Problem sending to hotmail - "Command rejected for policy reasons"

Hi - this is a bit of a big question / couple rolled into one!

We recently placed the spamhaus and ordb connection filters into exchange within our SBS 2003 server. We also support numerous other SBS 2003 servers which we were going to roll out the same settings to. After setting up ours, and one of our customers - we hit our first problem.... WE HAD BEEN BLACKLISTED!
As our server is on the same network as our workshop (where we repair domestic pc's etc) we believe that we were on the CBL for this reason (viruses/spambots). We have now managed to remove ourselves, but would like to stop this happening again. Any suggestions?

As for the second part of my question, which I believe is related to the first - we are unable to send to hotmail:

|The following recipient(s) could not be reached:
| on 25/10/2006 09:39
|  There was a SMTP communication problem with the recipient's email server. Please contact your system administrator.
|  < #5.5.0 smtp;550 Command rejected for policy reasons.>

I have checked using with the SPAM database lookup and we are now clean - BUT we were on 3 lists (all running from the CBL list) 24 hours ago.

I didn't know if I should list my IP or my domain name - but if it helps, let me know

This is quite an urgent one - as we need to resume normal communications - so I have allocated 500 points
Who is Participating?

Improve company productivity with a Business Account.Sign Up

Jeffrey Kane - TechSoEasyConnect With a Mentor Principal ConsultantCommented:
FYI, you are technically violating EE rules by putting more than one question into a post.  I won't edit that out this time, but please refrain from the practice in the future because it otherwise doesn't make it very easy for folks to search from the database of PAQs. (Previously Answered Questions)...

The NDR error message may be related to being blacklisted... however asking how to avoid blacklisting is certainly a separate question.

If you really were blacklisted, and you think it may have been caused by having computers you repair connected to the network... then you need to not connect a computer that you suspect MAY have a virus (ie, any computer you are repairing) to the network/Internet until you have turned it on and verified that there is no virus.  Becuse otherwise you are being blacklisted for very good reason.

However, I wonder if you really WERE blacklisted?  According to, you have THREE MX records... (assuming your domain is  Two of which are from 1and1, which are still blacklisted.  You should remove those unless you are using them as a backup mailserver, which I wouldn't recommend.

You can then run the diagnostic at to see that your server is running just fine... however your Reverse DNS has not been modified to match your domain name.  This generally doesn't cause a problem, but some larger mail servers don't like it.  (I've never heard of a problem with Hotmail, though).  You can contact your ISP (ZEN Internet) to have them modify the reverse DNS.  Another view of your settings is here:

I'd also note that while I was reviewing your settings, I checked your server's SSL certificate which was not created with the appropriate name.  When you run the Configure Email and Internet Connection Wizard (CEICW -- which is linked as Connect to the Internet in the Server Management Console > Internet and Email) you should put "" in as the FQDN of your server (even if your server has a different host name, your certificate needs to match what is listed as your HOST A record in your 1and1 DNS zone file).  Rerun the CEICW to change this.

A visual how-to is here: and a full networking overview for SBS is at

Within that wizard you'll see a "more information" button on each screen that has invaluable help in deciding which options to select.  
Be sure to check those out as well.

I don't know if I directly answered anything for you here... but I would troubleshoot by removing the spamhaus and ordb connection filters since it is unclear whether adding those is the cause of you getting these NDR's.  If you remove those and you stop getting the NDRs, then you can add them back to see if they are truly the cause.

Hi mikcanavan,

do you have reverse dns?
make sure you aren't on the blacklistst anymore and make sure that your server ain't an open relay

mikcanavanAuthor Commented:
Thanks Jeff

There was a lot to go through there... and it has taken a couple of weeks for things like the rDNS requests to go through, but we have learnt a great deal from just your post alone!!!

We are now able to send to Hotmail - and are no longer listed in any of dnsstuff's Spam database lookups.

I will try over the next week or so - adding the spamhaus and ordb connection filters again... and see if that is the cause.

Thanks again Jeff
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
There's no real need to add the spamhaus and ordb filters if you are using Exchange SP2 with the Intelligent Message Filter. That'll filter out just as much as using those blacklists without nearly as much effort by your server's resources.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.