Solved

exchange email being returned with "Client host rejected: Phishing" message

Posted on 2009-07-06
18
834 Views
Last Modified: 2012-05-07
I have an exchange  server running on sbs2003.  Today I've started receiving all email back similar to the following:

Your message did not reach some or all of the intended recipients.

      Subject:      RE: Test
      Sent:      7/6/2009 2:25 PM

The following recipient(s) could not be reached:

      Web Hosting on 7/6/2009 2:25 PM
            You do not have permission to send to this recipient.  For assistance, contact your system administrator.
            <888phantom.com #5.7.1 smtp;554 5.7.1 <unknown[75.160.160.33]>: Client host rejected: Phishing>

It was working fine yesterday and for the last couple years with my current settings.  My mail server/ip address doesn't appear on any black list servers.

My service is through qwest dsl.

They have been of no assistance thus far.

My domain is 888phantom.com & my static ip is 75.160.160.33
0
Comment
Question by:rjessop
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 6
  • 4
  • +1
18 Comments
 
LVL 13

Expert Comment

by:shadowlesss
ID: 24789019
Is this occurring when you send out any email or just email to a certain email domain?
0
 
LVL 13

Expert Comment

by:shadowlesss
ID: 24789057
I ran a DNS report and you do have a couple issues
2009-07-06-1642.png
0
 
LVL 13

Expert Comment

by:shadowlesss
ID: 24789075
Your MX record must be a host name not an IP
0
Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

 
LVL 27

Expert Comment

by:shauncroucher
ID: 24789096
Your PTR (reverseDNS) record and your SMTP Banner should be fully qualified domain names not just a domain name. ie server.888phantom.com instead of 888phantom.com. Unless this is changed chances are that ALL AOL users at least will not be able to receive email from your server.

0
 

Author Comment

by:rjessop
ID: 24789102
It is to all domains, and yes I got similar results from DNSSTUFF.com.  I don't know what to do about those errors, however I know that they have been present for the last couple years and it has worked fine (except for the last error - I"m not sure if that has been present or not).

I am receiving email to this exchange server just fine.

0
 
LVL 27

Expert Comment

by:shauncroucher
ID: 24789129
DNS all ok? Do you use a smarthost to send mail outbound? If so, is the smarthost still ok?

1) See if you have an SMTP connector:
 
Open Exchange System Manager --> Connectors --> SMTP connector - if you see a connector here that relates to outgoing mail or SMTP, then this may be responsible for outgoing mail. Go to properties and the front page will show if you have a Smarthost entry. If you do, you are using a smarthost. If this is blank, go to step 2.
 
2) Next, check your SMTP bridgehead does not specify a smarthost entry. Open Exchange System Manager -> Servers --> [SERVERNAME] -> Protocols -> SMTP --> Default SMTP virtual server --> Properties --> Delivery --> Advanced --> Smarthost.
If there is an entry here, you are using a smarthost. If it is blank then you are using DNS.
0
 
LVL 13

Assisted Solution

by:shadowlesss
shadowlesss earned 25 total points
ID: 24789165
You may also want to run the Microsoft Exchange Best Practices Analyzer and see what pops up.

http://www.microsoft.com/downloads/details.aspx?FamilyID=DBAB201F-4BEE-4943-AC22-E2DDBD258DF3&displaylang=en

0
 

Author Comment

by:rjessop
ID: 24789177
Under step 1 it shows Smallbusiness SMTP Connector and POP3 Connector Manager.  Properties of the SB SMTP Connector shows pop.mssl.qwest.net - is this my smarthost?  
0
 
LVL 27

Expert Comment

by:shauncroucher
ID: 24789190
Yes. Check that they are still accepting email from you. My money is on the fact that this server no longer accepts mail from you. Contact qwest and ask them to verify or run a telnet test to the server and see if it accepts your mail.

Shaun

0
 
LVL 27

Accepted Solution

by:
shauncroucher earned 450 total points
ID: 24789205
Basic telnet testing to ensure mail can reach a destination mail server.
 
Note you cannot use backspace or delete when using telnet, if you make a spelling mistake, start the command again after the error is generated.
 
 
2) Log onto your Exchange server and open up a command prompt.
 
Type the following:
 
telnet pop.mssl.qwest.net 25
[Wait for 220 response]
 
EHLO 888phantom.com
[Wait for 250 response]
 
MAIL FROM:<ONE_OF_YOUR_EMAIL_ADDRESSES>
[Wait for 250 response]
 
RCPT TO:<[ANY EXTERNAL EMAIL ADDRESS]> (example: RCPT TO:news@bbc.co.uk)
[Wait for 250 response]
DATA
[Wait for 354 response]
This is a test message
.
(note the dot on its own to end the session)
 
You should now get a message that the email has been queued for delivery.

If not, then contact qwest.net OR you can use DNS to route mail, but not until you resolve those warnings identified by DNS testing, YOU WILL GET ISSUES if you switch to using DNS rather than smarthost at the moment.

Shaun
0
 
LVL 27

Expert Comment

by:shauncroucher
ID: 24789214
Note you must place < > around email addresses when using telnet test

Shaun
0
 

Author Comment

by:rjessop
ID: 24789261
I've done the tests as you described above and I get the same message "Client Host rejected: Phishing" when I type in rcpt to:<another one of my external emails>
0
 
LVL 65

Assisted Solution

by:Mestha
Mestha earned 25 total points
ID: 24789345
If you are using a smart host then your ISP is rejecting your messages.
You will need to ask them why. However I would suspect that you have a compromised machine on your network. The ISP has detected it and is now blocking your access.

You need to find the machine and then remove it. It may well be your server that is being abused.
http://blog.sembee.co.uk/archive/2008/03/13/73.aspx

Simon.

0
 

Author Comment

by:rjessop
ID: 24789385
Here is qwests response

<tech> Ok found what is going on...i am escalating this now.  Over the weekend our servers had some maintence done and as a result some how it looks to have turned off the mail relay you are allowed to have....the escalation i have sent will get that reversed as fast as we can.

0
 
LVL 27

Expert Comment

by:shauncroucher
ID: 24789436
so it appears it was your smarthost providers blocking mail then.
0
 

Author Comment

by:rjessop
ID: 24789454
Thanks, for all your help so far!

So I would still be interest in fixing the DNS report issues, but don't know how to go about that.  Anyone up to the task of guiding me through that?

Thanks,
0
 

Author Comment

by:rjessop
ID: 24789928
OK.  to resolve the DNS issues listed above I did the following:  

1 - Changed the primary MX record from 75.160.160.33 to home.888phantom.com (an existing A name).  
2 - Had qwest update rDNS for 75.160.160.33 to resolve to home.888phantom.com.

Please let me know if what I did above is not correct or adviseable.  I host the exchange server, but don't host the website for that domain.
0
 

Author Closing Comment

by:rjessop
ID: 31600339
Although qwest still hasn't fix my probelms, I was able to start using DNS to route my email.  If/when they get it resolved I can switch back to the smart host.

Thanks
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Following basic email etiquette rules will help you write a professional email and achieve a good, lasting impression with your contacts.
This article aims to explain the working of CircularLogArchiver. This tool was designed to solve the buildup of log file in cases where systems do not support circular logging or where circular logging is not enabled
In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…

710 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question