554 Rejected for policy reasons

Currently. I have a domino server that random block external domain email with the following error.

      "554 Rejected for policy reasons"

I had setup debug and capture the following SMTP Server:Error storing received message; message rejected by mail rule. I had check the server configuration there isn't any mail rule set in it neither DNS blacklist is configured. Anyone can help with this problem.
Mail-Failure.JPG
LVL 1
anekyAsked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
doninjaConnect With a Mentor Commented:
Just looked at the shots you specified and the originating server is 10.100.91.14 which is not excluded from anti relay checks in your config document.

Either need to add host to the anti relay check field or set the mail domain as a valid receiving domain by putting it in the field
[Allow messages to be sent only to the following external internet domains:]
This will allow the mail into your server for the specified domain from any SMTP server to then be routed via domain documents.
0
 
doninjaCommented:
Is it possible that this message was large and either exceeded the limit on message size or in some cases the size exceeds local storage capacity for mail.box and it cannot save the message.

Also seen some similar issues when the headers from the sending server where malformed or contained non rfc data and caused the smtp service to error.

How frequently is this happening and is it from any domain or seems to be same company each time ?
0
 
doninjaCommented:
One other possibility is that local virus scanner is picking something up on any attachment if you have not excluded the notes temporarty folders and databases including mail.box
0
Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
bluemelnCommented:
"554 Rejected for policy reasons" is a standard error message when a Domino server rejects a mail based on a mail rule. Mail rules are defined by the Domino admin and are stored in the server's configuration document on the Configuration tab > Messaging > Configurations > Router/SMTP > Restrictions and Controls.

When mail is rejected, the mail server does not notify the sender unless the rule specifically says to do so. However, the rejecting mail server usually still sends the "554 Rejected for policy reasons" to the sending mail server.

The first thing to do is to check the configuration document to see what mail rules are defined there. The second is to consider whether you would like intercepted messages to be moved to a quarantine database rather than have them rejected. The advantage would be that you could examine the original email. How this is done depends on the version of your Domino admin client.

The above information is available in Domino Administrator Help under "mail rules."
0
 
bluemelnCommented:
I forgot to mention that you can configure a server mail rule that has as the action "don't deliver" to send out an "NDR" (non-delivery report).
0
 
anekyAuthor Commented:
Currently the only virus scanner installed on the domino server is Trendmicro Officescan & Scanmail. Officescan doesn't come with antispam plugin and Scanmail that is scanning the Domino nsf are not configure with antispam option with just normal scan. Please take note I have check the config document there isn't any mail rules or restrictions configure in the Router/SMTP > Restrictions and Controls.
0
 
marlleyCommented:
Dont let you antivirus software scan the domino foder , not just nsf. Sometimes antivirus can crash your mail.box.

1 - Try to say to your antivirus software to dont scan  your domino folders ( install folder, data, translog, daos, etc..)   not just nsf.

2- If its possible, stop you domino, remove you mail.box ( or mail1.box, mail2.box ,etc..) if you have more then one. Do a fixup at your names.nsf , and start it again.

0
 
bluemelnCommented:
Aneky is not reporting problems with mail.box or freezing. The "554 Rejected for policy reasons" message is the standard message Lotus Domino sends out when a message in mail.box raises a flag because it meets a criteria in the configuration settings. This includes the "Restrictions" and the "Inbound SMTP Controls" tabs, so for example a maximum message size. Recreating mail.box is recommended for a similar 554 error: "554 error writing message to safe storage; message could not be stored to disk," but aneky's error literally says "message rejected by mail rule."

In the absence of specific mail rules, it is a common problem (check IBM message boards) to find out more details about this error. I have detailed logging enabled on our mail server. The log.nsf shows more details than just Routing Events, including the handshake for each email delivery attempt during which failures occur. The downside is the burden the extra logging puts on the processor and the space required for the log.
0
 
Sjef BosmanGroupware ConsultantCommented:
@aneky: can you post small screen shots of some of the tabs in the Configuration document for the server? Router/SMTP, Restrictions and Controls, and then I'd like to see what's below the tabs Restrictions, SMTP Inbound Controls and SMTP Outbound Controls. Just an image of the contents, in JPEG or GIF format please.

Some more questions:
- is this a new server, or an existing one?
- since when do you observe this error? any changes lately?
- were there never any mail rules on the server?
- is your server the mail host for either iffcotokio.co.in or tokiomarineasia.com ? or is this an illegal relay?
- can you produce a similar screen shot of the Miscellaneous section in the log database, of around the same time as the one above?
0
 
anekyAuthor Commented:
Here the configuration you requested.
Config-1.JPG
Config-2.JPG
Config-3.JPG
Config-4.JPG
Config-5.JPG
0
 
anekyAuthor Commented:
The block is random for the iffcotokio.co.in address as some of this address are successfully send to tokiomarineasia.com
0
 
Sjef BosmanGroupware ConsultantCommented:
Are any of these two domains on YOUR server??
0
 
Sudeep SharmaTechnical DesignerCommented:
Could you check any rule at the user Notes which is causing this?

Sudeep
0
 
anekyAuthor Commented:
No the rules are not set at the user notes as the user can receive the email from the same receipient but occasionally it been block. None of those domain are in the server.
0
 
Sjef BosmanGroupware ConsultantCommented:
Ah, so it's a mail from an external domain sent to an external domain? In that case Domino displays "intended behaviour": by default, Domino is not set up as an "open relay", i.e. Domino doesn't route mails from an external source to an external destination. In fact, most ISPs require that your mail host isn't an open relay, to be verified by some tests (example: http://www.abuse.net/relay.html ).

Very often, mail from and to external domains is spam. Why do you want your server to accept routing mail between the two domains you mentioned?
0
 
Sjef BosmanGroupware ConsultantCommented:
So 'twas an external source after all, as I said in #34194671 ?  Hmmm...
0
All Courses

From novice to tech pro — start learning today.