Interpreting a blacklist error message

Posted on 2009-03-30
Last Modified: 2013-12-09

I have 4 users who have received the same e-mail from a person at  All four of these people have e-mail account on our server.  Two of the four get their e-mail forwarded to their roadrunner account and the other two just keep their mail on our server.

The two that the wellsfargo person is mailing that are getting their mails forwarded to accounts get the following bounceback.

  FWD, Agents Name on 3/28/2009 11:02 AM
            There was a SMTP communication problem with the recipient's email server.  Please contact your system administrator.

            < #5.5.0 smtp;550 Sender is blacklisted>

I've been on the line with Roadrunner tech support and I pulled all the server IP's listed in a MX record nslookup and checked each with Spamhause as well as had the tech support check them.  They are all coming back as not blocked?

Am I reading this wrong?  Is something other than the Roadrunner mail server generating that blacklist message?   We don't use a blacklist service ourselves.

I should also mention we employ a spam filtering service called and I've talked with them and they assure us that they do not have the wellsfargo person blacklisted and that it's not their server doing it anyway since it's a forward it's going directly to the RR servers.

Any help or advice please?
Question by:JamesBTaylor

Author Comment

ID: 24019726
Ok, more data.

The roadrunner tech has interpreted the above message that our mail server is sending that blacklist message before the e-mail is even forwarded.  Meaning it's coming from our local exchange server.

I have no clue why this is?  We do not pay or subscribe to ANY blacklist I really need some help figuring out where the heck this message could be coming from.

Expert Comment

ID: 24019780
Instead of forwarding the mail, have you tried copying the contents and creating a new email... this will help you to narrow down, whether the history in the header is the cause for the black list block....

And also please explain briefly how the mail is routed....

from where -> whom,

and who is forwarding it where ?

Expert Comment

ID: 24019792
This might be the cause....
Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.


Author Comment

ID: 24019798
Sorry, more data, I should have lumped all this together.

On our exchange server, under message delivery properties I have the following set.
Recipient Filtering:
There is no recipient filter rules, but the filter recipients who are not in directory is checked

Sender ID Filtering:  Accept

Sender Filtering:
No Filters

Intelligent Message Filtering:
Threshhold: 9
Block message with SCL greater than 8
When blocking messages:  No Action
Move messages with an SCL rating greater than 8


Expert Comment

ID: 24019818
Better go for a better port scan which can identify if there is any vulnerable port which is open...

Run a security scan.... and then a virus scan...

Author Comment

ID: 24019859
Our mail server is not an open relay.  I've firewalled it off and only accepted inbound connections from the IP range of our spam filter service only.  I don't even allow our guys to use Pop3 with our server if they aren't inside the company or connected through a vpn.

also, for the routing it SHOULD take the following route if everything were woorking correctly.

Wellsfargo mails this person at my company.
The e-mail hits our spam filter service and either passes or is quarantined
If it passes, it is delivered to our exchange server.
This person has a forward set up for them in exchange and doesn't leave a copy on the server.
That mail then gets forwarded to her roadrunner account.
End of route.

I can verify that the e-mail is hitting our spam filter service and passing to our server, but thats about it.  I can't tell if it's my server giving the blacklist (which it's really looking like at this point) or if it's roadrunner.  And the guy I talked too at roadrunner seemed like one of the better techs as he didn't blow me off and checked out around 20 different IP's I pulled from the wellsfargo MX records.

Author Comment

ID: 24019898
When I set up our spam filter service with firewall rules, they check to verify that we are not a relay, otherwise they would flag us themselves and stop all our inbound mail until we resolved the relay issue.

i've also tried to hit the smtp port from telnet at my home and it's blocked.  I'm farily confident we aren't a relay.

Either way, It's not us who is getting blacklisted.  We can e-mail people just fine.  It's the lady from Wellsfargo.  Even if we are a relay, we would not be cause her to be blacklisted.   Our server or roadrunner (again I'm thinking it's our server somehow) is the one saying that the wellsfargo lady is blacklisted.

As another data point, i had her test.   Wellsfargo can e-amil my client at roadrunner just fine.  I also can e-mail my client at roadrunner from my work account just fine.  However, when an e-mail is sent to her work account which then forwards it to her roadrunner account, the blacklisting is coming into effect.

Expert Comment

ID: 24020461
For me it seems that you cannot do any thing about it, it seems the block status is applied between her work account and roadrunner account,

Ask her to check her account details with roadrunner(ISP) whether it is in blacklist or not....

Author Comment

ID: 24020487
I checked with roadrunner, after a good hour conversation with them they checked every IP address on the list I gave him for wellsfargo MX records and they all came back as not blacklisted.  Our e-mail server IP, incidentally, also came back as not blacklisted.

Roadrunner is saying that our server never even tried to communicate with any other server, they're saying that it is our Exchange server that is blacklisting the account.  I'm completely stumped.

Author Comment

ID: 24020744
Another data point to consider:

I've verified that the Wellsfargo person can e-mail anyone in our company just fine without hitting the blacklist.

I've verified that the wellsfargo person can e-mail directly to the account without hitting the blacklist issue.

I've verrified that our domain can e-mail directly to the account without hitting the blacklisting issue.

So the individual parts are working just fine, the only time the mail gets rejected as being blacklisted is when the e-mail is forwarded from her work account to her home account?  This makes no sense at all to me.
LVL 65

Accepted Solution

Mestha earned 500 total points
ID: 24035359
Is that an automatic forward?
If so then it is probably spoofing controls are rejecting the message.
The message appears to be coming from your server, which is not authorised to send email for that remote domain.

The type of email forwarding that Exchange does, keeping the header intact, will not be possible soon as the number of anti spoofing measures increases.


Expert Comment

ID: 24041533
I am sure you have done this but just in case,

Have you check the Quarantine Central in the electric mail to see if the recipients has blacklisted.

The syntax < #5.5.0 smtp;550 Sender is blacklisted>  showed that it is not the server that was blacklisted but the sender.  There may be a blacklist in the Quarantine Central that blacklisted the domain wellsfargo or the email address


Featured Post

Live: Real-Time Solutions, Start Here

Receive instant 1:1 support from technology experts, using our real-time conversation and whiteboard interface. Your first 5 minutes are always free.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Spam filtering for Hotmail on an iPad 3 89
mail routing issue 5 47
Dmarc DKIM 4 71
Built-in spam filtering for Office 365 1 52
Operating system developers such as Microsoft ( and Apple have made incredible strides in virus protection over the past decade. Operating systems come packaged with built in defensive tools such as virus protection and a f…
Encryption for Business Encryption ( ensures the safety of our data when sending emails. In most cases, to read an encrypted email you must enter a secret key that will enable you to decrypt the email. T…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Internet Business Fax to Email Made Easy - With eFax Corporate (, you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…

813 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now