• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 761
  • Last Modified:

Emails Rejected

We recently had a new Firewall / Router installed by a third party company who mishandled the project and was fired. Now we are left to clean up their mess. The last of the issues to be cleaned up is:

A small portion of outgoing (SMTP) email traffic is being rejected by the the recipient. The delivery failure message references our router's internal IP Address (as opposed to our external IP Address of our DNS Host), as well as the Computer Name of the sender.

Any help on the matter would be great, as we cannot figure this out. Thanks1
0
fieldb1
Asked:
fieldb1
1 Solution
 
BelushiLomaxCommented:
Is it always the same user?
when you do nslookups on your email external a records and mx records, what do they return?
0
 
Khandakar Ashfaqur RahmanExpert/ConsultantCommented:
There might have several reasons for delivery failure.One of the common reason is blacklisting.However, you need post delivery failure message.
0
 
fieldb1Author Commented:
Yes, it's strange because we are getting some delivery failures stating that we are blacklisted. But the fact that others report the internal IP of the router makes me think that that's the problem and the other servers throwing it back with that error.

On a side note, there is always the possibility of having been hacked and used for spamming. We have been requesting to be removed from blacklists. Microsoft (Hotmail) removed us and email are going through; on the other had AT&T reports blocked for abuse as well, but repeated requests to them have not allowed our emails to go through.

Here is the top portion of the delivery failure message:

Could not deliver message to the following recipient(s):

Failed Recipient: support@windward.net
Reason: Remote host said: 601 Attempted to send the message to the following ip's:
      208.65.144.13, 208.65.145.12, 208.65.144.12

   -- The header and top 20 lines of the message follows --

Received: from ImyComputerName(UnknownHost [192.168.0.254]) by SwaffordTransport.com with SMTP;
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

 
SandyCommented:
Please provide message headers and even you can also read out the reason behind it. I think the error was relay access denied.
0
 
Khandakar Ashfaqur RahmanExpert/ConsultantCommented:
If your IP is blacklisted, at first you need to scan your Local net with updated anti-virus.Then you have to request for delisting.
It'll show unknown host if you don't have associated PTR record.

All of your LAN computer should send email through your SMTP server.When some of your LAN computers are infected with virus then those computers generate spams.These spams don't pass through your SMTP but hit directly to destination Mail server.

Let's consider:
192.168.0.0/24 is your LAN Net
192.168.0.1 is your gateway and firewall
192.168.0.2 is your mail server.

You simply need to configure firewall into your router
Source:Mail server    Destination:Any   Source Port:Any  Destination port:25    Action:Allow
Source:Any                Destination :Any  Source Port:Any  Destination Port:25    Action:Deny

Use updated anti-virus for your mail server.Also request your ISP to set PTR record against your routers public IP
Otherwise it'll be blacklisted again.
0
 
fieldb1Author Commented:
To Belushi:

No, it could be any user.
0
 
fieldb1Author Commented:
To Rigan:

The PTR seems to be the problem. We have spoken with our ISP (Charter) and our Mail Service Provider (Smarter Mail). Neither of them have been able to help us solve the issue.
0
 
Khandakar Ashfaqur RahmanExpert/ConsultantCommented:
So many mail servers like AOL won't accept email from your server if you don't have PTR record.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: MCSA MCSE Windows Server 2012

This course teaches how to install and configure Windows Server 2012 R2.  It is the first step on your path to becoming a Microsoft Certified Solutions Expert (MCSE).

Tackle projects and never again get stuck behind a technical roadblock.
Join Now