Solved

554 Rejected for policy reasons

Posted on 2010-11-18
16
6,352 Views
Last Modified: 2013-12-18
Currently. I have a domino server that random block external domain email with the following error.

      "554 Rejected for policy reasons"

I had setup debug and capture the following SMTP Server:Error storing received message; message rejected by mail rule. I had check the server configuration there isn't any mail rule set in it neither DNS blacklist is configured. Anyone can help with this problem.
Mail-Failure.JPG
0
Comment
Question by:aneky
  • 4
  • 4
  • 3
  • +3
16 Comments
 
LVL 10

Expert Comment

by:doninja
Comment Utility
Is it possible that this message was large and either exceeded the limit on message size or in some cases the size exceeds local storage capacity for mail.box and it cannot save the message.

Also seen some similar issues when the headers from the sending server where malformed or contained non rfc data and caused the smtp service to error.

How frequently is this happening and is it from any domain or seems to be same company each time ?
0
 
LVL 10

Expert Comment

by:doninja
Comment Utility
One other possibility is that local virus scanner is picking something up on any attachment if you have not excluded the notes temporarty folders and databases including mail.box
0
 
LVL 6

Expert Comment

by:bluemeln
Comment Utility
"554 Rejected for policy reasons" is a standard error message when a Domino server rejects a mail based on a mail rule. Mail rules are defined by the Domino admin and are stored in the server's configuration document on the Configuration tab > Messaging > Configurations > Router/SMTP > Restrictions and Controls.

When mail is rejected, the mail server does not notify the sender unless the rule specifically says to do so. However, the rejecting mail server usually still sends the "554 Rejected for policy reasons" to the sending mail server.

The first thing to do is to check the configuration document to see what mail rules are defined there. The second is to consider whether you would like intercepted messages to be moved to a quarantine database rather than have them rejected. The advantage would be that you could examine the original email. How this is done depends on the version of your Domino admin client.

The above information is available in Domino Administrator Help under "mail rules."
0
 
LVL 6

Expert Comment

by:bluemeln
Comment Utility
I forgot to mention that you can configure a server mail rule that has as the action "don't deliver" to send out an "NDR" (non-delivery report).
0
 
LVL 1

Author Comment

by:aneky
Comment Utility
Currently the only virus scanner installed on the domino server is Trendmicro Officescan & Scanmail. Officescan doesn't come with antispam plugin and Scanmail that is scanning the Domino nsf are not configure with antispam option with just normal scan. Please take note I have check the config document there isn't any mail rules or restrictions configure in the Router/SMTP > Restrictions and Controls.
0
 
LVL 1

Expert Comment

by:marlley
Comment Utility
Dont let you antivirus software scan the domino foder , not just nsf. Sometimes antivirus can crash your mail.box.

1 - Try to say to your antivirus software to dont scan  your domino folders ( install folder, data, translog, daos, etc..)   not just nsf.

2- If its possible, stop you domino, remove you mail.box ( or mail1.box, mail2.box ,etc..) if you have more then one. Do a fixup at your names.nsf , and start it again.

0
 
LVL 6

Expert Comment

by:bluemeln
Comment Utility
Aneky is not reporting problems with mail.box or freezing. The "554 Rejected for policy reasons" message is the standard message Lotus Domino sends out when a message in mail.box raises a flag because it meets a criteria in the configuration settings. This includes the "Restrictions" and the "Inbound SMTP Controls" tabs, so for example a maximum message size. Recreating mail.box is recommended for a similar 554 error: "554 error writing message to safe storage; message could not be stored to disk," but aneky's error literally says "message rejected by mail rule."

In the absence of specific mail rules, it is a common problem (check IBM message boards) to find out more details about this error. I have detailed logging enabled on our mail server. The log.nsf shows more details than just Routing Events, including the handshake for each email delivery attempt during which failures occur. The downside is the burden the extra logging puts on the processor and the space required for the log.
0
 
LVL 46

Expert Comment

by:Sjef Bosman
Comment Utility
@aneky: can you post small screen shots of some of the tabs in the Configuration document for the server? Router/SMTP, Restrictions and Controls, and then I'd like to see what's below the tabs Restrictions, SMTP Inbound Controls and SMTP Outbound Controls. Just an image of the contents, in JPEG or GIF format please.

Some more questions:
- is this a new server, or an existing one?
- since when do you observe this error? any changes lately?
- were there never any mail rules on the server?
- is your server the mail host for either iffcotokio.co.in or tokiomarineasia.com ? or is this an illegal relay?
- can you produce a similar screen shot of the Miscellaneous section in the log database, of around the same time as the one above?
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 1

Author Comment

by:aneky
Comment Utility
Here the configuration you requested.
Config-1.JPG
Config-2.JPG
Config-3.JPG
Config-4.JPG
Config-5.JPG
0
 
LVL 1

Author Comment

by:aneky
Comment Utility
The block is random for the iffcotokio.co.in address as some of this address are successfully send to tokiomarineasia.com
0
 
LVL 46

Expert Comment

by:Sjef Bosman
Comment Utility
Are any of these two domains on YOUR server??
0
 
LVL 29

Expert Comment

by:Sudeep Sharma
Comment Utility
Could you check any rule at the user Notes which is causing this?

Sudeep
0
 
LVL 1

Author Comment

by:aneky
Comment Utility
No the rules are not set at the user notes as the user can receive the email from the same receipient but occasionally it been block. None of those domain are in the server.
0
 
LVL 46

Expert Comment

by:Sjef Bosman
Comment Utility
Ah, so it's a mail from an external domain sent to an external domain? In that case Domino displays "intended behaviour": by default, Domino is not set up as an "open relay", i.e. Domino doesn't route mails from an external source to an external destination. In fact, most ISPs require that your mail host isn't an open relay, to be verified by some tests (example: http://www.abuse.net/relay.html ).

Very often, mail from and to external domains is spam. Why do you want your server to accept routing mail between the two domains you mentioned?
0
 
LVL 10

Accepted Solution

by:
doninja earned 500 total points
Comment Utility
Just looked at the shots you specified and the originating server is 10.100.91.14 which is not excluded from anti relay checks in your config document.

Either need to add host to the anti relay check field or set the mail domain as a valid receiving domain by putting it in the field
[Allow messages to be sent only to the following external internet domains:]
This will allow the mail into your server for the specified domain from any SMTP server to then be routed via domain documents.
0
 
LVL 46

Expert Comment

by:Sjef Bosman
Comment Utility
So 'twas an external source after all, as I said in #34194671 ?  Hmmm...
0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

You’ve got a lotus Domino web server, and you have been told that “leverage browser caching” is a must do. This means that we have to tell the browser everywhere in the web to use cache. In other words, we set (and send) an expiration date in the HT…
Problem "Can you help me recover my changes?  I double-clicked the attachment, made changes, and then hit Save before closing it.  But when I try to re-open it, my changes are missing!"    Solution This solution opens the Outlook Secure Temp Fold…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
You have products, that come in variants and want to set different prices for them? Watch this micro tutorial that describes how to configure prices for Magento super attributes. Assigning simple products to configurable: We assigned simple products…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now