IntegratedBizTech
asked on
smtp;550 Rule imposed as JimQ@xxxxx.com is blacklisted on Spamhaus
On a clients domain only one email address is getting rejected from sending to a handfull of domains with smtp;550 Rule imposed as JimQ@xxxxxx.com is blacklisted on Spamhaus see spamhaus. I have checked the domain on spamhaus as well as ip address and nothing shows as being blacklisted. I also have never heard of just one email address being blacklisted only ip address or domain name. The issue started with an exchange 2003 server. We have replaced the 2003 exchange server with a SBS 2011 server running Exchange 2010.
Full rejection email:
svagateway.SVA.local rejected your message to the following e-mail addresses:
aclark@xx-x.com (aclark@xx-x.com)
svagateway.SVA.local gave this error:
Rule imposed as JimQ@xxxxxxx.com is blacklisted on Spamhaus - see www.spamhaus.org
A problem occurred during the delivery of this message to this e-mail address. Try sending this message again. If the problem continues, please contact your helpdesk.
Diagnostic information for administrators:
Generating server: xxxxSBS.xxxxxx.com
aclark@xx-x.com
svagateway.SVA.local #550 Rule imposed as JimQ@xxxxxxxx.com is blacklisted on Spamhaus - see www.spamhaus.org ##
Original message headers:
Received: from xxxxxSBS.xxxxx.com ([fe80::bca2:b689:9d31:5a0
xxxxxxxxsbs.xxxxxx.com ([fe80::bca2:b689:9d31:5a0
14.01.0438.000; Tue, 2 Apr 2013 08:37:29 -0400
From: "James A. Quick" <JimQ@xxxxxxx.com>
To: "aclark@xx-x.com" <aclark@xx-x.com>
Subject: test
Thread-Topic: test
Thread-Index: Ac4vntYZjqoYz0dzQRSlsV3gWs
Date: Tue, 2 Apr 2013 12:37:28 +0000
Message-ID: <452E81308CFB6A41AB18D08DD
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [192.168.0.125]
Content-Type: multipart/alternative;
boundary="_000_452E81308CF
MIME-Version: 1.0
Full rejection email:
svagateway.SVA.local rejected your message to the following e-mail addresses:
aclark@xx-x.com (aclark@xx-x.com)
svagateway.SVA.local gave this error:
Rule imposed as JimQ@xxxxxxx.com is blacklisted on Spamhaus - see www.spamhaus.org
A problem occurred during the delivery of this message to this e-mail address. Try sending this message again. If the problem continues, please contact your helpdesk.
Diagnostic information for administrators:
Generating server: xxxxSBS.xxxxxx.com
aclark@xx-x.com
svagateway.SVA.local #550 Rule imposed as JimQ@xxxxxxxx.com is blacklisted on Spamhaus - see www.spamhaus.org ##
Original message headers:
Received: from xxxxxSBS.xxxxx.com ([fe80::bca2:b689:9d31:5a0
xxxxxxxxsbs.xxxxxx.com ([fe80::bca2:b689:9d31:5a0
14.01.0438.000; Tue, 2 Apr 2013 08:37:29 -0400
From: "James A. Quick" <JimQ@xxxxxxx.com>
To: "aclark@xx-x.com" <aclark@xx-x.com>
Subject: test
Thread-Topic: test
Thread-Index: Ac4vntYZjqoYz0dzQRSlsV3gWs
Date: Tue, 2 Apr 2013 12:37:28 +0000
Message-ID: <452E81308CFB6A41AB18D08DD
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [192.168.0.125]
Content-Type: multipart/alternative;
boundary="_000_452E81308CF
MIME-Version: 1.0
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Ah...
You said you checked the IP on Spamhaus.... is the IP shared on an ISP with other companies?
Sometimes there is one company with an issue, that is causing pains for others.
For example, if you sent yourself an email to Gmail... you would need to check the IP address that hands off the email to Gmail.
You could try going there directly... Do TELNET domain.com 25 and see if it connects.
If email uses your ISP as a gateway, that would eliminate their external IP most likely.
You said you checked the IP on Spamhaus.... is the IP shared on an ISP with other companies?
Sometimes there is one company with an issue, that is causing pains for others.
For example, if you sent yourself an email to Gmail... you would need to check the IP address that hands off the email to Gmail.
You could try going there directly... Do TELNET domain.com 25 and see if it connects.
If email uses your ISP as a gateway, that would eliminate their external IP most likely.
ASKER
Telnet works fine.
It is not a shared ip address with any other companies.
Its only the one email address on the local domain having the issue.
If it was with their isp it should effect the whole domain. Thats the weird part. MX records, reverse pointers etc have all been checked and verify correct. If its an external DNS issue that should effect the whole domain as well correct?
It is not a shared ip address with any other companies.
Its only the one email address on the local domain having the issue.
If it was with their isp it should effect the whole domain. Thats the weird part. MX records, reverse pointers etc have all been checked and verify correct. If its an external DNS issue that should effect the whole domain as well correct?
Have you checked that the one email hasn't been sending out SPAM some how?
Email tracking from your side?
Email tracking from your side?
ASKER
Yes. Machine has been checked for spam. Scanned for rootkits and spam relays as well. machine is clean and working correctly. The computer is roughly 3 months old running Windows 7 pro office 2010. It is using symantec cloud for antivirus which also has been checked for possible interuption.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
If i telnet to the recipients domain
telnet mail.xx-x.com 25 220 ready
helo mail.xxxxx.com returns 250
mail from: <jimq@xxxx.xom> returns 250 sender ok
rcpt to: <aclark@xx-x.com returns 550 rule imposes jimq@XXXX.com is blacklisted on spamhaus
Not sure if this helps but all info is good info......
Im also finding that other users as well from the same domain are also returning a 550 rule when rcpt to:
telnet mail.xx-x.com 25 220 ready
helo mail.xxxxx.com returns 250
mail from: <jimq@xxxx.xom> returns 250 sender ok
rcpt to: <aclark@xx-x.com returns 550 rule imposes jimq@XXXX.com is blacklisted on spamhaus
Not sure if this helps but all info is good info......
Im also finding that other users as well from the same domain are also returning a 550 rule when rcpt to:
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
No i was just using xxx to blank out the actual domain. Im trying to get in contact with one of the admins on the recipient domain. Will update as soon as i hear from someone.
Thank you for all your help
Thank you for all your help
ASKER
Resolutions was the recipient server actually was running spamhaus rules on one of their servers. I had them make the correct exceptions and all is working. Thank you for all your help
ASKER