Solved

SPF error; Remote SMTP Server Returned: 550 [ip] is not allowed to send mail from [domain]

Posted on 2014-01-30
9
9,468 Views
Last Modified: 2014-01-30
The spf record for the domain in question is fully qualified and passes all tests I can find, yet I still get the above error once in a while.  How come?

Here is the full error (with IP):  

Remote SMTP Server Returned: 550 75.98.227.75 is not allowed
to send mail from firesystemspro.com

Can anyone shed some light on this?
0
Comment
Question by:jglazer63
  • 5
  • 4
9 Comments
 
LVL 40

Expert Comment

by:footech
ID: 39822518
None of the records for firesystempro.com, or any of the names used by your MX records resolves to an IP of 75.98.227.75 (only .66, .74, and .76).
So you could either adjust your SPF record to include this IP, or configure your systems so that email won't flow out from that IP.
0
 

Author Comment

by:jglazer63
ID: 39822536
That doesn't make sense.  Here is an MX lookup on firesystemspro.com and that IP is clearly listed.  How did you do your check?  Not to say you're wrong but maybe I have something misconfigured?

firesystemspro.com      MX preference = 31, mail exchanger = mail3.firesystemspro.com
firesystemspro.com      MX preference = 22, mail exchanger = mail.firesystemspro.com
firesystemspro.com      MX preference = 21, mail exchanger = mail2.firesystemspro.com
mail3.firesystemspro.com        internet address = 75.98.227.76
mail.firesystemspro.com internet address = 75.98.227.74
mail2.firesystemspro.com        internet address = 75.98.227.75

I just ran this on mxtoolbox.com with similar results:

http://mxtoolbox.com/SuperTool.aspx?action=mx%3afiresystemspro.com&run=toolpage
0
 

Author Comment

by:jglazer63
ID: 39822571
I notice that you mention .66.  I wonder what server you're hitting for that?  Maybe I have a primary/secondary issue with my dns.
0
Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

 
LVL 40

Accepted Solution

by:
footech earned 500 total points
ID: 39822608
When I do a lookup on mail2 I get the following:
Name:    mail2.firesystemspro.com
Addresses:  75.98.227.76
          75.98.227.74

The .66 comes just from looking up firesystemspro.com.
Name:    firesystemspro.com
Address:  75.98.227.66

I did a check with DNSStuff and it shows the same info you posted rather that what is shown by my own nslookup queries.  I'm using Google's DNS servers.  Perhaps there's some bad information there.
0
 

Author Comment

by:jglazer63
ID: 39822619
I just found that ZONE transfers for that domain were not occurring between the secondary and primary so that's probably the issue.  The secondary does not show the IP.  I am forcing an update now so you may have pointed me to the issue.
0
 
LVL 40

Expert Comment

by:footech
ID: 39822628
You could get around this by explicitly including the IPs in your SPF record.
ip4:75.98.227.75     or
ip4:75.98.227.74/30   to include a range.
0
 

Author Comment

by:jglazer63
ID: 39822635
Well I would actually prefer to have the secondary DNS reflect the primary DNS zones as they should.  Now I'm having a problem getting that to happen.  I deleted the secondary zone and re-added it and it won't transfer (windows DNS).  sigh...
0
 

Author Closing Comment

by:jglazer63
ID: 39822675
While the advice wasn't the direct answer, it did lead me to the fact that zone transfers were failing with that domain and correcting that fixed this issue.
0
 
LVL 40

Expert Comment

by:footech
ID: 39822762
Good job getting it resolved.  Looks like Google has the correct info now too.
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

New-MailboxSearch Powershell Command and step by step approach to Search and Extract Emails form Exchange 2013 Journaling server.
This process describes the steps required to Import and Export data from and to .pst files using Exchange 2010. We can use these steps to export data from a user to a .pst file, import data back to the same or a different user, or even import data t…
Familiarize people with the process of utilizing SQL Server stored procedures from within Microsoft Access. Microsoft Access is a very powerful client/server development tool. One of the SQL Server objects that you can interact with from within Micr…
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…

789 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question