Solved

Why is my mail server getting blocked?

Posted on 2010-09-21
8
1,281 Views
Last Modified: 2013-12-09
Hello all,

We have recently been having problems at my organization with being blacklisted.  While we have appeared on some of the block lists previously, we are no longer listed yet we are still being blocked by most mail services.  We get bounced messages that say undeliverable and others are permanently deferred.  I have taken steps to insure that we are not sending out spam, such as running virus scans on all of the computers on our network and setting a rule on our Exchange server that only allows outbound email from an address within our organization.  After placing the rule on our Exchange, I set out emailing the postmaster for every mail service that was blocking us in order to be unblocked.  It worked for a few days, but now I am seeing that we are beginning to be blocked again.  I am unsure of how to proceed, and any input is welcomed.

Thanks!
0
Comment
Question by:SysAdmin06
8 Comments
 
LVL 12

Assisted Solution

by:FDiskWizard
FDiskWizard earned 100 total points
ID: 33725651
Have you done any message tracking to see what might be getting sent out?
If not enabled, you would have to turn on Message Tracking in ESM. Then under Tools > Message Tracking in ESM you can query. I would check for emails that are going out after hours.
0
 
LVL 10

Accepted Solution

by:
TekServer earned 100 total points
ID: 33725748
You might also want to consider configuring your router or firewall (if possible) to block outgoing SMTP connections from any host except your mail server.  (This, of course, assumes you have no one legitimately using a POP account independent from your mail server ... )

Do you have a reverse DNS record in place for your mail server?  Some systems will block you if you don't.

hth!
:)
0
 
LVL 1

Assisted Solution

by:Dmapros
Dmapros earned 100 total points
ID: 33725898
TekServer is right. If you can review the logs of outgoing traffic on your firewall, you can see if there is another machine / device sending out mail (SMTP port 25). Your firewall should also be configured to only allow port 25 out for the IP address of your SMTP server.
0
 

Author Comment

by:SysAdmin06
ID: 33726013
Thanks for the replies, everyone.  I am in the process of troubleshooting this right now with someone, and I will be sure to update.
0
Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

 
LVL 3

Assisted Solution

by:martin_sea
martin_sea earned 100 total points
ID: 33727142
Blacklisting by the recipient end or at  is a common problem which as a administrator is always a issue. If you get listed in CBL then all the mail would be getting bounced. Also
 There are number of factors that you would watch for  :

1.) do have a PTR entry for you domain (check this too)
2.) do check SPF record . Its always good if this can be created as yahoo do check for this.
3.) do check that your user are not sending marketing emails.
4.) also note that if attachment send are found wih virus number of times then also some CBL's add the domain or your public IP to blacklist.
5.) check for number of connection that are been made from the outgoing server if high value change it.

currently since you are getting deffered so this means the mail should be retried since currently the recipient server is not accepting the message. if it sate that its blocked then only it should bounce so do also check for settings.  Also check the connection limit at which the number of mails are been sent for the outgoing mail this also affects the way your mails are been sent.

below site may be use for checking blacklisting of the IP.

www.mxtoolbox.com/blacklists.aspx
http://cbl.abuseat.org/
0
 
LVL 29

Assisted Solution

by:Sudeep Sharma
Sudeep Sharma earned 100 total points
ID: 33728319
0
 

Author Comment

by:SysAdmin06
ID: 34001713
Hello everyone.  Sorry for the long delay.  We are still having the occasional problem after much work,  but I think I may have it at least at bay for the time being.  A couple of the things I have done:

Set up outbound filtering on our email filtering service (MX Logic) so that rDNS checks come back ok.
Blocked outgoing SMTP connections except from our mail server by placing a rule on the firewall.
Scanned all computers on the network to make sure none are sending viruses.

It is hard to say exactly what the problem is, but we are coping.  There are the occasional hiccups, but for the most part, we are doing fine.

Thanks for all of your help.
0
 

Author Closing Comment

by:SysAdmin06
ID: 34001739
The experts contributed very worthwhile information.
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Resolve Outlook connectivity issues after moving mailbox to new Exchange 2016 server
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…
how to add IIS SMTP to handle application/Scanner relays into office 365.

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now