Avatar of IntegratedBizTech
IntegratedBizTech
 asked on

smtp;550 Rule imposed as JimQ@xxxxx.com is blacklisted on Spamhaus

On a clients domain only one email address is getting rejected from sending to a handfull of domains with smtp;550 Rule imposed as JimQ@xxxxxx.com is blacklisted on Spamhaus see spamhaus. I have checked the domain on spamhaus as well as ip address and nothing shows as being blacklisted. I also have never heard of just one email address being blacklisted only ip address or domain name. The issue started with an exchange 2003 server. We have replaced the 2003 exchange server with a SBS 2011 server running  Exchange 2010.

Full rejection email:

 svagateway.SVA.local rejected your message to the following e-mail addresses:
 
aclark@xx-x.com (aclark@xx-x.com)

 
svagateway.SVA.local gave this error:
Rule imposed as JimQ@xxxxxxx.com is blacklisted on Spamhaus - see www.spamhaus.org 

 
A problem occurred during the delivery of this message to this e-mail address. Try sending this message again. If the problem continues, please contact your helpdesk.

 
 Diagnostic information for administrators:
 
Generating server: xxxxSBS.xxxxxx.com
 
aclark@xx-x.com
svagateway.SVA.local #550 Rule imposed as JimQ@xxxxxxxx.com is blacklisted on Spamhaus - see www.spamhaus.org ##
 
Original message headers:
 
Received: from xxxxxSBS.xxxxx.com ([fe80::bca2:b689:9d31:5a09]) by
 xxxxxxxxsbs.xxxxxx.com ([fe80::bca2:b689:9d31:5a09%10]) with mapi id
 14.01.0438.000; Tue, 2 Apr 2013 08:37:29 -0400
From: "James A. Quick" <JimQ@xxxxxxx.com>
To: "aclark@xx-x.com" <aclark@xx-x.com>
Subject: test
Thread-Topic: test
Thread-Index: Ac4vntYZjqoYz0dzQRSlsV3gWsVqcA==
Date: Tue, 2 Apr 2013 12:37:28 +0000
Message-ID: <452E81308CFB6A41AB18D08DD6AD062C01B048@JQUICKSBS.jquick.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [192.168.0.125]
Content-Type: multipart/alternative;
        boundary="_000_452E81308CFB6A41AB18D08DD6AD062C01B048JQUICKSBSjquickco_"
MIME-Version: 1.0
Exchange

Avatar of undefined
Last Comment
IntegratedBizTech

8/22/2022 - Mon
SOLUTION
FDiskWizard

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
IntegratedBizTech

ASKER
Its not just one domain thats rejecting and giving the same error its roughly 6 or 7 so far that was found.
FDiskWizard

Ah...

You said you checked the IP on Spamhaus.... is the IP shared on an ISP with other companies?
Sometimes there is one company with an issue, that is causing pains for others.

For example, if you sent yourself an email to Gmail... you would need to check the IP address that hands off the email to Gmail.

You could try going there directly... Do TELNET domain.com 25 and see if it connects.
If email uses your ISP as a gateway, that would eliminate their external IP most likely.
IntegratedBizTech

ASKER
Telnet works fine.
 It is not a shared ip address with any other companies.
Its only the one email address on the local domain having the issue.
If it was with their isp it should effect the whole domain. Thats the weird part. MX records, reverse pointers etc have all been checked and verify correct. If its an external DNS issue that should effect the whole domain as well correct?
This is the best money I have ever spent. I cannot not tell you how many times these folks have saved my bacon. I learn so much from the contributors.
rwheeler23
FDiskWizard

Have you checked that the one email hasn't been sending out SPAM some how?
Email tracking from your side?
IntegratedBizTech

ASKER
Yes. Machine has been checked for spam. Scanned for rootkits and spam relays as well. machine is clean and working correctly. The computer is roughly 3 months old running Windows 7 pro office 2010. It is using symantec cloud for antivirus which also has been checked for possible interuption.
SOLUTION
FDiskWizard

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
IntegratedBizTech

ASKER
If i telnet to the recipients domain
telnet mail.xx-x.com 25 220 ready
helo mail.xxxxx.com returns 250
mail from: <jimq@xxxx.xom> returns 250 sender ok
rcpt to: <aclark@xx-x.com returns 550 rule imposes jimq@XXXX.com is blacklisted on spamhaus

Not sure if this helps but all info is good info......


Im also finding that other users as well from the same domain are also returning a 550 rule when rcpt to:
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
ASKER CERTIFIED SOLUTION
Log in to continue reading
Log In
Sign up - Free for 7 days
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
IntegratedBizTech

ASKER
No i was just using xxx to blank out the actual domain. Im trying to get in contact with one of the admins on the recipient domain. Will update as soon as i hear from someone.
Thank you for all your help
IntegratedBizTech

ASKER
Resolutions was the recipient server actually was running spamhaus rules on one of their servers. I had them make the correct exceptions and all is working. Thank you for all your help