Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 879
  • Last Modified:

exchange email being returned with "Client host rejected: Phishing" message

I have an exchange  server running on sbs2003.  Today I've started receiving all email back similar to the following:

Your message did not reach some or all of the intended recipients.

      Subject:      RE: Test
      Sent:      7/6/2009 2:25 PM

The following recipient(s) could not be reached:

      Web Hosting on 7/6/2009 2:25 PM
            You do not have permission to send to this recipient.  For assistance, contact your system administrator.
            <888phantom.com #5.7.1 smtp;554 5.7.1 <unknown[75.160.160.33]>: Client host rejected: Phishing>

It was working fine yesterday and for the last couple years with my current settings.  My mail server/ip address doesn't appear on any black list servers.

My service is through qwest dsl.

They have been of no assistance thus far.

My domain is 888phantom.com & my static ip is 75.160.160.33
0
rjessop
Asked:
rjessop
  • 7
  • 6
  • 4
  • +1
3 Solutions
 
shadowlesssCommented:
Is this occurring when you send out any email or just email to a certain email domain?
0
 
shadowlesssCommented:
I ran a DNS report and you do have a couple issues
2009-07-06-1642.png
0
 
shadowlesssCommented:
Your MX record must be a host name not an IP
0
Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

 
shauncroucherCommented:
Your PTR (reverseDNS) record and your SMTP Banner should be fully qualified domain names not just a domain name. ie server.888phantom.com instead of 888phantom.com. Unless this is changed chances are that ALL AOL users at least will not be able to receive email from your server.

0
 
rjessopAuthor Commented:
It is to all domains, and yes I got similar results from DNSSTUFF.com.  I don't know what to do about those errors, however I know that they have been present for the last couple years and it has worked fine (except for the last error - I"m not sure if that has been present or not).

I am receiving email to this exchange server just fine.

0
 
shauncroucherCommented:
DNS all ok? Do you use a smarthost to send mail outbound? If so, is the smarthost still ok?

1) See if you have an SMTP connector:
 
Open Exchange System Manager --> Connectors --> SMTP connector - if you see a connector here that relates to outgoing mail or SMTP, then this may be responsible for outgoing mail. Go to properties and the front page will show if you have a Smarthost entry. If you do, you are using a smarthost. If this is blank, go to step 2.
 
2) Next, check your SMTP bridgehead does not specify a smarthost entry. Open Exchange System Manager -> Servers --> [SERVERNAME] -> Protocols -> SMTP --> Default SMTP virtual server --> Properties --> Delivery --> Advanced --> Smarthost.
If there is an entry here, you are using a smarthost. If it is blank then you are using DNS.
0
 
shadowlesssCommented:
You may also want to run the Microsoft Exchange Best Practices Analyzer and see what pops up.

http://www.microsoft.com/downloads/details.aspx?FamilyID=DBAB201F-4BEE-4943-AC22-E2DDBD258DF3&displaylang=en

0
 
rjessopAuthor Commented:
Under step 1 it shows Smallbusiness SMTP Connector and POP3 Connector Manager.  Properties of the SB SMTP Connector shows pop.mssl.qwest.net - is this my smarthost?  
0
 
shauncroucherCommented:
Yes. Check that they are still accepting email from you. My money is on the fact that this server no longer accepts mail from you. Contact qwest and ask them to verify or run a telnet test to the server and see if it accepts your mail.

Shaun

0
 
shauncroucherCommented:
Basic telnet testing to ensure mail can reach a destination mail server.
 
Note you cannot use backspace or delete when using telnet, if you make a spelling mistake, start the command again after the error is generated.
 
 
2) Log onto your Exchange server and open up a command prompt.
 
Type the following:
 
telnet pop.mssl.qwest.net 25
[Wait for 220 response]
 
EHLO 888phantom.com
[Wait for 250 response]
 
MAIL FROM:<ONE_OF_YOUR_EMAIL_ADDRESSES>
[Wait for 250 response]
 
RCPT TO:<[ANY EXTERNAL EMAIL ADDRESS]> (example: RCPT TO:news@bbc.co.uk)
[Wait for 250 response]
DATA
[Wait for 354 response]
This is a test message
.
(note the dot on its own to end the session)
 
You should now get a message that the email has been queued for delivery.

If not, then contact qwest.net OR you can use DNS to route mail, but not until you resolve those warnings identified by DNS testing, YOU WILL GET ISSUES if you switch to using DNS rather than smarthost at the moment.

Shaun
0
 
shauncroucherCommented:
Note you must place < > around email addresses when using telnet test

Shaun
0
 
rjessopAuthor Commented:
I've done the tests as you described above and I get the same message "Client Host rejected: Phishing" when I type in rcpt to:<another one of my external emails>
0
 
MesthaCommented:
If you are using a smart host then your ISP is rejecting your messages.
You will need to ask them why. However I would suspect that you have a compromised machine on your network. The ISP has detected it and is now blocking your access.

You need to find the machine and then remove it. It may well be your server that is being abused.
http://blog.sembee.co.uk/archive/2008/03/13/73.aspx

Simon.

0
 
rjessopAuthor Commented:
Here is qwests response

<tech> Ok found what is going on...i am escalating this now.  Over the weekend our servers had some maintence done and as a result some how it looks to have turned off the mail relay you are allowed to have....the escalation i have sent will get that reversed as fast as we can.

0
 
shauncroucherCommented:
so it appears it was your smarthost providers blocking mail then.
0
 
rjessopAuthor Commented:
Thanks, for all your help so far!

So I would still be interest in fixing the DNS report issues, but don't know how to go about that.  Anyone up to the task of guiding me through that?

Thanks,
0
 
rjessopAuthor Commented:
OK.  to resolve the DNS issues listed above I did the following:  

1 - Changed the primary MX record from 75.160.160.33 to home.888phantom.com (an existing A name).  
2 - Had qwest update rDNS for 75.160.160.33 to resolve to home.888phantom.com.

Please let me know if what I did above is not correct or adviseable.  I host the exchange server, but don't host the website for that domain.
0
 
rjessopAuthor Commented:
Although qwest still hasn't fix my probelms, I was able to start using DNS to route my email.  If/when they get it resolved I can switch back to the smart host.

Thanks
0

Featured Post

Get free NFR key for Veeam Availability Suite 9.5

Veeam is happy to provide a free NFR license (1 year, 2 sockets) to all certified IT Pros. The license allows for the non-production use of Veeam Availability Suite v9.5 in your home lab, without any feature limitations. It works for both VMware and Hyper-V environments

  • 7
  • 6
  • 4
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now