Solved

Emails (through Exchange) to certain domains getting blocked as spam #5.5.0 smtp;554 Transaction Failed. Spam Message not queued.>

Posted on 2008-06-24
12
793 Views
Last Modified: 2008-07-15
I have a client who goes through this every couple of weeks.  Certain domains will get email bounced back as spam.  Here's a copy of the bounce message:

From: System Administrator
Sent: Tuesday, June 24, 2008 11:04 AM
To: Brian
Subject: Undeliverable: Latest Requirements Doc
Your message did not reach some or all of the intended recipients.
      Subject:  Latest Requirements Doc
      Sent:     6/24/2008 11:04 AM
The following recipient(s) cannot be reached:
      lastname, firstname on 6/24/2008 11:04 AM
            There was a SMTP communication problem with the recipient's email server.  Please contact your system administrator.
            <branch.domainname.com #5.5.0 smtp;554 Transaction Failed. Spam Message not queued.>

I had a problem in the past with my PTR record pointing to the ISP instead of the actual exchange server...but when I fixed it, I added a PTR to two places...just in case.  

Reverse MX A records (PTR) Your reverse (PTR) record:
xxx.xxx.xxx.xxx.in-addr.arpa ->  branch.domainname.com
xxx.xxx.xxx.xxx.in-addr.arpa ->  domainname.com

the DNS pointer to the exchange server goes to what I am calling branch.domainname.com (for security reasons...not using actual domain names or ip's)
but their email addresses are username@domainname.com

HERE'S MY QUESTION:

A. Is the PTR record supposed to point to the domain name or the DNS pointer that the email is coming from?
B. Could this be causing the above error code when emailing certain domains?

Thanks in advance...please skip the guesswork and only answer if you know!
0
Comment
Question by:authen-tech
  • 4
  • 4
  • 4
12 Comments
 
LVL 36

Assisted Solution

by:grblades
grblades earned 250 total points
ID: 21856854
You should only have a single PTR record for the IP address.
The PTR record will have to be assigned against the external IP address of the mail server and therefore will have to be done by the ISP who provides your service or through a web interface that they provide.
The reverse DNS should point to the same hostname that the mail server advertises in the HELO/EHLO command.
0
 
LVL 1

Assisted Solution

by:Hallidays
Hallidays earned 250 total points
ID: 21856863
We have had the same problem only ours was to do with Reverse DNS Authentication checks and it was actually the .in-addr.arpa at the end of the PTR causing the problem, we had this removed and everthing was ok.

Your PTR should point to the server that the mail is sent from ie

server.internaldom.externaldom.com/co.uk etc

And yes - Not having it setup correct can cause your problems.

0
 
LVL 1

Expert Comment

by:Hallidays
ID: 21856920
Put your mailserver IP (external) in the "IP INFORMATION" box on the left hand side

http://www.dnsstuff.com/

You should get

IP address:                    xxx.xxx.xxx.xxx
Reverse DNS:                    server.internaldom.externaldom.co.uk.
Reverse DNS authenticity:       [Verified]

0
Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

 
LVL 1

Expert Comment

by:Hallidays
ID: 21856934
It is the authenticity that is the major here, if you are not verified some domain will not accept email - its a right pain.
0
 
LVL 9

Author Comment

by:authen-tech
ID: 21857489
Ok, I contacted the ISP and asked them to remove the PTR to the main domain.com name.  That should leave only the internal.domain.com which is also the HELO and DNS pointer to the mail server.  

Hopefully that will fix it!  Thanks for your help and I will let you know and award points after it checks out.
0
 
LVL 9

Author Comment

by:authen-tech
ID: 21875825
Same problem exists.  I had the ptr record that pointed to domain.com removed and I am still having the same problem.  Does that mean that I was advised to remove the wrong one or is it caused by something else?

To: Brian
Subject: Undeliverable: Latest Requirements Doc
Your message did not reach some or all of the intended recipients.
      Subject:  Latest Requirements Doc
      Sent:     6/24/2008 11:04 AM
The following recipient(s) cannot be reached:
      lastname, firstname on 6/24/2008 11:04 AM
            There was a SMTP communication problem with the recipient's email server.  Please contact your system administrator.
            <branch.domainname.com #5.5.0 smtp;554 Transaction Failed. Spam Message not queued.>
0
 
LVL 36

Expert Comment

by:grblades
ID: 21876706
There are many reasony why a mail could be classed as spam.

In my profile there is a test@ email address listed. If you want to send a test email there and post here as soon as it is sent I will post the headers and let you know my spam filters findings.
0
 
LVL 36

Expert Comment

by:grblades
ID: 21881629
Your email was perfectly fine. DNS and reverse DNS was all correct and spamassassin didnt find any problems with the content.

You could implement SPF (http://www.openspf.org) and register yourself with DNSWL (http://www.dnswl.org) which will help.
0
 
LVL 1

Expert Comment

by:Hallidays
ID: 21882191
Did you try what i posted above on DNS stuff to check if authentication is working?
0
 
LVL 36

Expert Comment

by:grblades
ID: 21882221
I did that when I saw the IP address of the server in the headers of the email. It did come back as verified.
0
 
LVL 9

Author Comment

by:authen-tech
ID: 21882992
Yes I did do that and it even came back as verified when it was wrong... ??

I am going to contact the domain that is blocking us (the main one that we test against) and see if they can shine any light on the subject.  I appreciate all your help guys.  Thanks for checking on that grblades.  I will let you know if I find anything...
0
 
LVL 9

Accepted Solution

by:
authen-tech earned 0 total points
ID: 21945636
Ok, the PTR records are now correct and that was a biggie.  I found that the domain in question WAS spamming and was on a black list found at trustedsource.org as well as another one.  I appreciate all the help as I am confident my setup is correct and not causing any issues.  Thanks again!
0

Featured Post

The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Follow this checklist to learn more about the 15 things you should never include in an email signature from personal quotes, animated gifs and out-of-date marketing content.
Learn to move / copy / export exchange contacts to iPhone without using any software. Also see the issues in configuration of exchange with iPhone to migrate contacts.
In this video we show how to create a Shared Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Sha…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question