Solved

Apparently our IP address is on the Symantec Brightmail list and our email to some senders is being blocked

Posted on 2006-11-08
5
1,197 Views
Last Modified: 2007-12-19
Hi,

Last week, emails from our server to Hotmail were being returned with a message "Error 550 - Command rejected for Policy Reasons".  We contacted MSN and were advised that we were on the Symantec Brightmail List.  

Investigation of our exchange server suggested that we had been subject to a NDR attack, as we had lots of messages in our queue from a postmaster account.  We have now dealt with these issues and the queues on the server appear to be normal at present.

However, I need to know how we get off this list.  I have tried emailing investigation@review.symantec.com , as suggested by MSN, but haven't received any reply.  Does anybody else have any suggestions as to what to do?

All suggestions would be gratefully received.

Many Thanks

0
Comment
Question by:baileytibbs
5 Comments
 
LVL 9

Accepted Solution

by:
MCPJoe earned 168 total points
ID: 17901495
Have you checked dnsstuff.com to run an RBL check to see which RBLs your on?  You might be on more than just the symantec list.  The various lists have different policies on removal.  Some of them make it extremely difficult to get off, even if your not a spammer.
0
 
LVL 3

Assisted Solution

by:rstovall
rstovall earned 166 total points
ID: 17901496
OOPS!  One thing is not sending out NDR's if you'd like .. which can be bad policy, but not necessarily, it isn't as widely done in the present as it was in the past...

I would definitely recommend a spam solution that can determine NDR attacks and not send them back out .. Ironport on the high-end solution, or Astaro makes a nice solution for small networks, or .. you can purchase a solution like MailMarshal or IMSS to go on a windows box

moving forward is the email that you ahve sent to investigation@review .. explain that it is critical to your business, and have effected changes to avoid this attack in the future .. good luck with that one, and I would be holding my breath on a reply any time in hte near future ..
0
 
LVL 104

Assisted Solution

by:Sembee
Sembee earned 166 total points
ID: 17901612
If you are on Exchange 2003 you do not need to purchase anything to deal with NDR attacks, Exchange 2003 can do that on its own.

For older versions of Exchange you will need something to deal with the NDRs - GFI Mail Essentials or Vamsoft ORF can both deal with it.

Simon.
0

Featured Post

[Webinar] Disaster Recovery and Cloud Management

Learn from Unigma and CloudBerry industry veterans which providers are best for certain use cases and how to lower cloud costs, how to grow your Managed Services practice in IaaS clouds, and how to utilize public cloud for Disaster Recovery

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Lotus Notes – formerly IBM Notes – is an email client application, while IBM Domino (earlier Lotus Domino) is an email server. The client possesses a set of features that are even more advanced as compared to that of Outlook. Likewise, IBM Domino is…
This article explains in simple steps how to renew expiring Exchange Server Internal Transport Certificate.
In this video we show how to create a Distribution Group in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >>…
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now