?
Solved

Apparently our IP address is on the Symantec Brightmail list and our email to some senders is being blocked

Posted on 2006-11-08
5
Medium Priority
?
1,236 Views
Last Modified: 2007-12-19
Hi,

Last week, emails from our server to Hotmail were being returned with a message "Error 550 - Command rejected for Policy Reasons".  We contacted MSN and were advised that we were on the Symantec Brightmail List.  

Investigation of our exchange server suggested that we had been subject to a NDR attack, as we had lots of messages in our queue from a postmaster account.  We have now dealt with these issues and the queues on the server appear to be normal at present.

However, I need to know how we get off this list.  I have tried emailing investigation@review.symantec.com , as suggested by MSN, but haven't received any reply.  Does anybody else have any suggestions as to what to do?

All suggestions would be gratefully received.

Many Thanks

0
Comment
Question by:baileytibbs
3 Comments
 
LVL 9

Accepted Solution

by:
MCPJoe earned 672 total points
ID: 17901495
Have you checked dnsstuff.com to run an RBL check to see which RBLs your on?  You might be on more than just the symantec list.  The various lists have different policies on removal.  Some of them make it extremely difficult to get off, even if your not a spammer.
0
 
LVL 3

Assisted Solution

by:rstovall
rstovall earned 664 total points
ID: 17901496
OOPS!  One thing is not sending out NDR's if you'd like .. which can be bad policy, but not necessarily, it isn't as widely done in the present as it was in the past...

I would definitely recommend a spam solution that can determine NDR attacks and not send them back out .. Ironport on the high-end solution, or Astaro makes a nice solution for small networks, or .. you can purchase a solution like MailMarshal or IMSS to go on a windows box

moving forward is the email that you ahve sent to investigation@review .. explain that it is critical to your business, and have effected changes to avoid this attack in the future .. good luck with that one, and I would be holding my breath on a reply any time in hte near future ..
0
 
LVL 104

Assisted Solution

by:Sembee
Sembee earned 664 total points
ID: 17901612
If you are on Exchange 2003 you do not need to purchase anything to deal with NDR attacks, Exchange 2003 can do that on its own.

For older versions of Exchange you will need something to deal with the NDRs - GFI Mail Essentials or Vamsoft ORF can both deal with it.

Simon.
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The main intent of this article is to make you aware of ‘Exchange fail to mount’ error, its effects, causes, and solution.
Steps to fix “Unable to mount database. (hr=0x80004005, ec=1108)”.
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…
Suggested Courses
Course of the Month15 days, 12 hours left to enroll

850 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question