Emails Rejected

We recently had a new Firewall / Router installed by a third party company who mishandled the project and was fired. Now we are left to clean up their mess. The last of the issues to be cleaned up is:

A small portion of outgoing (SMTP) email traffic is being rejected by the the recipient. The delivery failure message references our router's internal IP Address (as opposed to our external IP Address of our DNS Host), as well as the Computer Name of the sender.

Any help on the matter would be great, as we cannot figure this out. Thanks1
fieldb1Asked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

BelushiLomaxCommented:
Is it always the same user?
when you do nslookups on your email external a records and mx records, what do they return?
0
Khandakar Ashfaqur RahmanExpert/ConsultantCommented:
There might have several reasons for delivery failure.One of the common reason is blacklisting.However, you need post delivery failure message.
0
fieldb1Author Commented:
Yes, it's strange because we are getting some delivery failures stating that we are blacklisted. But the fact that others report the internal IP of the router makes me think that that's the problem and the other servers throwing it back with that error.

On a side note, there is always the possibility of having been hacked and used for spamming. We have been requesting to be removed from blacklists. Microsoft (Hotmail) removed us and email are going through; on the other had AT&T reports blocked for abuse as well, but repeated requests to them have not allowed our emails to go through.

Here is the top portion of the delivery failure message:

Could not deliver message to the following recipient(s):

Failed Recipient: support@windward.net
Reason: Remote host said: 601 Attempted to send the message to the following ip's:
      208.65.144.13, 208.65.145.12, 208.65.144.12

   -- The header and top 20 lines of the message follows --

Received: from ImyComputerName(UnknownHost [192.168.0.254]) by SwaffordTransport.com with SMTP;
0
Big Business Goals? Which KPIs Will Help You

The most successful MSPs rely on metrics – known as key performance indicators (KPIs) – for making informed decisions that help their businesses thrive, rather than just survive. This eBook provides an overview of the most important KPIs used by top MSPs.

SandyCommented:
Please provide message headers and even you can also read out the reason behind it. I think the error was relay access denied.
0
Khandakar Ashfaqur RahmanExpert/ConsultantCommented:
If your IP is blacklisted, at first you need to scan your Local net with updated anti-virus.Then you have to request for delisting.
It'll show unknown host if you don't have associated PTR record.

All of your LAN computer should send email through your SMTP server.When some of your LAN computers are infected with virus then those computers generate spams.These spams don't pass through your SMTP but hit directly to destination Mail server.

Let's consider:
192.168.0.0/24 is your LAN Net
192.168.0.1 is your gateway and firewall
192.168.0.2 is your mail server.

You simply need to configure firewall into your router
Source:Mail server    Destination:Any   Source Port:Any  Destination port:25    Action:Allow
Source:Any                Destination :Any  Source Port:Any  Destination Port:25    Action:Deny

Use updated anti-virus for your mail server.Also request your ISP to set PTR record against your routers public IP
Otherwise it'll be blacklisted again.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
fieldb1Author Commented:
To Belushi:

No, it could be any user.
0
fieldb1Author Commented:
To Rigan:

The PTR seems to be the problem. We have spoken with our ISP (Charter) and our Mail Service Provider (Smarter Mail). Neither of them have been able to help us solve the issue.
0
Khandakar Ashfaqur RahmanExpert/ConsultantCommented:
So many mail servers like AOL won't accept email from your server if you don't have PTR record.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Networking

From novice to tech pro — start learning today.