Emails being rejected

Have you seen the rejection emails you are getting? What does it exactly say? Have you checked the settings on Barracuda device to make sure it is not using 3rd party forwards or anything funky that changed due to the new IP block?

Here is an example of the undeliverable:
Diagnostic information for administrators:

Generating server: barracuda.structuredassetservices.com

jcrespo@netvoix.com
#< #5.0.0 X-Spam-&-Virus-Firewall; host netvoix-com.mail.eo.outlook.com[207.46.163.138] said: 550 5.7.1 Service unavailable; Client host [71.16.130.204] blocked using Blocklist 1; To request removal from this list please forward this message to delist@messaging.microsoft.com (in reply to RCPT TO command)> #SMTP#

Original message headers:

X-ASG-Debug-ID: 1392240338-06de93103a56360001-savSPn
Received: from sasmail.StructuredAssetServices.local ([10.1.10.27]) by
 barracuda.structuredassetservices.com with ESMTP id 0kig20pvPnqQ9aEt
 (version=TLSv1 cipher=AES128-SHA bits=128 verify=NO) for
 <jcrespo@netvoix.com>; Wed, 12 Feb 2014 16:25:38 -0500 (EST)
X-Barracuda-Envelope-From: bmodlin@structuredassetservices.com
Received: from sasmail.StructuredAssetServices.local
 ([fe80::10f:ad4d:a34a:7ec4]) by sasmail.StructuredAssetServices.local
 ([fe80::10f:ad4d:a34a:7ec4%11]) with mapi; Wed, 12 Feb 2014 16:26:03 -0500
From: Brian Modlin <bmodlin@structuredassetservices.com>
To: "jcrespo@netvoix.com" <jcrespo@netvoix.com>
Date: Wed, 12 Feb 2014 16:26:02 -0500
Subject: test
Thread-Topic: test
X-ASG-Orig-Subj: test
Thread-Index: Ac8oOQWrVlASy9wETQ+i2hLWv1bctw==
Message-ID: <0BAA22B50820694AA876F9AF0ECD9A6B16230FE146@sasmail.StructuredAssetServices.local>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: multipart/related;
      boundary="_006_0BAA22B50820694AA876F9AF0ECD9A6B16230FE146sasmailStruct_";
      type="multipart/alternative"
MIME-Version: 1.0
X-Barracuda-Connect: UNKNOWN[10.1.10.27]
X-Barracuda-Start-Time: 1392240338
X-Barracuda-Encrypted: AES128-SHA
X-Barracuda-URL: http://10.1.10.36:8000/cgi-mod/mark.cgi
X-Virus-Scanned: by bsmtpd at structuredassetservices.com
X-Barracuda-BRTS-Status: 1
X-Barracuda-Spam-Score: 0.00
X-Barracuda-Spam-Status: No, SCORE=0.00 using global scores of TAG_LEVEL=1000.0 QUARANTINE_LEVEL=1000.0 KILL_LEVEL=9.0 tests=EXTRA_MPART_TYPE, HTML_MESSAGE
X-Barracuda-Spam-Report: Code version 3.2, rules version 3.2.2.145061
      Rule breakdown below
       pts rule name              description
      ---- ---------------------- --------------------------------------------------
      0.00 EXTRA_MPART_TYPE       Header has extraneous Content-type:...type= entry
      0.00 HTML_MESSAGE           BODY: HTML included

You are still blacklisted. Check the same section on other failed messages you are getting and if the messages are different post them here. But based on this header you need to get your network cleaned and unblocked first.  See the error message below:

#< #5.0.0 X-Spam-&-Virus-Firewall; host netvoix-com.mail.eo.outlook.com[207.46.163.138] said: 550 5.7.1 Service unavailable; Client host [71.16.130.204] blocked using Blocklist 1;

How do I get clean.... Can you verify that my current dns entries are correct...

The best thing to do is to monitor port 25 on your network. The only IP address that should be utilizing that port should be your mail server or barracuda device. If any other IP address shows up then those machines are the ones you clean by running antivirus and anti malware scans (malwarebytes.org). If your server is infected you still have to clean it in the same way. Make sure you disconnect the machine from the network as soon as you figure out which one it is.

As for your DNS go to http://centralops.net and do a nslookup on your domain. Change the type from any to A or MX to see specific results. That should tell you what the outside world sees when they want to send you emails or access your other services.

Tried to run the utility and don't know how to use it.  I get no results... Sorry, but can you assist?

My MX = mail.structuredassetservices.com (points to barracuda)
My PTR = barracuda.structuredassetservices.com (points to barracuda)

Outbound mail relays through the barracuda and I believe the email headers say the mail is going out from barracuda.structuredassetservices.com

Is this the correct DNS configuration?

Also, here is the headers of the undeliverable message I received when trying to send mail:

Received: from barracuda.structuredassetservices.com (10.1.10.x) by
 sasmail.structuredassetservices.com (10.1.10.x) with Microsoft SMTP Server
 id 8.3.327.1; Thu, 13 Feb 2014 10:05:13 -0500
Received: by barracuda.structuredassetservices.com (Spam & Virus Firewall)      id
 DFECEBE99F; Thu, 13 Feb 2014 10:04:46 -0500 (EST)
Date: Thu, 13 Feb 2014 10:04:46 -0500
From: MAILER-DAEMON
Subject: Undelivered Mail Returned to Sender
To: <bmodlin@structuredassetservices.com>
MIME-Version: 1.0
Content-Type: multipart/report; report-type=delivery-status;
      boundary="138C8BE99D.1392303886/barracuda.structuredassetservices.com"
Message-ID: <20140213150446.DFECEBE99F@barracuda.structuredassetservices.com>
Return-Path: <>

According to the Headers and the DNS entries I posted above.... Are they correct?

Should the PTR reflect barracuda.structuredassetservices.com or sasmail.structuredassetservices.com?

All outbound mail is sent out from the Exchange server and then RELAYED through the barracuda.

As far as your external DNS goes your MX pointing to mail.structuredassetservices.com looks good. I did a quick telnet to port 25 and your banner is not showing any names. It should really read mail.structuredassetservices.com

As for the internal issues, check your relay in Exchange. Is it still set to the correct IP addresses after the move? Also check the Barracuda device to make sure the IP of the exchange server is correct.

Goto http://testconnectivity.microsoft.com and see what results you get there. It should help a lot to resolve your issues.

PTR can be wrong at times because really you have to get your ISP to make that change on their end. It should not be the sole reason for rejection of emails.

When you sy "I did a quick telnet to port 25 and your banner is not showing any names. It should really read mail.structuredassetservices.com " .... are you saying that my PTR record should read mail.structuredassetservices.com?

Also, what if I added multiple PTRs... like:

mail.structuredassetservices.com and BARRACUDA.STRUCTUREDASSETSERVICES.com both pointing to the same IP?

Also, please remember the DNS entries I have now are way different than the original one's I created for the move.  I really screwed them up!!  Now that they are "fixed" or at least better, I am concerned that what I did last week is still affecting me now.  That is why I am trying to get a "Blessing" on my current config so I can feel confident.

Please clarify my questions above!!!!

Sorry, but I am desperate at this point!!  No stable mail in 4 days!!

I think your DNS is fine on the external side. Internally I can't say for sure but if you are able to send and receive mails then your DNS is most likely set properly.

Did you try the Microsoft test site I sent you the link for? http://testconnectivity.microsoft.com

Update us on the status of what your system is doing now that certain things are fixed and some still aren't (still blacklisted).

Here are the results.....
RCATestResult.html

The only thing the outbound test is saying that you do not have a SPF record which are easy to create. Walk through the wizard to get one created and update your DNS entries to reflect the generated SPF record. https://www.microsoft.com/mscorp/safety/content/technologies/senderid/wizard/

So at this point are you outbound emails still being rejected?

yes.... they are still being rejected..... Can you please answer the questions I had above:

"When you sy "I did a quick telnet to port 25 and your banner is not showing any names. It should really read mail.structuredassetservices.com " .... are you saying that my PTR record should read mail.structuredassetservices.com?

Also, what if I added multiple PTRs... like:

mail.structuredassetservices.com and BARRACUDA.STRUCTUREDASSETSERVICES.com both pointing to the same IP?"

sasmail is my exchange server

I think you need to check your configuration again. It looks like from that outbound email header that the email went from Barracuda to Exchange Server, not the other way around.

Outbound mail is sent to my Exchange server (SASMAIL) from Outlook client.  It then sends that to my Barracuda and my barracuda sends it out ....


Inbound mail hits my barracuda and then it sends that to my exchange server (SASMAIL).

The header I uploaded is from the undeliverable sent back to me because the email I sent out was rejected.