Solved

Apparently our IP address is on the Symantec Brightmail list and our email to some senders is being blocked

Posted on 2006-11-08
5
1,192 Views
Last Modified: 2007-12-19
Hi,

Last week, emails from our server to Hotmail were being returned with a message "Error 550 - Command rejected for Policy Reasons".  We contacted MSN and were advised that we were on the Symantec Brightmail List.  

Investigation of our exchange server suggested that we had been subject to a NDR attack, as we had lots of messages in our queue from a postmaster account.  We have now dealt with these issues and the queues on the server appear to be normal at present.

However, I need to know how we get off this list.  I have tried emailing investigation@review.symantec.com , as suggested by MSN, but haven't received any reply.  Does anybody else have any suggestions as to what to do?

All suggestions would be gratefully received.

Many Thanks

0
Comment
Question by:baileytibbs
5 Comments
 
LVL 9

Accepted Solution

by:
MCPJoe earned 168 total points
Comment Utility
Have you checked dnsstuff.com to run an RBL check to see which RBLs your on?  You might be on more than just the symantec list.  The various lists have different policies on removal.  Some of them make it extremely difficult to get off, even if your not a spammer.
0
 
LVL 3

Assisted Solution

by:rstovall
rstovall earned 166 total points
Comment Utility
OOPS!  One thing is not sending out NDR's if you'd like .. which can be bad policy, but not necessarily, it isn't as widely done in the present as it was in the past...

I would definitely recommend a spam solution that can determine NDR attacks and not send them back out .. Ironport on the high-end solution, or Astaro makes a nice solution for small networks, or .. you can purchase a solution like MailMarshal or IMSS to go on a windows box

moving forward is the email that you ahve sent to investigation@review .. explain that it is critical to your business, and have effected changes to avoid this attack in the future .. good luck with that one, and I would be holding my breath on a reply any time in hte near future ..
0
 
LVL 104

Assisted Solution

by:Sembee
Sembee earned 166 total points
Comment Utility
If you are on Exchange 2003 you do not need to purchase anything to deal with NDR attacks, Exchange 2003 can do that on its own.

For older versions of Exchange you will need something to deal with the NDRs - GFI Mail Essentials or Vamsoft ORF can both deal with it.

Simon.
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

Marketers need statistics and metrics like everybody else needs oxygen. In this article we explain how to enable marketing campaign statistics for Microsoft Exchange mail.
This article explains in simple steps how to renew expiring Exchange Server Internal Transport Certificate.
In this video we show how to create a Distribution Group in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >>…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now