[Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1265
  • Last Modified:

sbs 2011/Exchange 2010 e-mails being flagged as Spam

Up until 1 day ago we had no problems sending out e-mail via our sbs 2011. Since then recipients have called and stated that they are not receiving our e-mails. Not everyone here is receiving "NDRs". I have checked the following:

Public IP address on any blacklists - No (MXtoolbox.com)
Exchange is not an open relay - (Mxtoolbox.com)

I was finally able to get a NDR from one of the users:

From: Microsoft Outlook
Sent: Friday, February 14, 2014 4:21 AM
To: user@somecompany.com; user@somecompnay.com
Subject: Undeliverable: TEST after Reboot
p3plibsmtp01-05.prod.phx3.secureserver.net rejected your message to the following e-mail addresses:
user@somecompnay.com (user@somecompnay.com)
p3plibsmtp01-05.prod.phx3.secureserver.net gave this error:
S9Mu1n00R4XxHTV019Mvce IB212 msg rejected as spam
There's a problem with the recipient's mailbox. Please try resending the message. If the problem continues, please contact your helpdesk.
user@somecompnay.com (user@somecompnay.com)
p3plibsmtp01-05.prod.phx3.secureserver.net gave this error:
S9Mu1n00R4XxHTV019Mvce IB212 msg rejected as spam
There's a problem with the recipient's mailbox. Please try resending the message. If the problem continues, please contact your helpdesk.
Diagnostic information for administrators:
Generating server: SERVER.domain.local
user@somecompnay.com p3plibsmtp01-05.prod.phx3.secureserver.net #552 5.2.0 S9Mu1n00R4XxHTV019Mvce IB212 msg rejected as spam ##
user@somecompnay.com
p3plibsmtp01-05.prod.phx3.secureserver.net #552 5.2.0 S9Mu1n00R4XxHTV019Mvce IB212 msg rejected as spam ##
Original message headers:
Received: from SERVER.domain.local ([fe80::9c28:d33:39b1:705]) by
 SERVER.domain.local ([fe80::9c28:d33:39b1:705%11]) with mapi id
 14.01.0438.000; Fri, 14 Feb 2014 04:21:45 -0500
From: some user < user@somecompnay.com >
To: " user@somecompnay.com " < user@somecompnay.com >
CC: " user@somecompnay.com " < user@somecompnay.com >
Subject: TEST after Reboot
Thread-Topic: TEST after Reboot
Thread-Index: Ac8pZi1xcGSaJOOcSgayLC0MF/nwjg==
Date: Fri, 14 Feb 2014 09:21:44 +0000
Message-ID: <43D021F9200BB6489D68A4E71CD729849AB1FF@SERVER.stpeterdeland.local>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [72.188.1.0]
Content-Type: multipart/alternative;
      boundary="_000_43D021F9200BB6489D68A4E71CD729849AB1FFSERVERstpeterdela_"
MIME-Version: 1.0
0
flteng562
Asked:
flteng562
  • 8
  • 8
1 Solution
 
Michael MachieFull-time technical multi-taskerCommented:
p3plibsmtp01-05.prod.phx3.secureserver.net rejected your message to the following e-mail addresses:
user@somecompnay.com (user@somecompnay.com)
p3plibsmtp01-05.prod.phx3.secureserver.net gave this error:
S9Mu1n00R4XxHTV019Mvce IB212 msg rejected as spam
There's a problem with the recipient's mailbox. Please try resending the message. If the problem continues, please contact your helpdesk.

I would start there..
Does this occur with ALL emails being sent or just to this one recipient? The message states it is a problem with their mailbox, not anything with your server.
0
 
flteng562Author Commented:
Hi Machienet,

The e-mails are not getting through on several domains. I logged into one of the senders email accounts and sent a test e-mail to me at my company domain e-mail address that is when I got the above error information.

Regards,

Frank
0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
You will definitely get these type messages (especially from secureserver.net which is GoDaddy) if you don't have a valid SPF record for your domain.

This will help you to create it:
https://www.microsoft.com/mscorp/safety/content/technologies/senderid/wizard/

Then add it to your public DNS for your domain.

It would also help if you had a PTR (Reverse DNS entry) that matches your domain name.  More than likely your PTR is some generic one created by your ISP.  Check with your ISP to see if they will provide a custom one and then set it as the hostname of your server (ie, mail.yourdomain.com) used in your MX records.

Jeff
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
flteng562Author Commented:
Hi Jeff,

I have generated the "SPF" record via the link you provided. It was then entered as a txt file. I did notice that it has quotes on each end. Will this create any problems?. I double checked the copied string in notepad and that did not have quotes on either end of the string. We are using ATT Webhosting. After saving changes that is when the "quotes" appeared.

Regards,

Frank
0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
Verify your SPF using http://mxtoolbox.com/spf.aspx
0
 
flteng562Author Commented:
Hi Jeffery,

I created the SPF record and entered it as "txt" in my hosts DNS Manger:

v=spf1 a mx ip4:149.115.20.189 mx:server512.appriver.com mx:server513.appriver.com ~all

Then for domain entry I used the clients: somecompany.com

We are using "Appriver" for offsight e-mail spam filtering.

I tried the SPF verifyer but it came back as "SPF is not valid"

Is the record itself correct?

Regards,

Frank
0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
Are you sending OUTBOUND through AppRiver?  If so, then you need to follow their instructions for your SPF:  https://support.appriver.com/KB/a253/spf-record-setup-for-appriver-hosted-services.aspx

But if you are NOT sending outbound through their service your SPF shouldn't include them.  

And by the looks of the NDR you posted originally you are NOT sending outbound through them.

Jeff
0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
Also...

"Then for domain entry I used the clients: somecompany.com"

What do you mean by this?  The domain entry should be your own!
0
 
flteng562Author Commented:
Hi Jeffery,

We are using AppRiver.com for inbound spam filtering.

As for the domain entry it is actually: "stpeterdeland.org"
0
 
flteng562Author Commented:
Update,

I just performed a "unblock request" from Godaddy  using our public IP - 65.34.20.210.

The response back was it was not being blocked
0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
So, I'm not sure what you entered on your public DNS, but it still doesn't show an SPF record at all.  This is what you need to enter for it:

v=spf1 ptr:se.biz.rr.com ip4:65.34.20.210 ~all

If there is a box for "hostname" you can enter a @ in it (which = "all")

There should NOT be any quotes around the main entry though.
0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
Also, I ran a test at Microsoft's Test Connectivity and it shows as well that the only thing you are missing is a valid SPF record.  See the attached.
Microsoft-Remote-Connectivity-An.pdf
0
 
flteng562Author Commented:
Hi Jeffery,

I attempted to change the SPF file but and error message appeared stating that "Value of TXT record should be taken in quotes. For example "value=value of TXT record".

I have attached a word document with a screen shot of the ATT DNS Manager screen.

Frank
SPF.docx
0
 
flteng562Author Commented:
Update,

I went ahead and added the SPF record with the required double quotes as per ATT. Also added the "@" symbol in the name column.
0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
And it looks like you now have a functional SPF Record:
SPF @ MXToolbox
Jeff
0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
And a successful Connectivity Test for outbound SMTP!

Connectivity Test
Congratulations!

Hopefully now your mail will get delivered without a problem.

Jeff
0
 
flteng562Author Commented:
Hi Jeff,

Thanks for all of your help with this. Strange that thes erver has been running with no problems for 1.5 years without the SPF record then all of sudden this problem occurs.

I suspect that "SecureServer.net" probably made some tweak and that sent us into Spam Land.

Anyways, thanks again,

Frank
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

  • 8
  • 8
Tackle projects and never again get stuck behind a technical roadblock.
Join Now