Another "my email is getting blocked from sbcglobal.net" question

I started getting NDRs on mail sent to sbcglobal.net a couple weeks ago.  The end of the message stated to see att.net/blocks for more information.  I filled out the form and was notified that we were not on blacklist.  I then started research on other possible causes.

I first went to mxtoolbox.com and ran test (SMTP diag, reverse lookup, blacklist) and passed all.

I then went to dnsstuff.com and ran their Mail Server Test Center.  This test showed I was missing SPF records.  I created the TXT records for my domain  at networksolutions.com and ran the Mail server test the next morning and passed all.  Test email to sbcglobal.net resulted in immediate NDR.

Next I ran the Domain Doctor test on dnsstuff.com.  This test stated I Failed the SMTP greeting(Checks the SMTP for validity).  I created the needed A records on network solutions to reflect my Barracuda spam box(barracuda.company.com 7200 6x.x2.9x.3x).  Ran the Domain Doctor test the following day and passed.  Test email to sbcglobal.net resulted in immediate NDR.

I had a friend take a look at the NDR today and he noticed something immediately.  The FQDN in the NDR was server.internaldomain.local.  I went to Advanced Delivery in the Default SMTP Virtual Server Properties and changed the Masquerade domain to publicdomain.com and the FQDN to email.publicdomain.com.  Test email to sbcglobal.net resulted in immediate NDR but now with updated FQDN.  The current NDR is as follows:

The following recipient(s) cannot be reached:

      name@sbcglobal.net on 1/5/2012 11:41 AM
            The message cannot be delivered due to a configuration error on the server. Please contact your Administrator.
            <email.companyname.com #5.3.0 smtp;553 5.3.0 flpd110 DNSBL:RBL 521< 6x.x2.9x.3x >_is_blocked.__For_information_see_http://att.net/blocks>



My friend stated that he thought my IP was on the blacklist so today I filled out the form and while typing this post I received and email stating again that I was not on the blacklist.

Sorry for the long post but I wanted to let you know I have researched and tried several things but I am out of ideas.

Any help on this would be greatly appreciated !
raymannAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Maen Abu-TabanjehNetwork Administrator, Network ConsultantCommented:
did you check that domain is listed in blacklist? using mxtoolbox.com

its maybe listed.. check and back to me.
0
raymannAuthor Commented:
Sorry I forgot to mention that I had checked my ip against mxtoolbox and dnsstuff blacklist test.  My IP passes all test on both sites.  Thanks for your response.
0
Maen Abu-TabanjehNetwork Administrator, Network ConsultantCommented:
am curious did on receive connector permission group did you tick anonymous on both connectors?
0
Determine the Perfect Price for Your IT Services

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden with our free interactive tool and use it to determine the right price for your IT services. Download your free eBook now!

raymannAuthor Commented:
I am sorry I dont understand the question.  I also forgot the mention that the server is 2003 server std.
0
Maen Abu-TabanjehNetwork Administrator, Network ConsultantCommented:
ahaaaa 2003 i thought its 2007 or 2010 , however , there is many causes for this problem , so we need to start with your server :

first download this tools diagsmtp :

http://www.microsoft.com/download/en/details.aspx?displaylang=en&id=11393

then follow this link to do the test :

http://www.msexchange.org/tutorials/SMTPDIAGdiagnose-Exchange-2003-SMTP-DNS.html

also we need to check A record and PTR
0
raymannAuthor Commented:
What did you have in mind for checking A record and PTR?

SMTPDIAG results below:

C:\Documents and Settings\Administrator.RJEXCHANGE\SmtpDiag>smtpdiag jmann@ramja
ck.com phillipxxi@sbcgobal.net /V

Searching for Exchange external DNS settings.
Computer name is RAMDATA.
VSI 1 has the following external DNS servers:
There are no external DNS servers configured.

Checking SOA for sbcgobal.net.
Checking external DNS servers.
Checking internal DNS servers.

Checking TCP/UDP SOA serial number using DNS server [192.168.100.5].
TCP test succeeded.
UDP test succeeded.
Serial number: 2010100804
SOA serial number match: Passed.

Checking local domain records.
Starting TCP and UDP DNS queries for the local domain. This test will try to
validate that DNS is set up correctly for inbound mail. This test can fail for
3 reasons.
    1) Local domain is not set up in DNS. Inbound mail cannot be routed to
local mailboxes.
    2) Firewall blocks TCP/UDP DNS queries. This will not affect inbound mail,
but will affect outbound mail.
    3) Internal DNS is unaware of external DNS settings. This is a valid
configuration for certain topologies.
Checking MX records using TCP: ramjack.com.
  MX:    email.ramjack.com (10)
  A:     email.ramjack.com [69.92.92.31]
Checking MX records using UDP: ramjack.com.
  MX:    email.ramjack.com (10)
  A:     email.ramjack.com [69.92.92.31]
Both TCP and UDP queries succeeded. Local DNS test passed.

Checking remote domain records.
Starting TCP and UDP DNS queries for the remote domain. This test will try to
validate that DNS is set up correctly for outbound mail. This test can fail for
3 reasons.
    1) Firewall blocks TCP/UDP queries which will block outbound mail. Windows
2000/NT Server requires TCP DNS queries. Windows Server 2003 will use UDP
queries first, then fall back to TCP queries.
    2) Internal DNS does not know how to query external domains. You must
either use an external DNS server or configure DNS server to query external
domains.
    3) Remote domain does not exist. Failure is expected.
Checking MX records using TCP: sbcgobal.net.
  MX:    mx.fakemx.net (0)
  A:     mx.fakemx.net [176.9.24.81]
  A:     mx.fakemx.net [46.4.35.23]
Checking MX records using UDP: sbcgobal.net.
  MX:    mx.fakemx.net (0)
Both TCP and UDP queries succeeded. Remote DNS test passed.

Checking MX servers listed for phillipxxi@sbcgobal.net.
Connecting to mx.fakemx.net [46.4.35.23] on port 25.
Received:
220 mx.fakemx.net ESMTP Service Ready
421 Closing connection

Sent:
ehlo ramjack.com

Warning: Expected "250". Server does not support EHLO.
Sent:
helo ramjack.com

Error: Expected "250". Server appears to be refusing the connection.
Failed to submit mail to mx.fakemx.net.
Connecting to mx.fakemx.net [176.9.24.81] on port 25.
Received:
421 mx.fakemx.net Service Unavailable

Error: Expected "220". Server is not accepting connections.
Failed to submit mail to mx.fakemx.net.
0
raymannAuthor Commented:
Sorry I had misspelled a word in the diag test..the correct results are as follows:

There are no external DNS servers configured.

Checking SOA for sbcglobal.net.
Checking external DNS servers.
Checking internal DNS servers.

Checking TCP/UDP SOA serial number using DNS server [192.168.100.5].
TCP test succeeded.
UDP test succeeded.
Serial number: 2011123000
SOA serial number match: Passed.

Checking local domain records.
Starting TCP and UDP DNS queries for the local domain. This test will try to
validate that DNS is set up correctly for inbound mail. This test can fail for
3 reasons.
    1) Local domain is not set up in DNS. Inbound mail cannot be routed to
local mailboxes.
    2) Firewall blocks TCP/UDP DNS queries. This will not affect inbound mail,
but will affect outbound mail.
    3) Internal DNS is unaware of external DNS settings. This is a valid
configuration for certain topologies.
Checking MX records using TCP: ramjack.com.
  MX:    email.ramjack.com (10)
  A:     email.ramjack.com [69.92.92.31]
Checking MX records using UDP: ramjack.com.
  MX:    email.ramjack.com (10)
  A:     email.ramjack.com [69.92.92.31]
Both TCP and UDP queries succeeded. Local DNS test passed.

Checking remote domain records.
Starting TCP and UDP DNS queries for the remote domain. This test will try to
validate that DNS is set up correctly for outbound mail. This test can fail for
3 reasons.
    1) Firewall blocks TCP/UDP queries which will block outbound mail. Windows
2000/NT Server requires TCP DNS queries. Windows Server 2003 will use UDP
queries first, then fall back to TCP queries.
    2) Internal DNS does not know how to query external domains. You must
either use an external DNS server or configure DNS server to query external
domains.
    3) Remote domain does not exist. Failure is expected.
Checking MX records using TCP: sbcglobal.net.
  MX:    sbcmx7.prodigy.net (10)
  MX:    sbcmx8.prodigy.net (10)
  MX:    sbcmx9.prodigy.net (10)
  MX:    sbcmx1.prodigy.net (10)
  MX:    sbcmx2.prodigy.net (10)
  MX:    sbcmx3.prodigy.net (10)
  MX:    sbcmx4.prodigy.net (10)
  MX:    sbcmx5.prodigy.net (10)
  MX:    sbcmx6.prodigy.net (10)
  A:     sbcmx7.prodigy.net [207.115.37.21]
  A:     sbcmx8.prodigy.net [207.115.36.22]
  A:     sbcmx9.prodigy.net [207.115.37.23]
  A:     sbcmx1.prodigy.net [207.115.21.20]
  A:     sbcmx2.prodigy.net [207.115.20.21]
  A:     sbcmx3.prodigy.net [207.115.21.22]
  A:     sbcmx4.prodigy.net [207.115.20.23]
  A:     sbcmx5.prodigy.net [207.115.21.24]
  A:     sbcmx6.prodigy.net [207.115.36.20]
Checking MX records using UDP: sbcglobal.net.
  MX:    sbcmx8.prodigy.net (10)
  MX:    sbcmx9.prodigy.net (10)
  MX:    sbcmx1.prodigy.net (10)
  MX:    sbcmx2.prodigy.net (10)
  MX:    sbcmx3.prodigy.net (10)
  MX:    sbcmx4.prodigy.net (10)
  MX:    sbcmx5.prodigy.net (10)
  MX:    sbcmx6.prodigy.net (10)
  MX:    sbcmx7.prodigy.net (10)
Both TCP and UDP queries succeeded. Remote DNS test passed.

Checking MX servers listed for phillipxxi@sbcglobal.net.
Connecting to sbcmx6.prodigy.net [207.115.36.20] on port 25.
Received:
220 nlpi167.prodigy.net ESMTP Sendmail 8.14.4 IN/8.14.4; Fri, 6 Jan 2012 09:02:3
0 -0600


Sent:
ehlo ramjack.com

Received:
250-nlpi167.prodigy.net Hello email.ramjack.com [69.92.92.31], pleased to meet y
ou
250 ENHANCEDSTATUSCODES


Sent:
mail from: <jmann@ramjack.com>

Received:
553 5.3.0 nlpi167 DNSBL:RBL 521< 69.92.92.31 >_is_blocked.__For_information_see_
http://att.net/blocks


Error: Expected "250". Server rejected the sender address.
Failed to submit mail to sbcmx6.prodigy.net.
Connecting to sbcmx5.prodigy.net [207.115.21.24] on port 25.
Received:
220 flpd241.prodigy.net ESMTP Sendmail 8.14.4 IN/8.14.4; Fri, 6 Jan 2012 07:02:3
1 -0800


Sent:
ehlo ramjack.com

Received:
250-flpd241.prodigy.net Hello email.ramjack.com [69.92.92.31], pleased to meet y
ou
250 ENHANCEDSTATUSCODES


Sent:
mail from: <jmann@ramjack.com>

Received:
553 5.3.0 flpd241 DNSBL:RBL 521< 69.92.92.31 >_is_blocked.__For_information_see_
http://att.net/blocks


Error: Expected "250". Server rejected the sender address.
Failed to submit mail to sbcmx5.prodigy.net.
Connecting to sbcmx4.prodigy.net [207.115.20.23] on port 25.
Received:
220 flpd124.prodigy.net ESMTP Sendmail 8.14.4 IN/8.14.4; Fri, 6 Jan 2012 07:02:3
1 -0800


Sent:
ehlo ramjack.com

Received:
250-flpd124.prodigy.net Hello email.ramjack.com [69.92.92.31], pleased to meet y
ou
250 ENHANCEDSTATUSCODES


Sent:
mail from: <jmann@ramjack.com>

Received:
553 5.3.0 flpd124 DNSBL:RBL 521< 69.92.92.31 >_is_blocked.__For_information_see_
http://att.net/blocks


Error: Expected "250". Server rejected the sender address.
Failed to submit mail to sbcmx4.prodigy.net.
Connecting to sbcmx3.prodigy.net [207.115.21.22] on port 25.
Received:
220 flpd119.prodigy.net ESMTP Sendmail 8.14.4 IN/8.14.4; Fri, 6 Jan 2012 07:02:3
2 -0800


Sent:
ehlo ramjack.com

Received:
250-flpd119.prodigy.net Hello email.ramjack.com [69.92.92.31], pleased to meet y
ou
250 ENHANCEDSTATUSCODES


Sent:
mail from: <jmann@ramjack.com>

Received:
553 5.3.0 flpd119 DNSBL:RBL 521< 69.92.92.31 >_is_blocked.__For_information_see_
http://att.net/blocks


Error: Expected "250". Server rejected the sender address.
Failed to submit mail to sbcmx3.prodigy.net.
Connecting to sbcmx2.prodigy.net [207.115.20.21] on port 25.
Received:
220 flpd110.prodigy.net ESMTP Sendmail 8.14.4 IN/8.14.4; Fri, 6 Jan 2012 07:02:3
2 -0800


Sent:
ehlo ramjack.com

Received:
250-flpd110.prodigy.net Hello email.ramjack.com [69.92.92.31], pleased to meet y
ou
250 ENHANCEDSTATUSCODES


Sent:
mail from: <jmann@ramjack.com>

Received:
553 5.3.0 flpd110 DNSBL:RBL 521< 69.92.92.31 >_is_blocked.__For_information_see_
http://att.net/blocks


Error: Expected "250". Server rejected the sender address.
Failed to submit mail to sbcmx2.prodigy.net.
Connecting to sbcmx1.prodigy.net [207.115.21.20] on port 25.
Received:
220 flph257.prodigy.net ESMTP Sendmail 8.14.4 IN nd2 IP2/8.14.4; Fri, 6 Jan 2012
 07:02:33 -0800


Sent:
ehlo ramjack.com

Received:
250-flph257.prodigy.net Hello email.ramjack.com [69.92.92.31], pleased to meet y
ou
250 ENHANCEDSTATUSCODES


Sent:
mail from: <jmann@ramjack.com>

Received:
553 5.3.0 flph257 DNSBL:RBL 521< 69.92.92.31 >_is_blocked.__For_information_see_
http://att.net/blocks


Error: Expected "250". Server rejected the sender address.
Failed to submit mail to sbcmx1.prodigy.net.
Connecting to sbcmx9.prodigy.net [207.115.37.23] on port 25.
Received:
220 nlpi154.prodigy.net ESMTP Sendmail 8.14.4 IN/8.14.4; Fri, 6 Jan 2012 09:02:3
3 -0600


Sent:
ehlo ramjack.com

Received:
250-nlpi154.prodigy.net Hello email.ramjack.com [69.92.92.31], pleased to meet y
ou
250 ENHANCEDSTATUSCODES


Sent:
mail from: <jmann@ramjack.com>

Received:
553 5.3.0 nlpi154 DNSBL:RBL 521< 69.92.92.31 >_is_blocked.__For_information_see_
http://att.net/blocks


Error: Expected "250". Server rejected the sender address.
Failed to submit mail to sbcmx9.prodigy.net.
Connecting to sbcmx8.prodigy.net [207.115.36.22] on port 25.
Received:
220 nlpi149.prodigy.net ESMTP Sendmail 8.14.4 IN/8.14.4; Fri, 6 Jan 2012 09:02:3
3 -0600


Sent:
ehlo ramjack.com

Received:
250-nlpi149.prodigy.net Hello email.ramjack.com [69.92.92.31], pleased to meet y
ou
250 ENHANCEDSTATUSCODES


Sent:
mail from: <jmann@ramjack.com>

Received:
553 5.3.0 nlpi149 DNSBL:RBL 521< 69.92.92.31 >_is_blocked.__For_information_see_
http://att.net/blocks


Error: Expected "250". Server rejected the sender address.
Failed to submit mail to sbcmx8.prodigy.net.
Connecting to sbcmx7.prodigy.net [207.115.37.21] on port 25.
Received:
220 nlpi177.prodigy.net ESMTP Sendmail 8.14.4 IN/8.14.4; Fri, 6 Jan 2012 09:02:3
4 -0600


Sent:
ehlo ramjack.com

Received:
250-nlpi177.prodigy.net Hello email.ramjack.com [69.92.92.31], pleased to meet y
ou
250 ENHANCEDSTATUSCODES


Sent:
mail from: <jmann@ramjack.com>

Received:
553 5.3.0 nlpi177 DNSBL:RBL 521< 69.92.92.31 >_is_blocked.__For_information_see_
http://att.net/blocks


Error: Expected "250". Server rejected the sender address.
Failed to submit mail to sbcmx7.prodigy.net.

C:\Documents and Settings\Administrator.RJEXCHANGE\SmtpDiag>
0
Maen Abu-TabanjehNetwork Administrator, Network ConsultantCommented:
did you check the configuration here in the picture?

try to add google global external DNS
8.8.8.8
8.8.4.4

 image0061110296607422.jpg
0
raymannAuthor Commented:
I saw that but thought it was optional.  My current External DNS is blank.  Should I not put in the dns for my ISP?  I am just concerned about the ramifications of using googles public dns.  Will adding the google dns server have any effect on my current mail flow?  If I do add the google dns, should I run the SMTPdiag test again right away or do I need to wait?
0
Maen Abu-TabanjehNetwork Administrator, Network ConsultantCommented:
ok , just maybe your ISP have blocked some target address , google global DNS are stable 24 hours and never been down or point to wrong destination , actually external DNS is not effect on your mailflow its just resolving the name of the target address , try it and send email again , you may need to restart exchange services after applying DNS , do it and tell if its going fine or not.
0
Maen Abu-TabanjehNetwork Administrator, Network ConsultantCommented:
send email directly after applying , check if there is NDR report appears
0
raymannAuthor Commented:
Changed the External DNS to 8.8.8.8 and 8.8.4.4 and rebooted server.  Test email to sbcglobal.net resulted in immediate NDR

The following recipient(s) cannot be reached:

      userxx@sbcglobal.net on 1/6/2012 1:14 PM
            The message cannot be delivered due to a configuration error on the server. Please contact your Administrator.
            <email.company.com #5.3.0 smtp;553 5.3.0 nlpi177 DNSBL:RBL 521< 6x.9x.x2.x1 >_is_blocked.__For_information_see_http://att.net/blocks>
.
0
Maen Abu-TabanjehNetwork Administrator, Network ConsultantCommented:
just curious , is this domain sbcglobal.net  is yours? 2nd thing did you try to send from external mail provider like hotmail to userxx@sbcglobal.net?
3rd thing did you try to send email from your exchange to hotmail for example? just try these and report me
0
raymannAuthor Commented:
The sbcglobal.net is not mine, it belongs to an employee of mine.  I have tried to email another sbcglobal address with the same results.  I have tested the address from gmail and yahoo and they both seem to work fine.  We are not having issues sending to any other domains that I know of besides sbcglobal.net.  All mail to hotmail,gmail, yahoo and other domains is flowing normally.
0
Maen Abu-TabanjehNetwork Administrator, Network ConsultantCommented:
ok , another test required to make things clear :

https://www.testexchangeconnectivity.com/

go and do test Outbound SMTP and post results here.
0
raymannAuthor Commented:
I bold the only portion that did not show a green check mark.


Test Details
      Performing Outbound SMTP Test
       The outbound SMTP test was successful.
       
      Test Steps
       
      Attempting reverse DNS lookup for IP address 69.92.92.31.
       ExRCA successfully resolved IP address 69.92.92.31 via reverse DNS lookup.
       
      Additional Details
       ExRCA resolved IP address 69.92.92.31 to host email.ramjack.com.
      Performing Real-Time Blackhole List (RBL) Test
       Your IP address wasn't found on any of the block lists selected.
       
      Test Steps
       
      Checking Block List "SpamHaus Block List (SBL)"
       The address isn't on the block list.
       
      Additional Details
       IP address 69.92.92.31 wasn't found on RBL.
      Checking Block List "SpamHaus Exploits Block List (XBL)"
       The address isn't on the block list.
       
      Additional Details
       IP address 69.92.92.31 wasn't found on RBL.
      Checking Block List "SpamHaus Policy Block List (PBL)"
       The address isn't on the block list.
       
      Additional Details
       IP address 69.92.92.31 wasn't found on RBL.
      Checking Block List "SpamCop Block List"
       The address isn't on the block list.
       
      Additional Details
       IP address 69.92.92.31 wasn't found on RBL.
      Checking Block List "NJABL.ORG Block List"
       The address isn't on the block list.
       
      Additional Details
       IP address 69.92.92.31 wasn't found on RBL.
      Checking Block List "SORBS Block List"
       The address isn't on the block list.
       
      Additional Details
       IP address 69.92.92.31 wasn't found on RBL.
      Checking Block List "MSRBL Combined Block List"
       The address isn't on the block list.
       
      Additional Details
       IP address 69.92.92.31 wasn't found on RBL.
      Checking Block List "UCEPROTECT Level 1 Block List"
       The address isn't on the block list.
       
      Additional Details
       IP address 69.92.92.31 wasn't found on RBL.
      Checking Block List "AHBL Block List"
       The address isn't on the block list.
       
      Additional Details
       IP address 69.92.92.31 wasn't found on RBL.
      Performing Sender ID validation.
       Sender ID validation was performed successfully.
       
      Test Steps
       
      Attempting to find the SPF record using a DNS TEXT record query.
       The SPF record was found.
       
      Additional Details
       SPF record found: "v=spf1 a mx ptr ip4:69.92.92.31 -all"
      Parsing the SPF record and evaluating mechanisms and modifiers.
       The SPF record was parsed and evaluated successfully.
       
      Test Steps
       
      Evaluating A Record lookup mechanism: "+a"
       
      Additional Details
       The DNS A Record lookup for IP address 69.92.92.31 found no match for domain ramjack.com.
      Evaluating MX mechanism: "+mx"
       The MX mechanism indicated a positive status.
       
      Additional Details
       ExRCA matched MX lookup for ramjack.com to IP address 69.92.92.31.
0
Maen Abu-TabanjehNetwork Administrator, Network ConsultantCommented:
The DNS A Record lookup for IP address 69.92.92.31 found no match for domain ramjack.com.

here is the point .. i checked using IP tools there is A record pointing to :

ramjack.com.       7200      IN      A      206.221.222.146

is this IP correct?
0
raymannAuthor Commented:
206.221.222.146 is the IP of our website www.ramjack.com.

69.92.92.31 is the static IP from our ISP..ie my exchange server.
0
Maen Abu-TabanjehNetwork Administrator, Network ConsultantCommented:
yes , i tested it , that's correct you should have A record in your domain DNS that name is email.ramjack.com and point to 69.92.92.31.

this example :

http://www.iptools.com/dnstools.php?tool=dns&user_data=mail.siniorafood.com&type=A

domain : siniorafood.com
they have A record that point to website siniorafood.com
and other record mail.siniorafood.com that point to the mail server
0
raymannAuthor Commented:
These are the A records I have had for a long time with the addition of the barracuda.ramjack.com that I added a few days ago to help with sbcglobal.net NDRs

 A Records
0
Maen Abu-TabanjehNetwork Administrator, Network ConsultantCommented:
let me do some checks.. just little time i will back
0
Maen Abu-TabanjehNetwork Administrator, Network ConsultantCommented:
just curious , can you ping  sbcglobal.net from your side?
0
Maen Abu-TabanjehNetwork Administrator, Network ConsultantCommented:
please check your local mx .. follow this article :

http://support.microsoft.com/?kbid=203204
0
Maen Abu-TabanjehNetwork Administrator, Network ConsultantCommented:
also try to stop windows firewall and send email again , see if you get NDR again
0
raymannAuthor Commented:
ping results:

Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation.  All rights reserved.

C:\Users\jmann>ping sbcglobal.net
Ping request could not find host sbcglobal.net. Please check the name and try ag
ain.
0
Maen Abu-TabanjehNetwork Administrator, Network ConsultantCommented:
i got same result , but anyway , try stop windows firewall on the server and send email again then follow microsoft article about mx
0
raymannAuthor Commented:
The firewall on the Exchange server is not on.

I am not sure what domain after i set q=mx so i did both ramjack.com and email.ramjack.com

C:\Documents and Settings\Administrator.RJEXCHANGE>nslookup
Default Server:  rjfs01.rjexchange
Address:  192.168.100.5

> set q=mx
> ramjack.com
Server:  rjfs01.rjexchange
Address:  192.168.100.5

Non-authoritative answer:
ramjack.com     MX preference = 10, mail exchanger = email.ramjack.com

email.ramjack.com       internet address = 69.92.92.31




> set q=mx
> email.ramjack.com
Server:  rjfs01.rjexchange
Address:  192.168.100.5

ramjack.com
        primary name server = ns11.worldnic.com
        responsible mail addr = namehost.worldnic.com
        serial  = 112010318
        refresh = 10800 (3 hours)
        retry   = 3600 (1 hour)
        expire  = 604800 (7 days)
        default TTL = 3600 (1 hour)
0
Maen Abu-TabanjehNetwork Administrator, Network ConsultantCommented:
that's must be correct , now try send email
0
raymannAuthor Commented:
Sent mail and got NDR within 5 seconds.
0
Maen Abu-TabanjehNetwork Administrator, Network ConsultantCommented:
oops 5 seconds?am trying to retrieve IP address of sbcglobal.net or A record or any information , i can not get information , you told me that you have sent email to user@sbcglobal.net from hotmail and its works fine?
0
Maen Abu-TabanjehNetwork Administrator, Network ConsultantCommented:
i feel that other side have anti spam that blocked your domain.. this the last thing you need to check it
0
raymannAuthor Commented:
I have sent phillipxxi@sbcglobal.net from gmail and yahoo and have not recieved NDR.  Feel free to send a test email to that address.  I have filled out the form at att.net/blocks twice this week and both time was told my IP was NOT on the blacklist.
0
Maen Abu-TabanjehNetwork Administrator, Network ConsultantCommented:
ok , let me try some tests.. thank you
0
raymannAuthor Commented:
I am leaving work for the weekend.  Can we start this again on Monday?
0
Maen Abu-TabanjehNetwork Administrator, Network ConsultantCommented:
i tried from my exchange 2007 to send to the target i got NDR also :

Delivery has failed to these recipients or distribution lists:

phillipxxi@sbcglobal.net
A problem occurred during delivery of this message. Microsoft Exchange will not try to redeliver this message for you. Please try resending this message later, or provide the following diagnostic text to your system administrator.

The following organization rejected your message: nlpi122.prodigy.net.


let me do extra investigation
0
Maen Abu-TabanjehNetwork Administrator, Network ConsultantCommented:
ok , even in holiday contact me or be here we will be on touch , i guess its other side problem , is he have exchange server??? if its there is problem with receive connector in his exchange side -> permission group is not enable recieve from exchange server.. i think its the problem
0
Maen Abu-TabanjehNetwork Administrator, Network ConsultantCommented:
i got the above result because i did not get NDR report from hotmail but got it from exchange .. this main idea
0
raymannAuthor Commented:
He does not have an exchange server.  sbcglobal.net is a huge email domain with millions of users all over the US very similar to a yahoo or hotmail email address.
0
Maen Abu-TabanjehNetwork Administrator, Network ConsultantCommented:
ahaaaaaaaa , so why i have got the NDR also, its seems something missed here , you are in US and am in Amman - Jordan , both we have exchange and both we got NDR i have exchange 2007 and you have exchange 2003 , i tried to sent from other email provider its received ok , i tried from hotmail no NDR reports generated also , so the problem is there , did you try to contact them and explain the problem more that you have tried from different countries on exchange and you got the problem , i tried from
administrator@edata-tc.com -> NDR
from mtabanjeh@iton-jo.com -> delivered.
from jordannet@hotmail.com -> delivered

i don't think its problem from exchange , note that exchange 2007 that i used is not open relay..
try to explain the problem for them , am sure its not exchange problem
0
Maen Abu-TabanjehNetwork Administrator, Network ConsultantCommented:
i will try in the morning also , but i apologize tonight its 2:00 AM and i have workday tomorrow i need to sleep  , so when i reach  office i will back to you ..accept my apologize ..

regards

Maen Abu-Tabanjeh
Amman - Jordan
0
raymannAuthor Commented:
No need to apologize! I really appreciate you help.  We can try more options on Monday.
0
raymannAuthor Commented:
Ok its Monday and a new week..lets see if we can figure this out!
0
Maen Abu-TabanjehNetwork Administrator, Network ConsultantCommented:
allright , i will be with you
0
raymannAuthor Commented:
Any more thoughts on this issue?  Can we escalate it to maybe get some new eyes and thoughts on the problem?
0
Maen Abu-TabanjehNetwork Administrator, Network ConsultantCommented:
so what is update ... it was long time , i am worry about you ...
0
raymannAuthor Commented:
Sent test email to sbcglobal.net this afternoon and received NDR within 10 secs.  Do you have any other thoughts on the issue and can we escalate to see if anyone else has any ideas?
0
Maen Abu-TabanjehNetwork Administrator, Network ConsultantCommented:
do you have anti spam or exchange edge transporter that have exchange activated?
0
raymannAuthor Commented:
I have a barracuda Virus and Spam firewall 300.
0
Maen Abu-TabanjehNetwork Administrator, Network ConsultantCommented:
am doing some extra investigation on my computer , btw did you check that the domain or email address is not blocked by anti spam?
0
raymannAuthor Commented:
Are you asking me if my barracuda is blocking outgoing email?
0
Maen Abu-TabanjehNetwork Administrator, Network ConsultantCommented:
yes .. is it blocking??
0
raymannAuthor Commented:
as far as i can tell my barracuda is not blocking mail going to sbcglobal.net
0
Maen Abu-TabanjehNetwork Administrator, Network ConsultantCommented:
if its not please try this :

can you go to EMC-> organization configuration -> hub transport -> send connector -> you may have 2 connectors -> double click on each one select the one that have FQDN domain.local -> go to network tab -> check if it selected route the mail through the following smart host and add smart host of your domain which is "mail.domain.com" -> click on smart host authentication and set to None .. then restart Exchange services and try again
0
raymannAuthor Commented:
Is the EMC the same as Exchagne system manager? I ask because I dont see any of the steps you mentions above (organization configuration -> hub transport -> send connector)
0
Maen Abu-TabanjehNetwork Administrator, Network ConsultantCommented:
oh friend ... am sorry EMC is exchange management Console .. sorry for miss that .. just try and let me know
0
raymannAuthor Commented:
I am aware of the EMC but i do not see the path you are talking about. I do not see organization configuration -> hub transport -> send connector.
0
Maen Abu-TabanjehNetwork Administrator, Network ConsultantCommented:
oops , i forgot its exchange 2003 , sorry for that i thought its 2007 ...
look here :

http://www.arrowmail.co.uk/howto/smrthost.aspx
0
raymannAuthor Commented:
I made the changes you suggest and starting get NDRs on all mail!! I quickly changed back and mail is flowing again.

I only had 1 Connector called RamJack SMTP as pictured:
 smtp connector
I made the changes as pictured:
 smtp props
I did not see a smart host authentication but there was an outbound security option under the advanced tab.  I left the setting to Anonymous.

 smtp security
Did i do something wrong?
0
raymannAuthor Commented:
Any help with this issue?  I think we may be on different time schedules.  Is there someone else who could help me with this issue?
0
Maen Abu-TabanjehNetwork Administrator, Network ConsultantCommented:
hi , sorry for yesterday i just fall in sleep over keyboard ..lol , i will do extra investigations , i sent to philipxx email from hotmail he replied and i asked him to send me to administrator@edata-tc.com , which is exchange server , let me check the email
0
Maen Abu-TabanjehNetwork Administrator, Network ConsultantCommented:
he either did not send or did receive NDR , can you check with him? if he got NDR let him forward it to me
0
raymannAuthor Commented:
I do not think he sent it but I will ask him next time I see him.  What do you think of the idea of having an sbcglobal.net customer call at&t and complain about not getting important emails?
0
Maen Abu-TabanjehNetwork Administrator, Network ConsultantCommented:
yes raymann , because seems problem with all exchange servers ,i  tried from 3 customers exchange 2003 , 2007 , 2010 all got NDR , the problem that its not reachable from Exchange server , yahoo and hotmail using different method to send emails unlike exchange , i still doubt of something which is HELO , HELO is protocol negotiations between servers so seem that sbcglobal may not support this , let me figure it out on my exchange.
0
Maen Abu-TabanjehNetwork Administrator, Network ConsultantCommented:
ooops i forgot this question , i will do some tests and back for you , am sorry i was too busy
0
arnoldCommented:
Is your IP 6x.x2.9x.3x (with the X's filled out ofcourse)?
Check with the recipient whether they mistakenly added your email into their blacklist.

You can use the following:
nslookup -q=mx sbcglobal.net
pick one of the mail exchanger from the list
telnet <mailexchanger> 25
ehlo your_name
mail from: <youremailaddress>
rcpt to: postmaster@sbcglobal.com
<<<<What do you get as a response?>>>>
data
From: <youremailaddress>
To: <postmaster@sbcglobal.com>
Subject: testing my emails bounding with DNSBL:RBL 521 error

This is a test

.
<<<WHat do you get as a response here?>>>>

You IP may have appear on the list at one point and was cleared.

0
Maen Abu-TabanjehNetwork Administrator, Network ConsultantCommented:
arnold ... i just did test few days ago with the target address , from my exchange server if sent him an email i get NDR the same one that he got , but the same email address sent to me email to my exchange i got it successfully , from hotmail or yahoo can send receive from successfully  
0
Jon BrelieSystem ArchitectCommented:
Please do the following from the command prompt on your exchange server:

telnet sbcmx7.prodigy.net 25 

Open in new window

      ##This will initiate a connection to the remote SMTP for sbcglobal

##Type the following commands into the connection and report any errors.  You can copy and paste them:

helo email.ramjack.com
mail from: your@realaddress.com
rcpt to: phillipxxi@sbcglobal.net
data
from: You <your@realaddress.com>
to: Phil <phillipxxi@sbcglobal.net>
subject: test message
test
.

Open in new window



Make sure you include the single "." on the last line.  Let me know if you receive any errors sending a message that way.

0
raymannAuthor Commented:
I have submitted a total of 4 request over the last couple of weeks to att.net/blocks and via email at abuse_rbl@abuse-att.net and they are stated that my IP was not on blacklist.

I will try to telnet and get back to you with the results.
0
arnoldCommented:
usually NDR will be coming from your own server and not from theirs. Check whether the person to whom you are sending email, may have/use software to deal with spam by mimicking mail handling. mailwasher I think was one of those that would reprocess a message that was already delivered to the user's mailbox via POP and would generate an "NDR" under certain circumstances to make it appear that the destination is invalid/non-existent etc.

Check the full message headers of the NDR what does it show for the "true sender" (note the absence of the colon) From <emailaddress>?

0
Maen Abu-TabanjehNetwork Administrator, Network ConsultantCommented:
can you please do this check :

Start ESM
Go to Servers -> Protocols
Select Default SMTP Virtual Server Properties
Go to Delivery tab
Click Advanced Button
Fully Qualified Domain Name -check if there is  outside DNS hostname is exist or not and tell me what is it if there is !
0
raymannAuthor Commented:
telnet results:

220 nlpi176.prodigy.net ESMTP Sendmail 8.14.4 IN/8.14.4; Mon, 16 Jan 2012 14:45:
10 -0600
helo email.ramjack.com
mail from: info@ramjack.com
rcpt to: phillipxxi@sbcglobal.net
data
from: You jmann@ramjack.com
to: Phil <phillipxxi@sbcglobal.net>
subject: test message
test
.250 nlpi176.prodigy.net Hello email.ramjack.com [69.92.92.31], pleased to meet
you
553 5.3.0 nlpi176 DNSBL:RBL 521< 69.92.92.31 >_is_blocked.__For_information_see_
http://att.net/blocks
553 5.3.0 nlpi176 DNSBL:RBL 521< 69.92.92.31 >_is_blocked.__For_information_see_
http://att.net/blocks
553 5.3.0 nlpi176 DNSBL:RBL 521< 69.92.92.31 >_is_blocked.__For_information_see_
http://att.net/blocks
500 5.5.1 Command unrecognized: "from: jmann@ramjack.com"
500 5.5.1 Command unrecognized: "to: phillipxxi@sbcglobal.net"
500 5.5.1 Command unrecognized: "subject: test message"
500 5.5.1 Command unrecognized: "test"
0
raymannAuthor Commented:
jordannet:
can you please do this check :

Start ESM
Go to Servers -> Protocols
Select Default SMTP Virtual Server Properties
Go to Delivery tab
Click Advanced Button
Fully Qualified Domain Name -check if there is  outside DNS hostname is exist or not and tell me what is it if there is !


 SMTP settings
0
Jon BrelieSystem ArchitectCommented:
They are specifically blocking your IP address.   There is not much you can do if they will not remove the block.

The only way around it would be to relay your outbound email for the sbcglobal address space through a smarthost at a different IP..  This would require the admin of the host to allow your network to relay through them, so it's a pretty big favor.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
raymannAuthor Commented:
arnold:
usually NDR will be coming from your own server and not from theirs. Check whether the person to whom you are sending email, may have/use software to deal with spam by mimicking mail handling. mailwasher I think was one of those that would reprocess a message that was already delivered to the user's mailbox via POP and would generate an "NDR" under certain circumstances to make it appear that the destination is invalid/non-existent etc.

Check the full message headers of the NDR what does it show for the "true sender" (note the absence of the colon) From <emailaddress>?

Full Header:

Microsoft Mail Internet Headers Version 2.0
From: postmaster@ramjack.com
To: jmann@ramjack.com
Date: Mon, 16 Jan 2012 14:51:25 -0600
MIME-Version: 1.0
Content-Type: multipart/report; report-type=delivery-status;
      boundary="9B095B5ADSN=_01CCD4824BDEC2DE00000077email.ramjack.co"
X-DSNContext: 7ce717b1 - 1194 - 00000002 - 00000000
Message-ID: <jCRGryWtI00000003@email.ramjack.com>
Subject: Delivery Status Notification (Failure)

--9B095B5ADSN=_01CCD4824BDEC2DE00000077email.ramjack.co
Content-Type: text/plain; charset=unicode-1-1-utf-7

--9B095B5ADSN=_01CCD4824BDEC2DE00000077email.ramjack.co
Content-Type: message/delivery-status

--9B095B5ADSN=_01CCD4824BDEC2DE00000077email.ramjack.co
Content-Type: message/rfc822

x-mimeole: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: multipart/related;
      type="multipart/alternative";
      boundary="----_=_NextPart_001_01CCD490.9BEA3746"
Subject: hows work
Date: Mon, 16 Jan 2012 14:51:24 -0600
Message-ID: <6A8490B18CA0BF42BD82C1295E1EB063799CD8@RAMDATA.RJEXCHANGE.local>
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
Thread-Topic: hows work
thread-index: AczUkJk/UhAQtrNxRp2nO24WnYkLRg==
From: "Jeremy Mann" <jmann@ramjack.com>
To: <phillipxxi@sbcglobal.net>

------_=_NextPart_001_01CCD490.9BEA3746
Content-Type: multipart/alternative;
      boundary="----_=_NextPart_002_01CCD490.9BEA3746"

------_=_NextPart_002_01CCD490.9BEA3746
Content-Type: text/plain;
      charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

------_=_NextPart_002_01CCD490.9BEA3746
Content-Type: text/html;
      charset="us-ascii"
Content-Transfer-Encoding: quoted-printable


------_=_NextPart_002_01CCD490.9BEA3746--
------_=_NextPart_001_01CCD490.9BEA3746
Content-Type: image/jpeg;
      name="image001.jpg"
Content-Transfer-Encoding: base64
Content-ID: <image001.jpg@01CCD45E.5122EF00>
Content-Description: image001.jpg
Content-Location: image001.jpg


------_=_NextPart_001_01CCD490.9BEA3746--

--9B095B5ADSN=_01CCD4824BDEC2DE00000077email.ramjack.co--
0
arnoldCommented:
You have to replicate the SMTP session i.e. submit a line at a time
until you get a 3xx message which will only come after data
Connect to one of their other MXs not
nlpi176
and see if you get the same result, if you do not you can tell them that the nlpi176 has this issue possibly the "block list" is not being refreshed and that is what the problem is.
0
arnoldCommented:
Full headers include Received lines, but based on the test you performed, you get the 521 error while delayed after your rcpt to: (designating the recipient) for the email message.
0
Maen Abu-TabanjehNetwork Administrator, Network ConsultantCommented:
raymann .. is there any services on exchange server like mail scanner , or scan email , just check it if there is its possible the problem with it , stop and disable it ...also confirm if there is anti virus or anti spam installed
0
raymannAuthor Commented:
jordannet:
raymann .. is there any services on exchange server like mail scanner , or scan email , just check it if there is its possible the problem with it , stop and disable it ...also confirm if there is anti virus or anti spam installed

There are no mail scanners or AV running on the exchange server.
0
raymannAuthor Commented:
You have to replicate the SMTP session i.e. submit a line at a time
until you get a 3xx message which will only come after data
Connect to one of their other MXs not
nlpi176
and see if you get the same result, if you do not you can tell them that the nlpi176 has this issue possibly the "block list" is not being refreshed and that is what the problem is.

I tried a few other MXs and replicated the SMTP session and could never get a 3xx message.  Still getting:

553 5.3.0 nlpi176 DNSBL:RBL 521< 69.92.92.31 >_is_blocked.__For_information_see_
http://att.net/blocks
0
arnoldCommented:
Their mail servers might be in a cluster/load distribution setup.
See if you perform the SMTP session test on a new MX record and not connect to nlpi176 but another server , see if you get the same result.

after a second look at your earlier SMTP session, it is not clear whether the rejection 521 comes immediately after the greeting (ehlo) or as a response to the mail from i.e. where you identify the sender of the message.
0
Maen Abu-TabanjehNetwork Administrator, Network ConsultantCommented:
its very strange .. please look here .. enable reporting , send message and open report as shown in the link and post the report
related to this message ..

http://www.msexchange.org/tutorials/Exchange-2003-Message-Tracking-Logging.html

i start doubting of myself ..lol , i mean start doubting of ISP..its possible , i have problem with my ISP that i can not use my SMTP sometimes .. just curious , if you use ADSL , try to use other ISP temporarily and send message  again.
0
arnoldCommented:
When you connect to any of the MX exchangers in the list, you always end up on nlpi176? Then it is likely a configuration on their hardware equipment that is rerouting any of your requests/connections to the blacklist server.

0
raymannAuthor Commented:
Their mail servers might be in a cluster/load distribution setup.
See if you perform the SMTP session test on a new MX record and not connect to nlpi176 but another server , see if you get the same result.

after a second look at your earlier SMTP session, it is not clear whether the rejection 521 comes immediately after the greeting (ehlo) or as a response to the mail from i.e. where you identify the sender of the message.

Sorry I did try on different MX i just copied the error message I had got earlier from nlpi176.  
Here is the actual error:

220 flpd124.prodigy.net ESMTP Sendmail 8.14.4 IN/8.14.4; Mon, 16 Jan 2012 13:16:
53 -0800
ehlo email.ramjack.com
250-flpd124.prodigy.net Hello email.ramjack.com [69.92.92.31], pleased to meet y
ou
250 ENHANCEDSTATUSCODES
mail from: info@ramjack.com
553 5.3.0 flpd124 DNSBL:RBL 521< 69.92.92.31 >_is_blocked.__For_information_see_
http://att.net/blocks
0
Maen Abu-TabanjehNetwork Administrator, Network ConsultantCommented:
i doubt its ISP problem , did you try to use other ISP if you have ADSL , just try , i have had problem sometimes with my ISP , when i used smtp.iton-jo.com its will not work , but if i change to smtp.jdcs.jo it will work fine .. can you try other account with other ISP and send email?
0
raymannAuthor Commented:
jordannet:
i doubt its ISP problem , did you try to use other ISP if you have ADSL , just try , i have had problem sometimes with my ISP , when i used smtp.iton-jo.com its will not work , but if i change to smtp.jdcs.jo it will work fine .. can you try other account with other ISP and send email?

Trying another ISP is not an option.
0
Maen Abu-TabanjehNetwork Administrator, Network ConsultantCommented:
i know just temporary if this possible.. i will thinking about other ways.
0
arnoldCommented:
You are being blocked.  Call them again and escalate the call to their supervisor/manager etc.

Their block resolution is not helpful i.e. it does not report whether they indeed are blocking and only thanks for the information.

they are likely not using DNS to dynamically check with the current list, but might download the list and query against it to minimize/limit external bandwidth and that list has not refreshed.

ask them to test

nslookup 31.92.92.69.whateverlist_they_use to see if it gets a blocked response.

0
raymannAuthor Commented:
arnold:
You are being blocked.  Call them again and escalate the call to their supervisor/manager etc.

Their block resolution is not helpful i.e. it does not report whether they indeed are blocking and only thanks for the information.

they are likely not using DNS to dynamically check with the current list, but might download the list and query against it to minimize/limit external bandwidth and that list has not refreshed.

ask them to test

nslookup 31.92.92.69.whateverlist_they_use to see if it gets a blocked response.

I have actually never called due to not having any contact information besides email and website.  Is there a know contact number for at&t for these issues?
0
Maen Abu-TabanjehNetwork Administrator, Network ConsultantCommented:
please look here , its AT&T page talking about error 521

http://www.att.net/csbellsouth/s/s.dll?spage=cg/legal/bls_info/521.htm
0
Maen Abu-TabanjehNetwork Administrator, Network ConsultantCommented:
raymann .. please also contact your ISP sometimes the ISP subnet possible to be blocked by AT&T side , this happened with me sometimes my ISP subnet was blocked and blacklisted on many blocking services.
not necessary that your IP or domain is blocked but maybe the subnet that you are using is blocked
0
arnoldCommented:
use arin.net with one of their IPs and call that section.
888510 five five four five
Explain why you are calling and they will likely be in a better posistion to route you to the Mail server administrators/network versus calling the front desk which may route you through to technical support.
0
raymannAuthor Commented:
I was on Symantecs Zombie list which AT&T uses for their blacklist.  I was not however listed on any blacklist that mxtoolbox or dnsstuff.com list.  I was finally able to get in contact with AT&T postmaster and he removed my IP.  I have reconfigured my exchange server to pass outbound mail through my barracuda.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.