Solved

554 You are not allowed to connect

Posted on 2009-07-08
16
4,358 Views
Last Modified: 2013-11-30
Hello,

I am having an issue with some domains rejecting connections from one of our Exchange 2007 servers. The error I get is below.

451 4.4.0 Primary target IP address responded with: "554 You are not allowed to connect.." Attempted failover to alternate host, but that did not succeed. Either there are no alternate hosts, or delivery failed to all alternate hosts.

Most emails go out without any issues. I find this error has been coming up when emailing large companys like banks.

Our reverse dns is setup correctly and we are not on any blacklists.

It is the "554 You are not allowed to connect.."  that is throwing me off. Using a smarthost will deliver the emails, but it is not the prefered method of delivery.
0
Comment
Question by:Semiar
  • 9
  • 3
  • 2
  • +1
16 Comments
 
LVL 6

Expert Comment

by:tgtcat69
ID: 24806340
You say using a smarthost will deliver the email...are you using a mail filtering company as your smart host?
0
 
LVL 1

Author Comment

by:Semiar
ID: 24806368
Im just using our ISP as the smarthost.
0
 
LVL 23

Expert Comment

by:rhandels
ID: 24806369
Are you actually sending the e-mail using your own IP address or are you using an ISP to deliver your e-mail??
I have once been on a blacklist on a company i worked with because someone in the ip range we used was sending out spamm and then the spamfighters thought it would be a good idea to block the entire C class (we only had like 6 IP addresses there..)

Normally, if mail is being send to another coampny, only a ferw have an issue, i'd search with their settings rather than looking at your own config.. Maybe they have  a very strict regulation of what you are able to send to them (attachmenst and all.. )

Have you called one of those users that are not getting the e-mails?? Do they hear that from more companies??

0
 
LVL 1

Author Comment

by:Semiar
ID: 24806442
We normally use MX records to route the mail directly from our IP.

I switch to the smarthost when we have issues like blacklisting after being hit by a virus.

I have confirmed they get the email when using the smarthost.

 
0
 
LVL 23

Assisted Solution

by:rhandels
rhandels earned 300 total points
ID: 24806549
Don't get me wrong, but it does look like they are blocking e-mail coming from your ip address. Maybe they have some sort of mail filtering platform that blocks your ip temporarely?? Have you tried contacting one of those companies that block the e-mail?
0
 
LVL 1

Author Comment

by:Semiar
ID: 24806603
I can try speaking with them. It should be interesting trying to get the information to there IT department. 3 different companies have returned the error. 2 banks and 1 large insurance company.
0
 
LVL 65

Expert Comment

by:Mestha
ID: 24808282
If three different companies are giving the error I wouldn't be surprised if they are using the same filtering service. Do a lookup on the MX records and see where they point. Many large companies will have outsourced their antispam service.

Simon.
0
 
LVL 1

Author Comment

by:Semiar
ID: 24808453
Thanks for the suggestion.

I see no simularities in the mx records.

I can't find much about the error either.
0
6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

 
LVL 65

Accepted Solution

by:
Mestha earned 200 total points
ID: 24808649
It could be that they are using the same appliance to filter email and your IP address has got on to a managed blacklist. I know that Barracuda have a blacklist that works in that way.

Not allowed to connect certainly points to blacklisting of some kind.

Simon.
0
 
LVL 1

Author Comment

by:Semiar
ID: 24809217
I have checked as many blacklist sites I could find.

There does seem some simularity between the errors, i was not able to find much about it on google.
0
 
LVL 23

Assisted Solution

by:rhandels
rhandels earned 300 total points
ID: 24811037
Hey,

Besides the fact that there are blacklists, i also believe some appliances don't use "central" blacklists but update their blacklist once every so much.. It might be that the ip address your sending with (or at least the range your in) might be on that updateble list... It's worth looking into. Though i don't really think large companies are going to tell you what antispam/viruswall they are using..
0
 
LVL 1

Author Comment

by:Semiar
ID: 24814438
AOL actually gave me some information in there error. The link is below.

We have just switched to fiber and a new ISP a week ago. I am speaking with the NOC at our ISP to find out about the IPs they assigned us.

http://postmaster.info.aol.com/errors/554rtrbb.html
0
 
LVL 6

Expert Comment

by:tgtcat69
ID: 24814495
I"m just curious, but how does AOL fit in here?
0
 
LVL 1

Author Comment

by:Semiar
ID: 24814540
They gave me an explanation about why our mail server is not able to connect with there mail servers. The url was actually in the error.

Possibly the same issue with the rest of the large companys we are having issues emailing to.
0
 
LVL 1

Author Comment

by:Semiar
ID: 24839852
Just an update,

My ISP is still looking into this issue.
0
 
LVL 1

Author Comment

by:Semiar
ID: 24919987
I have not seen the issue for the last couple of days. The last email I received by my ISP stated "they have re-submitted the request to have your mail servers added as legit static mail servers"

Main issue seems to be the static ips being on a dynamic ip list used by some companies.
0

Featured Post

Do email signature updates give you a headache?

Do you feel like all of your time is spent managing email signatures? Too busy to visit every user’s desk to make updates? Want high-quality HTML signatures on all devices, including on mobiles and Macs? Then, let Exclaimer solve all your email signature problems today!

Join & Write a Comment

Suggested Solutions

We are happy to announce a brand new addition to our line of acclaimed email signature management products – CodeTwo Email Signatures for Office 365.
Check out this infographic on what you need to make a good email signature that will work perfectly for your organization.
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now