554 You are not allowed to connect

Hello,

I am having an issue with some domains rejecting connections from one of our Exchange 2007 servers. The error I get is below.

451 4.4.0 Primary target IP address responded with: "554 You are not allowed to connect.." Attempted failover to alternate host, but that did not succeed. Either there are no alternate hosts, or delivery failed to all alternate hosts.

Most emails go out without any issues. I find this error has been coming up when emailing large companys like banks.

Our reverse dns is setup correctly and we are not on any blacklists.

It is the "554 You are not allowed to connect.."  that is throwing me off. Using a smarthost will deliver the emails, but it is not the prefered method of delivery.
LVL 1
SemiarAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
MesthaConnect With a Mentor Commented:
It could be that they are using the same appliance to filter email and your IP address has got on to a managed blacklist. I know that Barracuda have a blacklist that works in that way.

Not allowed to connect certainly points to blacklisting of some kind.

Simon.
0
 
tgtcat69Commented:
You say using a smarthost will deliver the email...are you using a mail filtering company as your smart host?
0
 
SemiarAuthor Commented:
Im just using our ISP as the smarthost.
0
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

 
rhandelsCommented:
Are you actually sending the e-mail using your own IP address or are you using an ISP to deliver your e-mail??
I have once been on a blacklist on a company i worked with because someone in the ip range we used was sending out spamm and then the spamfighters thought it would be a good idea to block the entire C class (we only had like 6 IP addresses there..)

Normally, if mail is being send to another coampny, only a ferw have an issue, i'd search with their settings rather than looking at your own config.. Maybe they have  a very strict regulation of what you are able to send to them (attachmenst and all.. )

Have you called one of those users that are not getting the e-mails?? Do they hear that from more companies??

0
 
SemiarAuthor Commented:
We normally use MX records to route the mail directly from our IP.

I switch to the smarthost when we have issues like blacklisting after being hit by a virus.

I have confirmed they get the email when using the smarthost.

 
0
 
rhandelsConnect With a Mentor Commented:
Don't get me wrong, but it does look like they are blocking e-mail coming from your ip address. Maybe they have some sort of mail filtering platform that blocks your ip temporarely?? Have you tried contacting one of those companies that block the e-mail?
0
 
SemiarAuthor Commented:
I can try speaking with them. It should be interesting trying to get the information to there IT department. 3 different companies have returned the error. 2 banks and 1 large insurance company.
0
 
MesthaCommented:
If three different companies are giving the error I wouldn't be surprised if they are using the same filtering service. Do a lookup on the MX records and see where they point. Many large companies will have outsourced their antispam service.

Simon.
0
 
SemiarAuthor Commented:
Thanks for the suggestion.

I see no simularities in the mx records.

I can't find much about the error either.
0
 
SemiarAuthor Commented:
I have checked as many blacklist sites I could find.

There does seem some simularity between the errors, i was not able to find much about it on google.
0
 
rhandelsConnect With a Mentor Commented:
Hey,

Besides the fact that there are blacklists, i also believe some appliances don't use "central" blacklists but update their blacklist once every so much.. It might be that the ip address your sending with (or at least the range your in) might be on that updateble list... It's worth looking into. Though i don't really think large companies are going to tell you what antispam/viruswall they are using..
0
 
SemiarAuthor Commented:
AOL actually gave me some information in there error. The link is below.

We have just switched to fiber and a new ISP a week ago. I am speaking with the NOC at our ISP to find out about the IPs they assigned us.

http://postmaster.info.aol.com/errors/554rtrbb.html
0
 
tgtcat69Commented:
I"m just curious, but how does AOL fit in here?
0
 
SemiarAuthor Commented:
They gave me an explanation about why our mail server is not able to connect with there mail servers. The url was actually in the error.

Possibly the same issue with the rest of the large companys we are having issues emailing to.
0
 
SemiarAuthor Commented:
Just an update,

My ISP is still looking into this issue.
0
 
SemiarAuthor Commented:
I have not seen the issue for the last couple of days. The last email I received by my ISP stated "they have re-submitted the request to have your mail servers added as legit static mail servers"

Main issue seems to be the static ips being on a dynamic ip list used by some companies.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.