Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

SPF error; Remote SMTP Server Returned: 550 [ip] is not allowed to send mail from [domain]

Posted on 2014-01-30
9
Medium Priority
?
10,411 Views
Last Modified: 2014-01-30
The spf record for the domain in question is fully qualified and passes all tests I can find, yet I still get the above error once in a while.  How come?

Here is the full error (with IP):  

Remote SMTP Server Returned: 550 75.98.227.75 is not allowed
to send mail from firesystemspro.com

Can anyone shed some light on this?
0
Comment
Question by:jglazer63
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
9 Comments
 
LVL 41

Expert Comment

by:footech
ID: 39822518
None of the records for firesystempro.com, or any of the names used by your MX records resolves to an IP of 75.98.227.75 (only .66, .74, and .76).
So you could either adjust your SPF record to include this IP, or configure your systems so that email won't flow out from that IP.
0
 

Author Comment

by:jglazer63
ID: 39822536
That doesn't make sense.  Here is an MX lookup on firesystemspro.com and that IP is clearly listed.  How did you do your check?  Not to say you're wrong but maybe I have something misconfigured?

firesystemspro.com      MX preference = 31, mail exchanger = mail3.firesystemspro.com
firesystemspro.com      MX preference = 22, mail exchanger = mail.firesystemspro.com
firesystemspro.com      MX preference = 21, mail exchanger = mail2.firesystemspro.com
mail3.firesystemspro.com        internet address = 75.98.227.76
mail.firesystemspro.com internet address = 75.98.227.74
mail2.firesystemspro.com        internet address = 75.98.227.75

I just ran this on mxtoolbox.com with similar results:

http://mxtoolbox.com/SuperTool.aspx?action=mx%3afiresystemspro.com&run=toolpage
0
 

Author Comment

by:jglazer63
ID: 39822571
I notice that you mention .66.  I wonder what server you're hitting for that?  Maybe I have a primary/secondary issue with my dns.
0
Veeam Task Manager for Hyper-V

Task Manager for Hyper-V provides critical information that allows you to monitor Hyper-V performance by displaying real-time views of CPU and memory at the individual VM-level, so you can quickly identify which VMs are using host resources.

 
LVL 41

Accepted Solution

by:
footech earned 2000 total points
ID: 39822608
When I do a lookup on mail2 I get the following:
Name:    mail2.firesystemspro.com
Addresses:  75.98.227.76
          75.98.227.74

The .66 comes just from looking up firesystemspro.com.
Name:    firesystemspro.com
Address:  75.98.227.66

I did a check with DNSStuff and it shows the same info you posted rather that what is shown by my own nslookup queries.  I'm using Google's DNS servers.  Perhaps there's some bad information there.
0
 

Author Comment

by:jglazer63
ID: 39822619
I just found that ZONE transfers for that domain were not occurring between the secondary and primary so that's probably the issue.  The secondary does not show the IP.  I am forcing an update now so you may have pointed me to the issue.
0
 
LVL 41

Expert Comment

by:footech
ID: 39822628
You could get around this by explicitly including the IPs in your SPF record.
ip4:75.98.227.75     or
ip4:75.98.227.74/30   to include a range.
0
 

Author Comment

by:jglazer63
ID: 39822635
Well I would actually prefer to have the secondary DNS reflect the primary DNS zones as they should.  Now I'm having a problem getting that to happen.  I deleted the secondary zone and re-added it and it won't transfer (windows DNS).  sigh...
0
 

Author Closing Comment

by:jglazer63
ID: 39822675
While the advice wasn't the direct answer, it did lead me to the fact that zone transfers were failing with that domain and correcting that fixed this issue.
0
 
LVL 41

Expert Comment

by:footech
ID: 39822762
Good job getting it resolved.  Looks like Google has the correct info now too.
0

Featured Post

Get your Disaster Recovery as a Service basics

Disaster Recovery as a Service is one go-to solution that revolutionizes DR planning. Implementing DRaaS could be an efficient process, easily accessible to non-DR experts. Learn about monitoring, testing, executing failovers and failbacks to ensure a "healthy" DR environment.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Resolve DNS query failed errors for Exchange
Here in this article, you will get a step by step guidance on how to restore an Exchange database to a recovery database. Get a brief on Recovery Database and how it can be used to restore Exchange database in this section!
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager
Suggested Courses

604 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question