Emails being rejected

This Monday I moved offices from one location to another.  I received a new IP block.  I modified my MX records and ptr records but did them incorrectly. I had incoming mail going to my Barracuda Spam device and outgoing mail leaving through my exchange server. When mail started being rejected I panicked and started sending mail outbound through my barracuda as well.  So now I have my mx record pointing to barracuda and my ptr record resolving to barracuda.  I made that last change today.  Mail is still bring rejected.  How can I validate that my current DNS configuration is good?.  Does this take time to resolve? And if so how long before they will start being delivered?

Please help... My email has been unstable for 3 days now and  things are not good!!
Who is Participating?

Improve company productivity with a Business Account.Sign Up

Mandeep KhalsaConnect With a Mentor Commented:
When people meet we say Hello to each other. The same way when email servers start the process of sending and receiving emails they do a "handshake". In this handshake they identify themselves with their names. This name is also listed on the banner.

For example google's mail server identifies itself as
220 ESMTP r6si802295qcl.98 - gsmtp

Open in new window

In your case, earlier it was coming up blank however now it shows this
220 ESMTP (54b580e75d81dcab857e0a4d65d1b878)

Open in new window

So your banner is now OK. As for the PTR's lets put that on hold because I don't think it is what is causing your problem here.

The original header you posted - It was for incoming email and its clear that it was rejected due to your IP being on the blacklist.

The second header you posted says:
Received: from (10.1.10.x) by (10.1.10.x) with Microsoft SMTP Server
 id 8.3.327.1;

Open in new window

Outbound mail relays through the barracuda and I believe the email headers say the mail is going out from

So the question is what is sasmail? Header says Barracuda forwarded the email to sasmail and your comment says the other way around.
Mandeep KhalsaCommented:
Have you seen the rejection emails you are getting? What does it exactly say? Have you checked the settings on Barracuda device to make sure it is not using 3rd party forwards or anything funky that changed due to the new IP block?
BSModlinAuthor Commented:
Here is an example of the undeliverable:
Diagnostic information for administrators:

Generating server:
#< #5.0.0 X-Spam-&-Virus-Firewall; host[] said: 550 5.7.1 Service unavailable; Client host [] blocked using Blocklist 1; To request removal from this list please forward this message to (in reply to RCPT TO command)> #SMTP#

Original message headers:

X-ASG-Debug-ID: 1392240338-06de93103a56360001-savSPn
Received: from sasmail.StructuredAssetServices.local ([]) by with ESMTP id 0kig20pvPnqQ9aEt
 (version=TLSv1 cipher=AES128-SHA bits=128 verify=NO) for
 <>; Wed, 12 Feb 2014 16:25:38 -0500 (EST)
Received: from sasmail.StructuredAssetServices.local
 ([fe80::10f:ad4d:a34a:7ec4]) by sasmail.StructuredAssetServices.local
 ([fe80::10f:ad4d:a34a:7ec4%11]) with mapi; Wed, 12 Feb 2014 16:26:03 -0500
From: Brian Modlin <>
To: "" <>
Date: Wed, 12 Feb 2014 16:26:02 -0500
Subject: test
Thread-Topic: test
X-ASG-Orig-Subj: test
Thread-Index: Ac8oOQWrVlASy9wETQ+i2hLWv1bctw==
Message-ID: <0BAA22B50820694AA876F9AF0ECD9A6B16230FE146@sasmail.StructuredAssetServices.local>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
acceptlanguage: en-US
Content-Type: multipart/related;
MIME-Version: 1.0
X-Barracuda-Connect: UNKNOWN[]
X-Barracuda-Start-Time: 1392240338
X-Barracuda-Encrypted: AES128-SHA
X-Virus-Scanned: by bsmtpd at
X-Barracuda-BRTS-Status: 1
X-Barracuda-Spam-Score: 0.00
X-Barracuda-Spam-Status: No, SCORE=0.00 using global scores of TAG_LEVEL=1000.0 QUARANTINE_LEVEL=1000.0 KILL_LEVEL=9.0 tests=EXTRA_MPART_TYPE, HTML_MESSAGE
X-Barracuda-Spam-Report: Code version 3.2, rules version
      Rule breakdown below
       pts rule name              description
      ---- ---------------------- --------------------------------------------------
      0.00 EXTRA_MPART_TYPE       Header has extraneous Content-type:...type= entry
      0.00 HTML_MESSAGE           BODY: HTML included
NEW Internet Security Report Now Available!

WatchGuard’s Threat Lab is a group of dedicated threat researchers committed to helping you stay ahead of the bad guys by providing in-depth analysis of the top security threats to your network.  Check out this quarters report on the threats that shook the industry in Q4 2017.

Mandeep KhalsaCommented:
You are still blacklisted. Check the same section on other failed messages you are getting and if the messages are different post them here. But based on this header you need to get your network cleaned and unblocked first.  See the error message below:

#< #5.0.0 X-Spam-&-Virus-Firewall; host[] said: 550 5.7.1 Service unavailable; Client host [] blocked using Blocklist 1;
BSModlinAuthor Commented:
How do I get clean.... Can you verify that my current dns entries are correct...
Mandeep KhalsaCommented:
The best thing to do is to monitor port 25 on your network. The only IP address that should be utilizing that port should be your mail server or barracuda device. If any other IP address shows up then those machines are the ones you clean by running antivirus and anti malware scans ( If your server is infected you still have to clean it in the same way. Make sure you disconnect the machine from the network as soon as you figure out which one it is.

As for your DNS go to and do a nslookup on your domain. Change the type from any to A or MX to see specific results. That should tell you what the outside world sees when they want to send you emails or access your other services.
BSModlinAuthor Commented:
Tried to run the utility and don't know how to use it.  I get no results... Sorry, but can you assist?
BSModlinAuthor Commented:
My MX = (points to barracuda)
My PTR = (points to barracuda)

Outbound mail relays through the barracuda and I believe the email headers say the mail is going out from

Is this the correct DNS configuration?
BSModlinAuthor Commented:
Also, here is the headers of the undeliverable message I received when trying to send mail:

Received: from (10.1.10.x) by (10.1.10.x) with Microsoft SMTP Server
 id 8.3.327.1; Thu, 13 Feb 2014 10:05:13 -0500
Received: by (Spam & Virus Firewall)      id
 DFECEBE99F; Thu, 13 Feb 2014 10:04:46 -0500 (EST)
Date: Thu, 13 Feb 2014 10:04:46 -0500
Subject: Undelivered Mail Returned to Sender
To: <>
MIME-Version: 1.0
Content-Type: multipart/report; report-type=delivery-status;
Message-ID: <>
Return-Path: <>
BSModlinAuthor Commented:
According to the Headers and the DNS entries I posted above.... Are they correct?
BSModlinAuthor Commented:
Should the PTR reflect or

All outbound mail is sent out from the Exchange server and then RELAYED through the barracuda.
Mandeep KhalsaCommented:
As far as your external DNS goes your MX pointing to looks good. I did a quick telnet to port 25 and your banner is not showing any names. It should really read

As for the internal issues, check your relay in Exchange. Is it still set to the correct IP addresses after the move? Also check the Barracuda device to make sure the IP of the exchange server is correct.

Goto and see what results you get there. It should help a lot to resolve your issues.

PTR can be wrong at times because really you have to get your ISP to make that change on their end. It should not be the sole reason for rejection of emails.
BSModlinAuthor Commented:
When you sy "I did a quick telnet to port 25 and your banner is not showing any names. It should really read " .... are you saying that my PTR record should read

Also, what if I added multiple PTRs... like: and both pointing to the same IP?

Also, please remember the DNS entries I have now are way different than the original one's I created for the move.  I really screwed them up!!  Now that they are "fixed" or at least better, I am concerned that what I did last week is still affecting me now.  That is why I am trying to get a "Blessing" on my current config so I can feel confident.

Please clarify my questions above!!!!

Sorry, but I am desperate at this point!!  No stable mail in 4 days!!
Mandeep KhalsaCommented:
I think your DNS is fine on the external side. Internally I can't say for sure but if you are able to send and receive mails then your DNS is most likely set properly.

Did you try the Microsoft test site I sent you the link for?

Update us on the status of what your system is doing now that certain things are fixed and some still aren't (still blacklisted).
BSModlinAuthor Commented:
Here are the results.....
Mandeep KhalsaCommented:
The only thing the outbound test is saying that you do not have a SPF record which are easy to create. Walk through the wizard to get one created and update your DNS entries to reflect the generated SPF record.

So at this point are you outbound emails still being rejected?
BSModlinAuthor Commented:
yes.... they are still being rejected..... Can you please answer the questions I had above:

"When you sy "I did a quick telnet to port 25 and your banner is not showing any names. It should really read " .... are you saying that my PTR record should read

Also, what if I added multiple PTRs... like: and both pointing to the same IP?"
BSModlinAuthor Commented:
sasmail is my exchange server
Mandeep KhalsaCommented:
I think you need to check your configuration again. It looks like from that outbound email header that the email went from Barracuda to Exchange Server, not the other way around.
BSModlinAuthor Commented:
Outbound mail is sent to my Exchange server (SASMAIL) from Outlook client.  It then sends that to my Barracuda and my barracuda sends it out ....

Inbound mail hits my barracuda and then it sends that to my exchange server (SASMAIL).
BSModlinAuthor Commented:
The header I uploaded is from the undeliverable sent back to me because the email I sent out was rejected.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.