Email rejected by many organization (SPAM) after changing my DNS server for my domain name.

Hi !

Yesturday, I had changed my public DNS servers for my domain name from
ns1-no-ip.com to ns1.yourhostdns.com
ns2-no-ip.com to ns2.yourhostdns.com
for testing purpose

Then I changed them back to no-ip within 24hours.

This morning mostly all email getting out of my exchange organisation are rejected from many organization (like hotmail, yahoo, private servers) because of spam.

How can I fix that. I did not had this problem before changing my DNS but anyway they are back to the original config.


someoneemail@hotmail.com
bay0-mc4-f13.bay0.hotmail.com #550 OU-001 Mail rejected by Windows Live Hotmail for policy reasons. Reasons for rejection may be related to content with spam-like characteristics or IP/domain reputation problems. If you are not an email/network admin please contact your E-mail/Internet Service Provider for help. Email/network admins, please visit http://postmaster.live.com for email delivery information and support ##
 
and 
 
someoneemail@remax-ducartier.qc.ca
osci.qc.ca #591 someoneemail@remax-ducartier.qc.ca your host [69.70.158.xxx] is blacklisted by sbl-xbl.spamhaus.org. Veuillez envoyer vos question a blacklist-admin@osci.qc.ca ##

Open in new window

martinlebelAsked:
Who is Participating?
 
nappy_dConnect With a Mentor There are a 1000 ways to skin the technology cat.Commented:
go here and do a blacklist search for your IP.  Does it appear on any of the lists?  http://www.mxtoolbox.com/blacklists.aspx?AG=GBL&gclid=CNjz96ryz5gCFRFWagod7TG92A

if it does appear here what is the policy reason that it appears.


0
 
martinlebelAuthor Commented:
it does appear
0
 
nappy_dThere are a 1000 ways to skin the technology cat.Commented:
What is the error message that is reported back to you?
0
Improved Protection from Phishing Attacks

WatchGuard DNSWatch reduces malware infections by detecting and blocking malicious DNS requests, improving your ability to protect employees from phishing attacks. Learn more about our newest service included in Total Security Suite today!

 
SurajCommented:

Ok .. here you have a small confusion.......
Mx and other things are used for receiving email and has nothng to do with sending Mails Out...
I guess you are getting Blackilsted ..and that too by spamhaus..
Check if your server is Open for relay....
i guess it would be....

Is this Exchange 2003 or 2007 ?
0
 
SurajCommented:
to check if the server is open for relay.
 --> Go to properties of Default smtp virtual server ->access tab--> relay
you should have the first option selected there. "Only the list Below"
and there should be nothng Listed below...
0
 
nappy_dThere are a 1000 ways to skin the technology cat.Commented:
Yeah but what is the reason he is blacklisted.  I bet any money his PTR record is not setup or setup properly.  I would also look at creating an SPF record.
0
 
SurajCommented:
I agree that some domains require PTR Record to receive emails [IT should be there as per MS recomendation].. BUT if you dont have PTR .. it will never be a reason for Blacklisting...
its setting on the exchange server coz of which exchagne server is sending out spams
SPAM HAUS is a RBL... and it only Blocks iffff it finds some one spamming Out...
so we have to work on that....
0
 
martinlebelAuthor Commented:
This is not a new setup here. Exchange Server 2007 is in production since 10 month now and was working perfectly.

I guess two things could have happen here: 1. I got a virus that was sending a lot of spam email during the week-end. or 2. Because I "played" in my DNS records.
0
 
nappy_dThere are a 1000 ways to skin the technology cat.Commented:
What is the error that is reported from the mx lookup? Click on it, it will take you to the black list.
0
 
SurajCommented:
Yups.. thats what i said....

it could be a virus spamming Out.. Or... your server is Open for relay........
please check what i had asked you to.. earlier and let me know...
i will tell u how to stop Spams........
0
 
martinlebelAuthor Commented:
I have blocked port 25 from inside to outside on my network (except for my exchange server)

My Exchange Server 2007 server has a "send connector" that "use domain name system (DNS) "MX" records to route mail automatically" and "use the external DNS Lookup settings on the transport server"

I can receive all email so I guess my MX records are okay.

On MXtoolbox.com I am blacklisted on 3 servers (CBL, DNSBLNETAUT1, Spamhaus-ZEN) with error code 127.0.0.2


0
 
SurajCommented:
I understand.. that... and thats what i said... MX is for receiving mail... and its is perfect at your end...
can  you tell me what all settings are there on the receive connector ?

if there is any misconfiguration in it.. your server can be open for relay...
Make sure on the receive connector "Externally secured" option is Unchecked.................
and
then follow this :

1)  installed the Agents :
           C:\Program Files\Microsoft\Exchange Server\Script\ Install-AntispamAgents,ps1
2) RESTART THE TRANSPORT SERVICE

3) +> Check if they are installed By : get-TransportAgent

4)  Then go to exchange management console.
Under org configuration..chlck on Hub transport
click on Anti spam tab
And you need to  configure the following:
+> on the IPBlock List provider added

1) Spam Haus
       zen.spamhaus
2) open relay test
       dnsbl.sorbs.net

3) abusive host
      dnsbl.ahbl.org

+> on the Recipient filtering -> Blocked Recipient->checked the option - Block
Message sent to recipient not listed in the Global Address List.
+> on the Sender filtering -> Blocked sender -> checked the option - Block message
from Blank sender.

5) Stop the Microsoft exchange transport service
6) Now open My computer... DRIVE\PROGRAM FILE\MICROSOFT\EXCHANGE SERVER\.... DATA
RENAME THE DATA FOLDER...TO DATAold
7) Restart the Transport service again.........
0
 
martinlebelAuthor Commented:
IP address was blocked by CBL and Symantec so many more follow symantec and blocked me. I called my ISP and they did remove the block for me.
0
 
SurajCommented:
How did your Issue resolved ???
0
 
SurajCommented:
nappy_d said its PTR

I Said Black list.... so what resolved the issue ? please reply
0
 
martinlebelAuthor Commented:
IP address was blocked by CBL and Symantec so many more follow symantec and blocked me. I called my ISP and they did remove the block for me.
0
 
SurajCommented:
Then if its Black list.. then points should be given to me right.. coz i had told you that..
the other Expert told you PTR...
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.