554 You are not allowed to connect

Hello,

I am having an issue with some domains rejecting connections from one of our Exchange 2007 servers. The error I get is below.

451 4.4.0 Primary target IP address responded with: "554 You are not allowed to connect.." Attempted failover to alternate host, but that did not succeed. Either there are no alternate hosts, or delivery failed to all alternate hosts.

Most emails go out without any issues. I find this error has been coming up when emailing large companys like banks.

Our reverse dns is setup correctly and we are not on any blacklists.

It is the "554 You are not allowed to connect.."  that is throwing me off. Using a smarthost will deliver the emails, but it is not the prefered method of delivery.
LVL 1
SemiarAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

tgtcat69Commented:
You say using a smarthost will deliver the email...are you using a mail filtering company as your smart host?
0
SemiarAuthor Commented:
Im just using our ISP as the smarthost.
0
rhandelsCommented:
Are you actually sending the e-mail using your own IP address or are you using an ISP to deliver your e-mail??
I have once been on a blacklist on a company i worked with because someone in the ip range we used was sending out spamm and then the spamfighters thought it would be a good idea to block the entire C class (we only had like 6 IP addresses there..)

Normally, if mail is being send to another coampny, only a ferw have an issue, i'd search with their settings rather than looking at your own config.. Maybe they have  a very strict regulation of what you are able to send to them (attachmenst and all.. )

Have you called one of those users that are not getting the e-mails?? Do they hear that from more companies??

0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

SemiarAuthor Commented:
We normally use MX records to route the mail directly from our IP.

I switch to the smarthost when we have issues like blacklisting after being hit by a virus.

I have confirmed they get the email when using the smarthost.

 
0
rhandelsCommented:
Don't get me wrong, but it does look like they are blocking e-mail coming from your ip address. Maybe they have some sort of mail filtering platform that blocks your ip temporarely?? Have you tried contacting one of those companies that block the e-mail?
0
SemiarAuthor Commented:
I can try speaking with them. It should be interesting trying to get the information to there IT department. 3 different companies have returned the error. 2 banks and 1 large insurance company.
0
MesthaCommented:
If three different companies are giving the error I wouldn't be surprised if they are using the same filtering service. Do a lookup on the MX records and see where they point. Many large companies will have outsourced their antispam service.

Simon.
0
SemiarAuthor Commented:
Thanks for the suggestion.

I see no simularities in the mx records.

I can't find much about the error either.
0
MesthaCommented:
It could be that they are using the same appliance to filter email and your IP address has got on to a managed blacklist. I know that Barracuda have a blacklist that works in that way.

Not allowed to connect certainly points to blacklisting of some kind.

Simon.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
SemiarAuthor Commented:
I have checked as many blacklist sites I could find.

There does seem some simularity between the errors, i was not able to find much about it on google.
0
rhandelsCommented:
Hey,

Besides the fact that there are blacklists, i also believe some appliances don't use "central" blacklists but update their blacklist once every so much.. It might be that the ip address your sending with (or at least the range your in) might be on that updateble list... It's worth looking into. Though i don't really think large companies are going to tell you what antispam/viruswall they are using..
0
SemiarAuthor Commented:
AOL actually gave me some information in there error. The link is below.

We have just switched to fiber and a new ISP a week ago. I am speaking with the NOC at our ISP to find out about the IPs they assigned us.

http://postmaster.info.aol.com/errors/554rtrbb.html
0
tgtcat69Commented:
I"m just curious, but how does AOL fit in here?
0
SemiarAuthor Commented:
They gave me an explanation about why our mail server is not able to connect with there mail servers. The url was actually in the error.

Possibly the same issue with the rest of the large companys we are having issues emailing to.
0
SemiarAuthor Commented:
Just an update,

My ISP is still looking into this issue.
0
SemiarAuthor Commented:
I have not seen the issue for the last couple of days. The last email I received by my ISP stated "they have re-submitted the request to have your mail servers added as legit static mail servers"

Main issue seems to be the static ips being on a dynamic ip list used by some companies.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Email Protocols

From novice to tech pro — start learning today.