Emails cannot be delivered ("550 relay not permitted")

We have two mail servers Exchange 2003 (and 2 static IPs, 85.72.40.38 and 193.92.77.41)...

A lot of the emails could not be delivered... Most of them (in 85.72.40.38) return a NDR with "550 relay not permitted" and some others stay in the queue to be delivered (keep retrying and when click on the queue in ESM in additional queue info I get "The remote server did not respond to a connection attempt")...

Please advice... Since this morning we (the company) have major problem because a lot of emails stuck in the queue or do not delivered...!

Thank you
agortsAsked:
Who is Participating?
 
richy92Connect With a Mentor Commented:
I think the clue to the problem is this : 550 relay not permitted

Somewhere a mailserver is not setup to relay your Email, this could be the SMTP server component not setup properly or you could have a smarthost that needs setting up somewhere.

How is your mail delivery done ? do you deliver direct from the exchange box or is it setup to use a smart host ? You need to check the SMTP properties in the exchange manager to find out more.

0
 
FDiskWizardCommented:
Can you be more specifc? is this internal sending, or email from outside?
Can you: Telnet SERVER 25?
From the server that said can't connect?
All services running? maybe anti-virus is causing a problem?
Also, do you have Broadcom NICs?
0
 
endital1097Commented:
check your smtp virtual server settings
is it configured to use a smart host or dns
0
Free tool for managing users' photos in Office 365

Easily upload multiple users’ photos to Office 365. Manage them with an intuitive GUI and use handy built-in cropping and resizing options. Link photos with users based on Azure AD attributes. Free tool!

 
ken2421Commented:
I hate the 550 error. Something has changed and it can be with the ISP or you. Notice that you say a lot of emails could not be delivered. Does that mean that some of them are going even now?

Ken
0
 
agortsAuthor Commented:
The send fail on outside recipients...

Not all of them have problem... Some of them deliver OK...

Both of them receive emails with no problem...

All services are OK...

What do you mean by Broadcom NICs?
0
 
agortsAuthor Commented:
The settings in the mail servers must be OK because they were working OK for months...

I beleive the problem must be in the specific mail servers which do not accept my server for receiving email...

Maybe I am in blacklist which those specific mail servers take in mind...

I already check for blacklists (http://www.mxtoolbox.comhttp://www.dnsstuff.com) but only UCEPROTECTL2, UCEPROTECTL3 lists affect me....
0
 
endital1097Connect With a Mentor Commented:
attempt a telnet session to the failed domain systems
nslookup
set type=mx
faileddomain.com

telnet mail.faileddomain.com 25
ehlo yourdomain.com

you shouldn't get that far if you are blacklisted
if you can go further

mail from: you@yourdomain.com
rcpt to: someone@faileddomain.com
data
0
 
richy92Commented:
the error states "relay not permitted" so it would appear that either the SMTP server is setup incorrectly or the smarthost you are trying to use is not setup to allow you to send email through it.

Take a closer look at the NDR and see if you can figure out where it came from - if it comes from the ISP mail gateway, then give them a call. Or post the NDR + headers in here and someone may be able to help

0
 
agortsAuthor Commented:
The failed domain is secutex.de... the ip is 80.237.138.5...

I try the telnet from the mail server and there was no problem sending it....

Very strange...
0
 
agortsAuthor Commented:
Here it is the NDR...

_____________________________________________
From: ¿¿a¿e¿¿¿st¿¿ s¿st¿µat¿¿
Sent: Wednesday, September 15, 2010 3:38 PM
To: Gortsilas Andreas
Subject: ¿e¿ pa¿ad¿¿¿¿e: FW: REMINDER FW: SECUTEX 10 09 10 OFFER REQUEST S¿¿¿¿¿ FW: ¿¿¿¿GG¿¿¿¿ SECUTEX K2374-0032-0074
Importance: High


¿¿ µ¿¿¿µ¿ sa¿ de¿ ¿ftase se µe¿¿¿¿¿¿ ¿ se ¿¿¿¿¿ t¿¿¿ pa¿a¿¿pte¿ st¿¿¿ ¿p¿¿¿¿¿ ape¿¿¿¿¿ta¿.

      T¿µa:      FW: REMINDER FW: SECUTEX 10 09 10 OFFER REQUEST   S¿¿¿¿¿ FW: ¿¿¿¿GG¿¿¿¿ SECUTEX K2374-0032-0074
      ¿p¿st¿¿¿:      15/9/2010 3:38 µµ

¿e¿ ¿ta¿ d¿¿at¿ ¿ ep¿¿¿¿¿¿¿¿a µe t¿¿¿ pa¿a¿¿t¿ pa¿a¿¿pte¿:

      'i.leinders@secutex.de' st¿¿ 15/9/2010 3:38 µµ
            ¿¿¿¿¿¿¿e ¿¿a p¿¿ß¿¿µa ep¿¿¿¿¿¿¿¿a¿ SMTP µe t¿ d¿a¿¿µ¿st¿ ¿¿e¿t¿¿¿¿¿¿¿ ta¿¿d¿¿µe¿¿¿ t¿¿ pa¿a¿¿pt¿.  ¿p¿¿¿¿¿¿¿¿ste µe t¿ d¿a¿e¿¿¿st¿ t¿¿ s¿st¿µat¿¿ sa¿.
            <mailgate2.sabo.gr #5.5.0 smtp;550 relay not permitted>

0
 
agortsAuthor Commented:
sorry for the greek chars...

No I do not use a smarthost...
0
 
FDiskWizardCommented:
Is that someone you do business with? And send to regularly?
Maybe they have blacklisted you locally with a custom rule. Maybe by accident, say for instance they are doing country blocking.
0
 
agortsAuthor Commented:
We have problem with many different hosts... not just one...
0
 
agortsAuthor Commented:
In the properties of the SMTP virtual server I do not see anything strange...

I do not use smarthost...

Can you be more specific?
0
 
richy92Commented:
what adress are you trying to send to just the @domain.com part - dont need the username?
The response "relay not permitted" seems to come from mailgate2.sabo.gr - I wonder if this is the gateway of the domain you are trying to send to or something else ?
0
 
agortsAuthor Commented:
For example @secutex.de...
mailgate2.sabo.gr is the fully-qualified domain name in the settings of the virtual smtp server of the mail server...
0
 
agortsAuthor Commented:
if you send me your email (in agorts@sabo.gr) I will reply you back the settings of the virtual smtp server to take a look at them...
0
 
richy92Commented:
So it would seem that your mail server is unable to relay correctly - I sent you an email - I will have a look if you want to send some screen shots :)
0
 
agortsAuthor Commented:
did you get my email (agorts@gmail.com)?
0
 
agortsAuthor Commented:
so if my problem is in the virtual smtp server can you help me identify it?
0
 
richy92Connect With a Mentor Commented:
in the virtual server properties under the access tab and then relay restrictions, what settings do you have ?
is it set to only the list below or all except the list below and what networks/ips (if any) are in that list ?
Also is the box ticked to allow all computers that authenticate to relay ?

Also on the access tab under connection control is it set to all except the list below ?
And under authetication if you click users what permissions are there ?

Does the server just have a single IP address ?

Have you tried using telnet to send an email from the exchange server to a domain that is not working, do you still get the 550 error ?

I did get the email, but I wasn't sure about the settings above.
0
All Courses

From novice to tech pro — start learning today.