?
Solved

My exchange 2007 server HUB is blacklisted

Posted on 2012-03-16
10
Medium Priority
?
373 Views
Last Modified: 2012-04-05
Hi,

I have 2 hub server in my exchange organisation.

I have configure 1 send connector in evry hub server to send email to Internet.

This send connector us DNS MX to route email.

I have configure a EHLO fqdn, this fqdn point to public adress used in my firewall.

i have only open smtp port 25 outgoing from my hub server.

Are this configuration is correct?

because now i am blacklisted in ips.backscatterer.org and i have 3 email domain refuse my email en send to my user reject message like this:

554 5.7.1 <n.commail@domai>: Relay access denied,

what i can do to resolve the problem??

thanks
0
Comment
Question by:cawasaki
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 3
10 Comments
 
LVL 17

Accepted Solution

by:
Suraj earned 2000 total points
ID: 37733203
The set up is correct.

first find out whats the connecting Ip of the problem server which is used to send mails out [black listed one]

- here is how you find

telnet maila.microsoft.com 25
ehlo

after ehlo it will also give you an ip address. [note it, thats the outbound ip used]

Go to mxtoolbox.com and put in that ip in black list - it will tell you which all RBL have blocked you.

- now to resolve the issue or find out why the hub got black listed do this :
1. do you have any relay connector?
2 check queue viewer to see if there is any spams showing
3. take one of the message id of it and do message tracking - check from where is it coming? smtp submission or store?

let me know
monitor the queue
0
 

Author Comment

by:cawasaki
ID: 37737018
Hi xsam,

I have many receive connector, one of them is open relay, i have add many IP adress to authorize them to send email. Its for printers, and many other applications, it user this smtp connector to send email without authentification.

may be when this email pass to internet in my send connector, it keep a trace of internal open relay?

thanks
0
 
LVL 17

Expert Comment

by:Suraj
ID: 37738876
Yes. so lets disable the relay connector and monitor.
0
Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 

Author Comment

by:cawasaki
ID: 37739095
i cannot disable it because have many application use it.

it is possible to change this connector to accept only internal email relay and not rely to internet?

thanks
0
 
LVL 17

Expert Comment

by:Suraj
ID: 37740647
Changing your connecting ip would resolve the issue but you need to find out why you were rejected.
0
 

Author Comment

by:cawasaki
ID: 37741314
I need to understand.

the open relay conenctor is a receive conenctor for fiew servers with IP autorisation.

if one of this server send email to internet, it pass first in this receive connector, after that it pass by my send connector to internet.

but, here its my users with authentification receive connector is receive access denied from this domain.

554 5.7.1 <>: Relay access denied
0
 

Author Comment

by:cawasaki
ID: 37741411
Hi,

ok i see in my smtp queue many spam with source IP 255.255.255.255 and without from adress!
0
 

Author Comment

by:cawasaki
ID: 37741445
I have check message tracking, the sender is my postmater adress!
0
 

Author Comment

by:cawasaki
ID: 37741501
Ok, if i have spam in my hub server, the reason is my incomin email antispam not do good job.

postmaster is configured to allow non-deliveyr reports==> SO i send spam!
0
 

Author Closing Comment

by:cawasaki
ID: 37810679
Thanks
0

Featured Post

Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

As cyber crime continues to grow in both numbers and sophistication, a troubling trend of optimization has emerged over the last year.
New style of hardware planning for Microsoft Exchange server.
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…
Suggested Courses

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question