Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 5146
  • Last Modified:

How do I prevent ATT from blocking email from my Microsft Exchange Server?

I cannot send email messages to my client who has a prodigy.net address.  I get the following message after sending the email:  Your message did not reach some or all of the intended recipients.

      Subject:      Test Message
      Sent:      6/23/2008 2:39 PM

The following recipient(s) could not be reached:

      Tony Miranda on 6/23/2008 2:38 PM
            The message cannot be delivered due to a configuration error on the server. Please contact your Administrator.
            <graystone.pro #5.3.0 smtp;553 5.3.0 flpi132 - m5NJbuog007705, DNSBL:521< 68.16.219.193 >_is_blocked.__For_information_see_http://att.net/blocks>

I am using Outlook 2003 and Microsoft Small Business Server 2003.  My ISP is ATT.  Our domain graystone.pro is hosted by 1&1.  I connect to the POP3 accounts there and route them through Exchange.
Exchange-Server-Settings.bmp
Exchange-Server-Settings-2.bmp
0
graystoneengineering
Asked:
graystoneengineering
  • 5
  • 3
  • 2
1 Solution
 
NoLimit99RBSCommented:
It appears your server may be on ATT's blocked domain list.

Go here and fill out this form to get it removed: http://worldnet.att.net/general-info/bls_info/block_admin.html

It usually takes a couple of days.
0
 
graystoneengineeringAuthor Commented:
I filled out that form last week, but still have the issue.  I didn't know what to fill in for "What changes have you made to your configuration since you have been blocked."  I don't know what changes to make.
0
 
NoLimit99RBSCommented:
Did they send you a reply?

Usually you get added if spam or spam like behavior is coming from your server, so they want to know what you did to remedy the problem. However, they also add servers erroneously too, just make sure SMTP isnt coming from your network except from the mail server itself.
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

 
graystoneengineeringAuthor Commented:
They have not responded.  How do I "make sure SMTP isnt coming from your network except from the mail server itself?"
0
 
Chris DentPowerShell DeveloperCommented:

> make sure SMTP isnt coming from your network except from the mail server itself?

You'd normally lock down Outbound SMTP requests (Port 25, TCP) on your Firewall so they could only come from servers you authorise.

You should check a few other things as well:

1. What name does your server use to create SMTP Connections?

You can find that under Exchange System Manager \ Administrative Groups \ Your Administrative Group \ Servers \ GEServer \ Protocols \ SMTP. Open up the Properties for the Virtual SMTP Server, select Advanced then Delivery (if I remember correctly) and check the FQDN specified there.

The name used should be public and match the Reverse Lookup Record in place for your server.

2. Check the Reverse Lookup Record

When your server sends out it will do so from a specific IP Address. That can be the IP Address of your Firewall, or another Public IP if you use NAT.

That IP Address should have a Reverse Lookup (Pointer / PTR) Record configured so that the IP maps back to the name of your mail server.

Missing Reverse Lookup is, by far, the most common reason for message rejections.

HTH

Chris
0
 
graystoneengineeringAuthor Commented:
Chris,

Thanks for the help.  You said, "That IP Address should have a Reverse Lookup (Pointer / PTR) Record configured so that the IP maps back to the name of your mail server."  How do I check this?  I'm sending screen shots of my SMTP configuration.
GESERVER-Advanced-Delivery.bmp
GESERVER-Configure-External-DNS-.bmp
GESERVER-Default-SMPT-VIrtual-Se.bmp
GESERVER-SMTP-Domain-Name-Check.bmp
0
 
Chris DentPowerShell DeveloperCommented:

Hey,

In there you see you have a "graystone.pro" name. That means when your server connects to others it tells them that's its name.

The system you're connecting to performs the Reverse Lookup check to see if your server looks like a real server and not something on a broadband connection somewhere. It expects the name in the SMTP greeting to match the response from the Reverse Lookup.

The solution is to do the following:

1. Create a Host Record for your Mail Server in your Public Domain (assuming you don't have one already as part of an MX Record). e.g. mail.yourdomain.com

2. Change the FQDN above to match the public name. e.g. mail.yourdomain.com

3. Request that your ISP add a PTR Record mapping your Public IP Address to the Name used. e.g. 15.14.13.12.in-addr.arpa  PTR  mail.yourdomain.com. for an IP of 12.13.14.15.

Chris
0
 
graystoneengineeringAuthor Commented:
Thanks for the help.  I contacted my domain host, 1&1, and found out that I need a dedicated server package to do this.    We currently have a shared server package.  I've been thinking about ditching Exchange for some time now.  We only have 3 employees and Exchange has been a hassle all along.  I like the shared folders and contacts, but don't think it's worth it anymore especially if we're going to get our email blocked!
0
 
graystoneengineeringAuthor Commented:
If  create an SMTP connector to my domain host, will this solve my problem?
0
 
Chris DentPowerShell DeveloperCommented:

Potentially, yes. If they have an SMTP service you can relay though it would get around the need for local configuration.

Chris
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

  • 5
  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now