Improve company productivity with a Business Account.Sign Up

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1555
  • Last Modified:

outbound Email issues, exchange 2003 - Rejected by content scanner (CMAE). See for an explanation.


I am having a few issues with email.

Some users have reported that they are not getting emails that they know have been sent. the user sending is not getting a bounce back .

The second and more important issue is when sending some emails, the users are getting bounce back

see below

We are using exchange 2003 and normally go outbound via a smarthost (BT) but due to some issues which Bt are fixing I have switch to use DNS for outbound emails.

as we don't normally use DNS i have not setup a reserve DNS lookup but will look at tonight.

Can some body explain exactly what steps need to be done to correctly setup

Inbound emails

We have a MX record setup, As far as i know this is all that is needed for incoming email

Outbound email

Using BT Smart Host

As far as i know i don need to setup anything as BT take care of all that

Using DNS

Setup RDNS which matches my Mx record
DO i need a SPF record setup at the domain level (this is an issue if i do as where the domain is hosted you cant set one up as it a shared hosting package with 1and

All there anything extra i need to setup in exchange ?

What is this ?

I have also noticed we keep intermittently being found on 1 blacklist site. the site is MAILSPIKE-BL. It only shows up on mxtoolbox and not any others i have tried and removes it self within a short period of time

********.com on Tue, 4 Jun 2013 18:18:31 +0100
   There was a SMTP communication problem with the recipient's email
server.  Please contact your system administrator.
   <******* #5.5.0 smtp;550 Rejected by content scanner (CMAE).
See for an explanation.
Fingerprint is <v=2.1 cv=RMeKQeS+ c=0 sm=0 tr=0 p=VwCCV9qUAAAA:8
a=9By/sdXPqd3qE83QUP8bfw==:117 a=9By/sdXPqd3qE83QUP8bfw==:17
a=fwJSd2CrC10A:10 a=mHgScw1XAAAA:8>>
  • 3
  • 3
1 Solution
Simon Butler (Sembee)ConsultantCommented:
If you have no PTR then you will get email failures.
If you are on BT, then you will not get a PTR today, BT usually take anything between 48 and 36 hours to make the change. I would have requested as soon as you changed.

The URL that you have posted belongs to an outfit called Inty in Bristol. 
Never heard of them either. Looks like they are some kind of cloud reseller. The URL seems legit and it is nice for someone to actually send back some useful information.

The NDR shown would tend to indicate an issue with the actual content. That usually means you have a image based signature or something like that.

MARKWILKYAuthor Commented:
Thanks Simon

I have had a few clients now get these mailreport bounce backs

I have been looking at your blogs for last few hours, just checking if there anything i have missed but all seems fine apart form RDNS.

Do you need an SPF record at domain level or is a RDNs enough

it could be the image based signature.... How do you get round this issue as customers like to have there logos on bottom of email

is there any way to check some incoming emails that didn't arrive at end users mailbox. the customer also didn't receive any NDR. The customer resent in the morming and they came thought fine.

Once i setup the RDNS record is there anything else that needs setting up and is there any reason to use Bt smarthost for sending emails.
Simon Butler (Sembee)ConsultantCommented:
There is no requirement to have an SPF record at all. It doens't help with your email delivery in any shape or form. Therefore if you aren't 100% sure on the settings, don't deploy one.

When it comes to images in the signatures, there is only one answer - don't do it. If you want email delivery to be 100% reliable then use plain text. I tolerate HTML as it is basically plain text, but logos are banned.
Quickest way to get that past people who want them is to ask if any of their biggest customers are using logos in their formal signatures (not personal signatures). You will not find one of them do, because of the bloat that it causes. All small businesses want to seem bigger than they are.

When it comes to inbound email, unless the item appears in message tracking there is nothing you can do. There are too many things between the sender and you to diagnose the problem as the sender. It is like getting a parcel delivered - until you sign for it you have no idea where it is.

Once you have a PTR then you could drop BT's smart host completely.

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

MARKWILKYAuthor Commented:
fast response from an exchange guru...Thanks

I also have a bes case open if you could look at that

thanks again...
MARKWILKYAuthor Commented:
HI Simon

We now have a RDNS record and we are sending via DNS and not smart host but getting a few bounce backs to Aol, Talktlak and a few others....

*** on 07/06/2013 08:28
            The message reached the recipient's e-mail system, but delivery was refused.  Attempt to resend the message.  If it still fails, contact your system administrator.
            <mail.****** #5.2.1 smtp;521 5.2.1 :  (CON:B1)>

If a do a SMTP test at mxtoolbox i get this below

220 mail.***** Microsoft ESMTP MAIL Service, Version: 6.0.3790.4675 ready at Fri, 7 Jun 2013 17:23:57 +0100

Test      Result      Hide
      SMTP Reverse Banner Check      OK - ******** resolves to mail.********
      SMTP Reverse DNS Mismatch      OK - Reverse DNS matches SMTP Banner      
      SMTP TLS      Warning - Does not support TLS.      Ignore
      SMTP Connection Time      0.998 seconds - Good on Connection time      
      SMTP Open Relay      OK - Not an open relay.      
      SMTP Transaction Time      8.393 seconds - Not good! on Transaction Time      Ignore
Session Transcript:

Any help would be appreciated

Simon Butler (Sembee)ConsultantCommented:
Did you actually look at the error on AOL? It would appear they are blocking you because of the email you have been sending out. There is a link I believe between AOL and TalkTalk in the UK, so probably the same address.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

  • 3
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now