Solved

Emails Rejected

Posted on 2012-04-06
8
741 Views
Last Modified: 2012-04-06
We recently had a new Firewall / Router installed by a third party company who mishandled the project and was fired. Now we are left to clean up their mess. The last of the issues to be cleaned up is:

A small portion of outgoing (SMTP) email traffic is being rejected by the the recipient. The delivery failure message references our router's internal IP Address (as opposed to our external IP Address of our DNS Host), as well as the Computer Name of the sender.

Any help on the matter would be great, as we cannot figure this out. Thanks1
0
Comment
Question by:fieldb1
8 Comments
 
LVL 7

Expert Comment

by:BelushiLomax
ID: 37816314
Is it always the same user?
when you do nslookups on your email external a records and mx records, what do they return?
0
 
LVL 11

Expert Comment

by:Khandakar Ashfaqur Rahman
ID: 37816330
There might have several reasons for delivery failure.One of the common reason is blacklisting.However, you need post delivery failure message.
0
 

Author Comment

by:fieldb1
ID: 37816783
Yes, it's strange because we are getting some delivery failures stating that we are blacklisted. But the fact that others report the internal IP of the router makes me think that that's the problem and the other servers throwing it back with that error.

On a side note, there is always the possibility of having been hacked and used for spamming. We have been requesting to be removed from blacklists. Microsoft (Hotmail) removed us and email are going through; on the other had AT&T reports blocked for abuse as well, but repeated requests to them have not allowed our emails to go through.

Here is the top portion of the delivery failure message:

Could not deliver message to the following recipient(s):

Failed Recipient: support@windward.net
Reason: Remote host said: 601 Attempted to send the message to the following ip's:
      208.65.144.13, 208.65.145.12, 208.65.144.12

   -- The header and top 20 lines of the message follows --

Received: from ImyComputerName(UnknownHost [192.168.0.254]) by SwaffordTransport.com with SMTP;
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 13

Expert Comment

by:Sandy
ID: 37816899
Please provide message headers and even you can also read out the reason behind it. I think the error was relay access denied.
0
 
LVL 11

Accepted Solution

by:
Khandakar Ashfaqur Rahman earned 500 total points
ID: 37816908
If your IP is blacklisted, at first you need to scan your Local net with updated anti-virus.Then you have to request for delisting.
It'll show unknown host if you don't have associated PTR record.

All of your LAN computer should send email through your SMTP server.When some of your LAN computers are infected with virus then those computers generate spams.These spams don't pass through your SMTP but hit directly to destination Mail server.

Let's consider:
192.168.0.0/24 is your LAN Net
192.168.0.1 is your gateway and firewall
192.168.0.2 is your mail server.

You simply need to configure firewall into your router
Source:Mail server    Destination:Any   Source Port:Any  Destination port:25    Action:Allow
Source:Any                Destination :Any  Source Port:Any  Destination Port:25    Action:Deny

Use updated anti-virus for your mail server.Also request your ISP to set PTR record against your routers public IP
Otherwise it'll be blacklisted again.
0
 

Author Comment

by:fieldb1
ID: 37816977
To Belushi:

No, it could be any user.
0
 

Author Comment

by:fieldb1
ID: 37817008
To Rigan:

The PTR seems to be the problem. We have spoken with our ISP (Charter) and our Mail Service Provider (Smarter Mail). Neither of them have been able to help us solve the issue.
0
 
LVL 11

Expert Comment

by:Khandakar Ashfaqur Rahman
ID: 37817083
So many mail servers like AOL won't accept email from your server if you don't have PTR record.
0

Featured Post

Don't miss ATEN at NAB Show April 24-27!

Visit ATEN at NAB Show to learn how our "Seamlessly Entertaining" solutions deliver fast, precise video streaming without delays for the broadcasting and media environment. ATEN will showcase its 16x16 Modular Matrix Switch (VM1600) and KVM Over IP Solution (KE6900 series).

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I'm a big fan of Windows' offline folder caching and have used it on my laptops for over a decade.  One thing I don't like about it, however, is how difficult Microsoft has made it for the cache to be moved out of the Windows folder.  Here's how to …
An article on effective troubleshooting
Familiarize people with the process of retrieving data from SQL Server using an Access pass-thru query. Microsoft Access is a very powerful client/server development tool. One of the ways that you can retrieve data from a SQL Server is by using a pa…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question