Why is my mail server getting blocked?

Hello all,

We have recently been having problems at my organization with being blacklisted.  While we have appeared on some of the block lists previously, we are no longer listed yet we are still being blocked by most mail services.  We get bounced messages that say undeliverable and others are permanently deferred.  I have taken steps to insure that we are not sending out spam, such as running virus scans on all of the computers on our network and setting a rule on our Exchange server that only allows outbound email from an address within our organization.  After placing the rule on our Exchange, I set out emailing the postmaster for every mail service that was blocking us in order to be unblocked.  It worked for a few days, but now I am seeing that we are beginning to be blocked again.  I am unsure of how to proceed, and any input is welcomed.

Who is Participating?
TekServerConnect With a Mentor Commented:
You might also want to consider configuring your router or firewall (if possible) to block outgoing SMTP connections from any host except your mail server.  (This, of course, assumes you have no one legitimately using a POP account independent from your mail server ... )

Do you have a reverse DNS record in place for your mail server?  Some systems will block you if you don't.

FDiskWizardConnect With a Mentor Commented:
Have you done any message tracking to see what might be getting sent out?
If not enabled, you would have to turn on Message Tracking in ESM. Then under Tools > Message Tracking in ESM you can query. I would check for emails that are going out after hours.
DmaprosConnect With a Mentor Commented:
TekServer is right. If you can review the logs of outgoing traffic on your firewall, you can see if there is another machine / device sending out mail (SMTP port 25). Your firewall should also be configured to only allow port 25 out for the IP address of your SMTP server.
We Need Your Input!

WatchGuard is currently running a beta program for our new macOS Host Sensor for our Threat Detection and Response service. We're looking for more macOS users to help provide insight and feedback to help us make the product even better. Please sign up for our beta program today!

SysAdmin06Author Commented:
Thanks for the replies, everyone.  I am in the process of troubleshooting this right now with someone, and I will be sure to update.
martin_seaConnect With a Mentor Commented:
Blacklisting by the recipient end or at  is a common problem which as a administrator is always a issue. If you get listed in CBL then all the mail would be getting bounced. Also
 There are number of factors that you would watch for  :

1.) do have a PTR entry for you domain (check this too)
2.) do check SPF record . Its always good if this can be created as yahoo do check for this.
3.) do check that your user are not sending marketing emails.
4.) also note that if attachment send are found wih virus number of times then also some CBL's add the domain or your public IP to blacklist.
5.) check for number of connection that are been made from the outgoing server if high value change it.

currently since you are getting deffered so this means the mail should be retried since currently the recipient server is not accepting the message. if it sate that its blocked then only it should bounce so do also check for settings.  Also check the connection limit at which the number of mails are been sent for the outgoing mail this also affects the way your mails are been sent.

below site may be use for checking blacklisting of the IP.

SysAdmin06Author Commented:
Hello everyone.  Sorry for the long delay.  We are still having the occasional problem after much work,  but I think I may have it at least at bay for the time being.  A couple of the things I have done:

Set up outbound filtering on our email filtering service (MX Logic) so that rDNS checks come back ok.
Blocked outgoing SMTP connections except from our mail server by placing a rule on the firewall.
Scanned all computers on the network to make sure none are sending viruses.

It is hard to say exactly what the problem is, but we are coping.  There are the occasional hiccups, but for the most part, we are doing fine.

Thanks for all of your help.
SysAdmin06Author Commented:
The experts contributed very worthwhile information.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.