Solved

Emails (through Exchange) to certain domains getting blocked as spam #5.5.0 smtp;554 Transaction Failed. Spam Message not queued.>

Posted on 2008-06-24
12
829 Views
Last Modified: 2008-07-15
I have a client who goes through this every couple of weeks.  Certain domains will get email bounced back as spam.  Here's a copy of the bounce message:

From: System Administrator
Sent: Tuesday, June 24, 2008 11:04 AM
To: Brian
Subject: Undeliverable: Latest Requirements Doc
Your message did not reach some or all of the intended recipients.
      Subject:  Latest Requirements Doc
      Sent:     6/24/2008 11:04 AM
The following recipient(s) cannot be reached:
      lastname, firstname on 6/24/2008 11:04 AM
            There was a SMTP communication problem with the recipient's email server.  Please contact your system administrator.
            <branch.domainname.com #5.5.0 smtp;554 Transaction Failed. Spam Message not queued.>

I had a problem in the past with my PTR record pointing to the ISP instead of the actual exchange server...but when I fixed it, I added a PTR to two places...just in case.  

Reverse MX A records (PTR) Your reverse (PTR) record:
xxx.xxx.xxx.xxx.in-addr.arpa ->  branch.domainname.com
xxx.xxx.xxx.xxx.in-addr.arpa ->  domainname.com

the DNS pointer to the exchange server goes to what I am calling branch.domainname.com (for security reasons...not using actual domain names or ip's)
but their email addresses are username@domainname.com

HERE'S MY QUESTION:

A. Is the PTR record supposed to point to the domain name or the DNS pointer that the email is coming from?
B. Could this be causing the above error code when emailing certain domains?

Thanks in advance...please skip the guesswork and only answer if you know!
0
Comment
Question by:authen-tech
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
  • 4
12 Comments
 
LVL 36

Assisted Solution

by:grblades
grblades earned 250 total points
ID: 21856854
You should only have a single PTR record for the IP address.
The PTR record will have to be assigned against the external IP address of the mail server and therefore will have to be done by the ISP who provides your service or through a web interface that they provide.
The reverse DNS should point to the same hostname that the mail server advertises in the HELO/EHLO command.
0
 
LVL 1

Assisted Solution

by:Hallidays
Hallidays earned 250 total points
ID: 21856863
We have had the same problem only ours was to do with Reverse DNS Authentication checks and it was actually the .in-addr.arpa at the end of the PTR causing the problem, we had this removed and everthing was ok.

Your PTR should point to the server that the mail is sent from ie

server.internaldom.externaldom.com/co.uk etc

And yes - Not having it setup correct can cause your problems.

0
 
LVL 1

Expert Comment

by:Hallidays
ID: 21856920
Put your mailserver IP (external) in the "IP INFORMATION" box on the left hand side

http://www.dnsstuff.com/

You should get

IP address:                    xxx.xxx.xxx.xxx
Reverse DNS:                    server.internaldom.externaldom.co.uk.
Reverse DNS authenticity:       [Verified]

0
Comparison of Amazon Drive, Google Drive, OneDrive

What is Best for Backup: Amazon Drive, Google Drive or MS OneDrive? In this free whitepaper we look at their performance, pricing, and platform availability to help you decide which cloud drive is right for your situation. Download and read the results of our testing for free!

 
LVL 1

Expert Comment

by:Hallidays
ID: 21856934
It is the authenticity that is the major here, if you are not verified some domain will not accept email - its a right pain.
0
 
LVL 9

Author Comment

by:authen-tech
ID: 21857489
Ok, I contacted the ISP and asked them to remove the PTR to the main domain.com name.  That should leave only the internal.domain.com which is also the HELO and DNS pointer to the mail server.  

Hopefully that will fix it!  Thanks for your help and I will let you know and award points after it checks out.
0
 
LVL 9

Author Comment

by:authen-tech
ID: 21875825
Same problem exists.  I had the ptr record that pointed to domain.com removed and I am still having the same problem.  Does that mean that I was advised to remove the wrong one or is it caused by something else?

To: Brian
Subject: Undeliverable: Latest Requirements Doc
Your message did not reach some or all of the intended recipients.
      Subject:  Latest Requirements Doc
      Sent:     6/24/2008 11:04 AM
The following recipient(s) cannot be reached:
      lastname, firstname on 6/24/2008 11:04 AM
            There was a SMTP communication problem with the recipient's email server.  Please contact your system administrator.
            <branch.domainname.com #5.5.0 smtp;554 Transaction Failed. Spam Message not queued.>
0
 
LVL 36

Expert Comment

by:grblades
ID: 21876706
There are many reasony why a mail could be classed as spam.

In my profile there is a test@ email address listed. If you want to send a test email there and post here as soon as it is sent I will post the headers and let you know my spam filters findings.
0
 
LVL 36

Expert Comment

by:grblades
ID: 21881629
Your email was perfectly fine. DNS and reverse DNS was all correct and spamassassin didnt find any problems with the content.

You could implement SPF (http://www.openspf.org) and register yourself with DNSWL (http://www.dnswl.org) which will help.
0
 
LVL 1

Expert Comment

by:Hallidays
ID: 21882191
Did you try what i posted above on DNS stuff to check if authentication is working?
0
 
LVL 36

Expert Comment

by:grblades
ID: 21882221
I did that when I saw the IP address of the server in the headers of the email. It did come back as verified.
0
 
LVL 9

Author Comment

by:authen-tech
ID: 21882992
Yes I did do that and it even came back as verified when it was wrong... ??

I am going to contact the domain that is blocking us (the main one that we test against) and see if they can shine any light on the subject.  I appreciate all your help guys.  Thanks for checking on that grblades.  I will let you know if I find anything...
0
 
LVL 9

Accepted Solution

by:
authen-tech earned 0 total points
ID: 21945636
Ok, the PTR records are now correct and that was a biggie.  I found that the domain in question WAS spamming and was on a black list found at trustedsource.org as well as another one.  I appreciate all the help as I am confident my setup is correct and not causing any issues.  Thanks again!
0

Featured Post

Enroll in June's Course of the Month

June's Course of the Month is now available! Every 10 seconds, a consumer gets hit with ransomware. Refresh your knowledge of ransomware best practices by enrolling in this month's complimentary course for Premium Members, Team Accounts, and Qualified Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article will help to fix the below error for MS Exchange server 2010 I. Out Of office not working II. Certificate error "name on the security certificate is invalid or does not match the name of the site" III. Make Internal URLs and External…
This article outlines some of the reasons why an email message gets flagged as spam on a recipient's end.
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

717 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question