, but would like to stop this happening again. Any suggestions?

As for the second part of my question, which I believe is related to the first - we are unable to send to hotmail:

|The following recipient(s) could not be reached:
|
|  xxxxxxxxxxx@hotmail.co.uk on 25/10/2006 09:39
|  There was a SMTP communication problem with the recipient's email server. Please contact your system administrator.
|  <fivenines.co.uk #5.5.0 smtp;550 Command rejected for policy reasons.>

I have checked using www.dnsstuff.com with the SPAM database lookup and we are now clean - BUT we were on 3 lists (all running from the CBL list) 24 hours ago.
-------------------------------------------------------------------------

I didn't know if I should list my IP or my domain name - but if it helps, let me know

This is quite an urgent one - as we need to resume normal communications - so I have allocated 500 points
0
Comment
Question by:mikcanavan
  • 2
  • 2
5 Comments
 
LVL 21

Expert Comment

by:suppsaws
ID: 17801853
Hi mikcanavan,

do you have reverse dns?
make sure you aren't on the blacklistst anymore and make sure that your server ain't an open relay


Cheers!
0
 
LVL 21

Expert Comment

by:suppsaws
ID: 17801862
0
 
LVL 74

Accepted Solution

by:
Jeffrey Kane - TechSoEasy earned 500 total points
ID: 17827902
FYI, you are technically violating EE rules by putting more than one question into a post.  I won't edit that out this time, but please refrain from the practice in the future because it otherwise doesn't make it very easy for folks to search from the database of PAQs. (Previously Answered Questions)...

The NDR error message may be related to being blacklisted... however asking how to avoid blacklisting is certainly a separate question.

If you really were blacklisted, and you think it may have been caused by having computers you repair connected to the network... then you need to not connect a computer that you suspect MAY have a virus (ie, any computer you are repairing) to the network/Internet until you have turned it on and verified that there is no virus.  Becuse otherwise you are being blacklisted for very good reason.

However, I wonder if you really WERE blacklisted?  According to http://mxtoolbox.com/index.aspx, you have THREE MX records... (assuming your domain is fivenines.co.uk).  Two of which are from 1and1, which are still blacklisted.  You should remove those unless you are using them as a backup mailserver, which I wouldn't recommend.

You can then run the diagnostic at mxtoolbox.com to see that your server is running just fine... however your Reverse DNS has not been modified to match your domain name.  This generally doesn't cause a problem, but some larger mail servers don't like it.  (I've never heard of a problem with Hotmail, though).  You can contact your ISP (ZEN Internet) to have them modify the reverse DNS.  Another view of your settings is here:  http://www.robtex.com/ip/82.69.18.244.html

I'd also note that while I was reviewing your settings, I checked your server's SSL certificate which was not created with the appropriate name.  When you run the Configure Email and Internet Connection Wizard (CEICW -- which is linked as Connect to the Internet in the Server Management Console > Internet and Email) you should put "mail.fivenines.co.uk" in as the FQDN of your server (even if your server has a different host name, your certificate needs to match what is listed as your HOST A record in your 1and1 DNS zone file).  Rerun the CEICW to change this.

A visual how-to is here:  http://sbsurl.com/ceicw and a full networking overview for SBS is at http://sbsurl.com/msicw

Within that wizard you'll see a "more information" button on each screen that has invaluable help in deciding which options to select.  
Be sure to check those out as well.

I don't know if I directly answered anything for you here... but I would troubleshoot by removing the spamhaus and ordb connection filters since it is unclear whether adding those is the cause of you getting these NDR's.  If you remove those and you stop getting the NDRs, then you can add them back to see if they are truly the cause.

Jeff
TechSoEasy
0
 

Author Comment

by:mikcanavan
ID: 17921285
Thanks Jeff

There was a lot to go through there... and it has taken a couple of weeks for things like the rDNS requests to go through, but we have learnt a great deal from just your post alone!!!

We are now able to send to Hotmail - and are no longer listed in any of dnsstuff's Spam database lookups.

I will try over the next week or so - adding the spamhaus and ordb connection filters again... and see if that is the cause.

Thanks again Jeff
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 17922540
There's no real need to add the spamhaus and ordb filters if you are using Exchange SP2 with the Intelligent Message Filter. That'll filter out just as much as using those blacklists without nearly as much effort by your server's resources.

Jeff
TechSoEasy
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This guide is intended to provide step by step instructions on how to migrate from Small Business Server 2003 to Small Business Server 2011. NOTE: This guide has been written using the preview version of SBS2011 therefore some of the screens may …
If you are a user of the discontinued Microsoft Office Accounting 2008 (MSOA) and have to move to a new computer running Windows 8, you will be unhappy to discover that it won't install.  In particular, Microsoft SQL Server 2005 Express Edition (SSE…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

679 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question