Can not send an email to one domain.

jamyoung
jamyoung used Ask the Experts™
on
I get the Following message when sending to one domain. we host our exchange locally. Windows 2003 server with exchange verison 6 on it. i have tried going to system manager , servers, (server name), protocols, smtp smtp v server properties, access, reley allow all computers like other article i read. i have call the isp they said its not on there end. My spam people say they only worry about incoming and not out going. Its not just one user anyone on our domain cant send to this domain.


Your message did not reach some or all of the intended recipients.

      Subject:      Testing from globalservices
      Sent:      8/4/2011 2:39 PM

The following recipient(s) cannot be reached:

      djones@ctwp.com on 8/4/2011 2:36 PM
            You do not have permission to send to this recipient.  For assistance, contact your system administrator.
            <gs-exch-01.globalservices.local #5.7.1 smtp;550 5.7.1 <djones@ctwp.com>... Refused - Please relay through your ISP mail server HOST 209-253-216-154.ip.mcleodusa.net>


Any ideas?
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
This sounds like the receiving domain/target domain is refusing the request from your domain.  Two things I'd recommend checking, one see if you can get in contact with the recipients email administrator(s), secondly always as a precaution check the international black lists for email like spamhaus to be sure your domain is not on it.

This is all assuming that I'm reading your question right and that it's only one domain that you can't send to?

Author

Commented:
There is no one on the black list. i have connected there admin and they advised it is not on there side. (of coarse pass the buck). Yes and i have had no problems with any other domain other than that one.
I've run into that before.  In working with other administrators at other company's I have had to get their email address and send them a test email from my domain email, and another one from a personal email account like gmail or hotmail.  Then when I get the failure from the domain address (which by the way only shows the rejection as coming from your own exchange server because their server requested that the sender's server handle the rejection notice) I copy that into the personal email and send away.

How to Generate Services Revenue the Easiest Way

This Tuesday! Learn key insights about modern cyber protection services & gain practical strategies to skyrocket business:

- What it takes to build a cloud service portfolio
- How to determine which services will help your unique business grow
- Various use-cases and examples

It looks like the recipient server thinks that your IP address should not be sending email and not a SPAM related problem.  The only reason that I can think of this happening, is that your IP address is listed as a dynamic IP through a service like spamhaus.  Spamhaus has a few different lists that they track, not all of which are a true blacklist.  The PBL lists IP addresses that ISPs have said are dynamic addresses or otherwise should not be sending email directly.  This is often not updated by the ISPs if they make changes to address configuration, so it is often incorrect.  If you are listed in the PBL, you can request removal the same as a true blacklist.  The other lists that Spamhaus has lists IP addresses that are open relays or are known to be sending SPAM.

Author

Commented:
I would have no problem with that but this domain is an account that we have to send to all the time. so really cant have user be sending from there personal email.
See SterlingMcClung's response as well, but I don't mean that your user's should be sending from a personal account.  I mean that YOU need to do this with the recipients mail administrator until you can prove to them that there is a problem there.  

I would run through Sterling's suggestion and check the lists so that you can verify what the recipients administrator is saying as well.  Most organizations subscribe to one list or another for blacklisting to prevent spam, and open relays.  
What is your domain name?

Author

Commented:
globalservices.net

Author

Commented:
I dont show our ip on any of the list. There admin says that i am not on there black list.
It may be that the PTR record for your IP address does not match your ehlo name, and it looks like it is a dynamic style PTR.  Contact your ISP and see if you can change the name associated with your IP address.
 
C:\Users\SterlingMcClung>ping -a 209.253.216.154

Pinging 209-253-216-154.ip.mcleodusa.net [209.253.216.154] with 32 bytes of data:

Open in new window


If you are unable to do this, then you may not be able to resolve this easily.  Having the PTR record match your ehlo name is part of the SMTP RFC IIRC, so you should have this done even if it is not causing the problem.
Also make sure that you have an A record setup in your DNS zone for globalservices.net that points to that 209.253.216.154 that matches your ehlo name.

Author

Commented:
i will contact my isp again. jsut a fyi 209.253.216.154 is external ip of the server in house here. not to an external host.
Another thing that will help with diagnostics:

http://mxtoolbox.com/SuperTool.aspx?action=mx%3aglobalservices.net

I know.  That is the IP address that is trying to send email to ctwp.com.  If ctwp.com's email server checks if the PTR, or reverse DNS, it will see that it is not the same as the servername you give in your ehlo.  Some servers don't like to see this.  Yahoo and AT&T accounts are others that I remember dislike your type of setup.  If you can imagine a home user that is infected with malware that is sending out SPAM, the reverse DNS is not going to match and it is going to look like a dynamic address name.  Anything that looks like it has an IP address in the name is going to through red flags.
Top Expert 2014

Commented:
This is usually a reverse DNS issue.

Author

Commented:
Yeah i am sure it is a reverse dns issue. I think it is the isp issue but they are telling me that it is not them. i been going back and forth with them ,the company on the other side and spam filter. This is a nightmare for one doamin we can't send to.




Author

Commented:
finally got the isp to point the ip to the correct name and it works now thank you alot for all the help :)

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial