• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1188
  • Last Modified:

Exchange 2010 - Mail being rejected - Firwall Error

I'm getting random emails being rejected from different client systems it seems.

I host my own Exchange 2010 server.  FQDN mail.sosrad.com

Here is a copy of the rejected email / NDR
DB3EHSMHS017.bigfish.com rejected your message to the following e-mail addresses:

BOYLAN MEDICAL ASSOC-BROWNING, 310 (kelly.rosinski@tpnmd.com) <mailto:kelly.rosinski@tpnmd.com> 

DB3EHSMHS017.bigfish.com gave this error:
Firewall Error 

A problem occurred during the delivery of this message to this e-mail address. Try sending this message again. If the problem continues, please contact your helpdesk.

Diagnostic information for administrators:

Generating server: Atlas.sos.local

DB3EHSMHS017.bigfish.com #500 Firewall Error ##

Original message headers:

Received: from sosrad.com ( by mail.sosrad.com ( with  Microsoft SMTP Server id 14.0.722.0; Mon, 31 Oct 2011 11:16:42 -0400
Message-ID: <20111031151642183.LCMAZmyIM80Ct0DPAlZh@atlas.sos.local>
From: Southeastern Overread Services <reports@sosrad.com>
To: "BOYLAN MEDICAL ASSOC-BROWNING, 310" <kelly.rosinski@tpnmd.com>
Subject: Patient Report
Reply-To: <reports@sosrad.com>
Date: Mon, 31 Oct 2011 11:16:42 -0400
MIME-Version: 1.0
X-Priority: 1
X-MSMail-Priority: High
Content-Type: multipart/mixed;
Return-Path: reports@sosrad.com
Received-SPF: None (savers.sos.local: reports@sosrad.com does not designate  permitted sender hosts)

Open in new window

A few things that jump out at me...

1 Line 24:  It looks like my internal .local address is being used (atlas.sos.local) as my generating server.  When I check the send connected, the FQDN is listed as mail.sosrad.com
2 Line 44:  The "Received-SPF" at the very bottom is listing the "savers.sos.local" as not being a designated sender...  savers.sos.local is a NLB Cluster I run on my network of 2 servers and in no way is sending out any type of email.
  • 3
1 Solution
Brian_HuffAuthor Commented:
This has happened rarely in the past few months, but as of this morning 10/31/2011 I'm seeing a TON of them from multiple different domains we're sending to and I can't think of a single thing that has changed on our servers.
Brian_HuffAuthor Commented:
Ah, I have found the issue!

The Exchange server had a second IP address assigned to it which was incorrectly listed with another server in my DNS Server
Brian_HuffAuthor Commented:
Issue Found

Featured Post

Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now