?
Solved

Real time black list

Posted on 2010-08-16
14
Medium Priority
?
685 Views
Last Modified: 2013-12-09
This message keeps bouncing back and I don't know where to go or who to contact to get us off of there blacklist.

Diagnostic information for administrators:

Generating server: edgetransport.domain.com


gate20.gate.dfw.mlsrvr.com #554 5.7.1 <66-188-39-101.static.bycy.mi.charter.com[66.188.39.101]>: Client host rejected: The sender's mail server is blocked ##

Original message headers:

Received: from winsvr03.domain.com (192.168.50.11) by
 edgetransport.domain.com (192.168.50.28) with Microsoft SMTP Server
 (TLS) id 8.0.813.0; Sun, 15 Aug 2010 07:40:09 -0400
Received: from winsvr03.domain.com ([192.168.50.11]) by
 winsvr03.domain.com ([192.168.50.11]) with mapi; Sun, 15 Aug 2010
 07:38:28 -0400
From:<user@domain.com>
To: "user (user@domain.com)"
Disposition-Notification-To: user@domain.com
Date: Sun, 15 Aug 2010 07:38:26 -0400
Subject: FW: Draft 990's
Thread-Topic:Draft 990's
Thread-Index: Acs7HnTc2Xze4iVdSyWUbdbp2bwKHABT+TBw
Message-ID: <F2C6EA1703C77D4CBB4D0F5495D2A9443303A2B847@winsvr03.domain.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: multipart/mixed;
      boundary="_005_F2C6EA1703C77D4CBB4D0F5495D2A9443303A2B847winsvr03hills_"
MIME-Version: 1.0
Return-Path: user@domain.com
X-GFI-SMTP-Submission: 1
X-GFI-SMTP-HelloDomain: winsvr03.domain.com
X-GFI-SMTP-RemoteIP: 192.168.50.11

0
Comment
Question by:HBMI
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 5
  • 2
  • +1
14 Comments
 
LVL 11

Expert Comment

by:Coast-IT
ID: 33445812
A lot of RBL checkers online provide the link back to the body that is blocking it.

Try this one, past in the details and then see if there is a link to the blocking blody.

if there is no link, just google the body that has blocked it to look for contact details and contact them directly.

http://www.dnswatch.info/dns/rbl-lookup?host=mlsrvr.com&submit=RBL+Lookup
0
 
LVL 8

Expert Comment

by:epohl
ID: 33446077
Here is another good site. Enter the internet IP address of your mail server and it will check blacklists.

http://www.mxtoolbox.com/blacklists.aspx
0
 
LVL 24

Expert Comment

by:B H
ID: 33446354
This is saying you don't have a reverse dns entry... you need to call your internet provider (charter) and ask them:  please assign me a reverse dns entry such that 66.188.39.101 reverses to (whatever your mx record is, mail,yourdomain.com)
0
Prepare for your VMware VCP6-DCV exam.

Josh Coen and Jason Langer have prepared the latest edition of VCP study guide. Both authors have been working in the IT field for more than a decade, and both hold VMware certifications. This 163-page guide covers all 10 of the exam blueprint sections.

 
LVL 8

Expert Comment

by:epohl
ID: 33446447
Correct assuming mx record is set to your email server and not some third party spam filtering solution. Also try telneting on port 25 from your email server to the server that is blocking you and see what error message you get.
0
 

Author Comment

by:HBMI
ID: 33447376
The odd thing is that 66.188.39.101 is not our mail server 66.188.39.99 is.  So I don't know why that was showing in the log.
0
 
LVL 8

Expert Comment

by:epohl
ID: 33447398
Do you have an edgetransport server that uses that address ? Or it is possible that depending on how your firewall is setup that is the external IP of the mailserver for outgoing.
0
 

Author Comment

by:HBMI
ID: 33448729
We do have an edgetrasport server but it uses 66.188.39.99.  After double checking 66.188.39.101 is not in our firewall either nor is anything pointing to it.
0
 

Author Comment

by:HBMI
ID: 33448883
We do have an edgetrasport server but it uses 66.188.39.99.  After double checking 66.188.39.101 is not in our firewall either nor is anything pointing to it.
0
 

Author Comment

by:HBMI
ID: 33448893
When trying to send mail via telnet I get this:

rcpt to:user@domain.com
550 5.7.1 unable to relay for user@domain.com
0
 
LVL 8

Assisted Solution

by:epohl
epohl earned 1332 total points
ID: 33449037
66.188.39.101 is on a blacklist. Can you go to http://www.ipchicken.com/ or similar page from the mail server and the edgeserver and let me know what they are showing for ip address.
0
 
LVL 8

Expert Comment

by:epohl
ID: 33449151
http://www.mxtoolbox.com/SuperTool.aspx?action=blacklist%3a66.188.39.101

Click on that and you can then click the 2 you are listed on to see information about being removed.
0
 

Author Comment

by:HBMI
ID: 33449155
Yeah it says 66.188.39.101 but that is the internet.  I have our mx, reverse dns, and 66.188.39.99 pointing to our mail server.
0
 
LVL 8

Accepted Solution

by:
epohl earned 1332 total points
ID: 33449202
Well it thats what it says than that is the IP other servers see for your outgoing mail. Either change the IP or get it off the 2 blacklists.

http://www.mxtoolbox.com/SuperTool.aspx?action=blacklist%3a66.188.39.101

Click on that and you can then click the 2 you are listed on to see information about being removed.

0
 
LVL 24

Assisted Solution

by:B H
B H earned 668 total points
ID: 33451520
yeah you have a router misconfiguration -

your router is forwarding ports to your mail server at the 39.99 address, but your mail server is going out to the world as .101

options:
1. configure your router for one-to-one nat so the mail server leaves as 38.99
2. or, configure your router to pass 25/443/110/80 to your mail server on .101, then change your public reverse dns, mx, a to match
3. get 101 off the blacklist, AND create a reverse dns entry for .101 and .99 - they can be the same name

0

Featured Post

Put Machine Learning to Work--Protect Your Clients

Machine learning means Smarter Cybersecurity™ Solutions.
As technology continues to advance, managing and analyzing massive data sets just can’t be accomplished by humans alone. It requires huge amounts of memory and storage, as well as high-speed processing of the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There are times when we need to generate a report on the inbox rules, where users have set up forwarding externally in their mailbox. In this article, I will be sharing a script I wrote to generate the report in CSV format.
New style of hardware planning for Microsoft Exchange server.
how to add IIS SMTP to handle application/Scanner relays into office 365.
This video discusses moving either the default database or any database to a new volume.
Suggested Courses
Course of the Month14 days, 13 hours left to enroll

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question