bLaM139
asked on
Exchange- certain emails are beeing denied, whats wrong? rDNS. connector?
Hello I am the tech at a small business that is running windows 2003 sb server with exchange 2003. I dont know a thing about exchange. We keep getting rejected emails from certain domains, especial the KR (korea) domain.
I called my isp and they said our IP did not have a reverse dns (PTR) and that they would create one. That was two days ago, I called yesterday and they said the record is inplace. We are still recieving the problem as you can see below in error#1.
error #2 is different it says we are blocked but if i look it up we are not on the black list. anyone know what is going on? i cannot figure this out and am getting yelled at on a daily basis! is it too early for PTR to be in effect? do i need to create a connecter? and every couple of days we get error #2 allot. please help!
ERROR 1
박 정은 on 11/1/2006 6:00 PM
You do not have permission to send to this recipient. For assistance, contact your system administrator.
<vitekcctv.com #5.7.1 smtp;550 5.7.1 <pilver@artnix.co.kr>... Access denied>
-------------------------- ---------- ---------- ---------- ---------- ---------- ---------- ---
ERROR 2
Brian Johnson on 11/1/2006 4:53 PM
There was a SMTP communication problem with the recipient's email server. Please contact your system administrator.
<vitekcctv.com #5.5.0 smtp;553 Bogus helo acssystems.net. <http://unblock.secureserver.net/?ip=70.232.210.:)>>
I called my isp and they said our IP did not have a reverse dns (PTR) and that they would create one. That was two days ago, I called yesterday and they said the record is inplace. We are still recieving the problem as you can see below in error#1.
error #2 is different it says we are blocked but if i look it up we are not on the black list. anyone know what is going on? i cannot figure this out and am getting yelled at on a daily basis! is it too early for PTR to be in effect? do i need to create a connecter? and every couple of days we get error #2 allot. please help!
ERROR 1
박 정은 on 11/1/2006 6:00 PM
You do not have permission to send to this recipient. For assistance, contact your system administrator.
<vitekcctv.com #5.7.1 smtp;550 5.7.1 <pilver@artnix.co.kr>... Access denied>
--------------------------
ERROR 2
Brian Johnson on 11/1/2006 4:53 PM
There was a SMTP communication problem with the recipient's email server. Please contact your system administrator.
<vitekcctv.com #5.5.0 smtp;553 Bogus helo acssystems.net. <http://unblock.secureserver.net/?ip=70.232.210.:)>>
ASKER
thanks for the help! i made that FQDN change and I am still getting the error #2 , i am going to send a test email to the korea domain right now.
error #2
Your message did not reach some or all of the intended recipients.
Subject: test 11-1-2006
Sent: 11/2/2006 10:12 AM
The following recipient(s) could not be reached:
brianj@acssystems.net on 11/2/2006 10:12 AM
There was a SMTP communication problem with the recipient's email server. Please contact your system administrator.
<vtserver.vitekcctv.com #5.5.0 smtp;553 Bogus helo acssystems.net. <http://unblock.secureserver.net/?ip=70.232.210.188>>
error #2
Your message did not reach some or all of the intended recipients.
Subject: test 11-1-2006
Sent: 11/2/2006 10:12 AM
The following recipient(s) could not be reached:
brianj@acssystems.net on 11/2/2006 10:12 AM
There was a SMTP communication problem with the recipient's email server. Please contact your system administrator.
<vtserver.vitekcctv.com #5.5.0 smtp;553 Bogus helo acssystems.net. <http://unblock.secureserver.net/?ip=70.232.210.188>>
Did you click on the link in the URL? You may have to go through their process to get unlisted, as I can see nothing else wrong with the domain.
Simon.
Simon.
ASKER
i just submited the request, and it gave me a phone number to call, i had the tech forward me the reason why we were being blocked.
Auto unblock
70.232.210.188 (vtserver.vitekcctv.com) not eligible for auto unblocking.
Bogus helo indicates that a system provided a falsified IP or name when attempting to send mail to our users. This usually indicates a virus infection, and is not valid at any time. The system will need to be cleaned of viruses and worms, and properly configured and secured before we will unblock.
Do not escalate unless contact indicates that the virus has been removed.
could the the false name or ip be a setting on the server or is it most likely a virus?
thanks very much for your help.
Danny
Auto unblock
70.232.210.188 (vtserver.vitekcctv.com) not eligible for auto unblocking.
Bogus helo indicates that a system provided a falsified IP or name when attempting to send mail to our users. This usually indicates a virus infection, and is not valid at any time. The system will need to be cleaned of viruses and worms, and properly configured and secured before we will unblock.
Do not escalate unless contact indicates that the virus has been removed.
could the the false name or ip be a setting on the server or is it most likely a virus?
thanks very much for your help.
Danny
ASKER
I did all of the above and I am still having problems..
I have no clue what is going on.
Your message did not reach some or all of the intended recipients.
Subject: FW: Shipping document (AIR)
Sent: 11/2/2006 5:40 PM
The following recipient(s) could not be reached:
pilver@artnix.co.kr on 11/2/2006 5:40 PM
You do not have permission to send to this recipient. For assistance, contact your system administrator.
<vtserver.vitekcctv.com #5.7.1 smtp;550 5.7.1 <pilver@artnix.co.kr>... Access denied>
I have no clue what is going on.
Your message did not reach some or all of the intended recipients.
Subject: FW: Shipping document (AIR)
Sent: 11/2/2006 5:40 PM
The following recipient(s) could not be reached:
pilver@artnix.co.kr on 11/2/2006 5:40 PM
You do not have permission to send to this recipient. For assistance, contact your system administrator.
<vtserver.vitekcctv.com #5.7.1 smtp;550 5.7.1 <pilver@artnix.co.kr>... Access denied>
They are blocking you. You will have to ask them why.
Simon.
Simon.
ASKER
mani have no clue what is going on... now we are getting more. I am going to try and contact artnix.co.kr to see if maybe they are blocking us. thanks simon.
The following recipient(s) could not be reached:
Eric Okerlund on 11/3/2006 8:48 AM
The e-mail account does not exist at the organization this message was sent to. Check the e-mail address, or contact the recipient directly to find out the correct address.The MTS-ID of the original message is:c=US;a= ;p=SISCO;l=LDILAMAIL03-061 103164817Z -442454
<smtp2la.stewart.com #5.1.1>
that is the correct email...
The following recipient(s) could not be reached:
Eric Okerlund on 11/3/2006 8:48 AM
The e-mail account does not exist at the organization this message was sent to. Check the e-mail address, or contact the recipient directly to find out the correct address.The MTS-ID of the original message is:c=US;a= ;p=SISCO;l=LDILAMAIL03-061
<smtp2la.stewart.com #5.1.1>
that is the correct email...
ASKER
http://www.ordb.org/faq/#why_rejected
Your message did not reach some or all of the intended recipients.
Subject: RE: PAgo VTK030
Sent: 11/3/2006 1:37 PM
The following recipient(s) could not be reached:
Saúl Arzaga on 11/3/2006 1:37 PM
You do not have permission to send to this recipient. For assistance, contact your system administrator.
<vtserver.vitekcctv.com #5.7.1 smtp;550 5.7.1 Email rejected due to sending server misconfiguration - see http://www.ordb.org/faq/#why_rejected>
Your message did not reach some or all of the intended recipients.
Subject: RE: PAgo VTK030
Sent: 11/3/2006 1:37 PM
The following recipient(s) could not be reached:
Saúl Arzaga on 11/3/2006 1:37 PM
You do not have permission to send to this recipient. For assistance, contact your system administrator.
<vtserver.vitekcctv.com #5.7.1 smtp;550 5.7.1 Email rejected due to sending server misconfiguration - see http://www.ordb.org/faq/#why_rejected>
ASKER
i have a feeling there are many things wrong with this server, and I am being extremely pressured to fic them all at once. they know i know shit about exchange.
Ah.
You have a problem.
http://www.robtex.com/rbls/70.232.210.188.html
While it appears that you are listed in three blacklists, they are all referencing the same one - CBL.
http://cbl.abuseat.org/lookup.cgi?ip=70.232.210.188&.submit=Lookup
SBS 2003 is relay secure out of the box, but if you have made changes to it, then there is chance that you have turned it in to an open relay
This article on my web site shows how to test, and the most common places where open relay is set. http://www.amset.info/exchange/smtp-openrelay.asp
Simon.
You have a problem.
http://www.robtex.com/rbls/70.232.210.188.html
While it appears that you are listed in three blacklists, they are all referencing the same one - CBL.
http://cbl.abuseat.org/lookup.cgi?ip=70.232.210.188&.submit=Lookup
SBS 2003 is relay secure out of the box, but if you have made changes to it, then there is chance that you have turned it in to an open relay
This article on my web site shows how to test, and the most common places where open relay is set. http://www.amset.info/exchange/smtp-openrelay.asp
Simon.
ASKER
ithink our server is infeceted with a worm, which is why we keep getting black listed. i followed your steps on that link on how to close the open relay, the only thing i had to do was remove some ip's from the list u said should be empty.. ip. 127.0.0.1 10.0.0.1 and ther servs ip itself.. i removed those. but those have always been there and we have never had this many problems. the last 3 days we are getting all kinds of rejected emails that we never had before. it could be a worm
symantec detected the netsky worm last night and it wasremoved. maybe we our massivly infected
symantec detected the netsky worm last night and it wasremoved. maybe we our massivly infected
ASKER
now i cant ever email my hot mail...
Your message did not reach some or all of the intended recipients.
Subject: test
Sent: 11/3/2006 3:44 PM
The following recipient(s) could not be reached:
compkaze@hotmail.com on 11/3/2006 3:44 PM
There was a SMTP communication problem with the recipient's email server. Please contact your system administrator.
<vtserver.vitekcctv.com #5.5.0 smtp;550 Command rejected for policy reasons. For troubleshooting information, go to http://postmaster.msn.com>
i think i am doing more bad then good
Your message did not reach some or all of the intended recipients.
Subject: test
Sent: 11/3/2006 3:44 PM
The following recipient(s) could not be reached:
compkaze@hotmail.com on 11/3/2006 3:44 PM
There was a SMTP communication problem with the recipient's email server. Please contact your system administrator.
<vtserver.vitekcctv.com #5.5.0 smtp;550 Command rejected for policy reasons. For troubleshooting information, go to http://postmaster.msn.com>
i think i am doing more bad then good
ASKER
i need some help.. i am willing to compensate..
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
It is is announcing itself as vitekcctv.com when it should be vtserver.vitekcctv.com
Go in to ESM, Servers, <your server>, protocols, SMTP. Right click on the SMTP VS and choose Properties. Click on the tab Delivery and then Advanced. In the box labelled FQDN, change the entry to vtserver.vitekcctv.com. Don't bother with check dns, just apply/ok out.
Simon.