External mail routing issue


 I have installed Ex2013 on a separate box.  Over the weekend I have switched the 2010 CAS role to my new CAS server.  I update the external url's on the virtual directories on the new CAS server swapped out the ip's of my 2010 exchange putting it on the new one (as I don't have to make any changes to my public dns records) and set a new ip for my 2010 cas box with mailboxes.  Last, I updated the internet connector to include my new CAS server as a source server.  Basiscally, everything works fine except the now we can't send any external emails.  We got an undeliverable message saying that "client host x.x.x.x blocked using block list 1, mail from IP banned............
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Gregory MillerGeneral ManagerCommented:
Is the IP address that is provided in the bounce message your public IP or one of your private IP's?
Laxjoey1Author Commented:
The bounce message IP is our Public IP
Gregory MillerGeneral ManagerCommented:
Does the IP in the message match you MX and PTR records in DNS? If so, this sounds like you are blacklisted someplace. If not, your mailserver may be getting viewed as not an authorized mail server and being rejected by the recipient server.

send a test message to EE-TEST@agbsm.net and I will post back the results from my mail server.
Become a Microsoft Certified Solutions Expert

This course teaches how to install and configure Windows Server 2012 R2.  It is the first step on your path to becoming a Microsoft Certified Solutions Expert (MCSE).

Gregory MillerGeneral ManagerCommented:
Feb 24 18:07:54 svr005 postfix/smtpd[16800]: warning: address not listed for hostname mail.nhsocal.com
Feb 24 18:07:54 svr005 postfix/smtpd[16800]: connect from unknown[]
Feb 24 18:07:54 svr005 postfix/smtpd[16800]: NOQUEUE: reject: RCPT from unknown[]: 550 5.1.1 <EE-TEST@agbsm.net>: Recipient address rejected: User unknown in virtual alias table; from=<JNg@NHSoCal.com> to=<EE-TEST@agbsm.net> proto=ESMTP helo=<anvmail1.nhsocal.com>
Feb 24 18:07:54 svr005 postfix/smtpd[16800]: disconnect from unknown[]

Open in new window

Is the IP address listed here correct? Seems like it is not... I show a 208.x.y.z address from a DNS query...

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Laxjoey1Author Commented:
4.30.x.x is our public ip and the 208.x.x.x are our ptr's
Gregory MillerGeneral ManagerCommented:
The hostname being resolved does not match the hostname on the mail server. Resolution name is "mail.nhsocal.com" and the server is claiming to be "anvmail1.nhsocal.com"
Laxjoey1Author Commented:
but both names are included in our certificate registration
Gregory MillerGeneral ManagerCommented:
Has nothing to do with the certificate but the name the SMTP service is giving when it issues the HELO or EHLO command.
Laxjoey1Author Commented:
I just got updated information from the admin that we only get blocked if we are sending mail to Office 365 users externally , all  other external domains seems to be fine.   We have requested to be unblocked from the block list and we will see what happens after 24 hrs.   Shall I close this case and reopen tomorrow if needed or leave it open?
Gregory MillerGeneral ManagerCommented:
Leave it open... I am curious what the outcome is. I sell o365 and support it as well and always looking for good intel.
Laxjoey1Author Commented:
Good afternoon, we still getting messages blocked trying to send to office 365 users .  Seems like we don't have any other issues besides that.  The message reads:

CO9EHSMHS015.bigfish.com gave this error:
 Service unavailable; Client host [] blocked using Blocklist 1, mail from IP banned; To request removal from this list please forward this message to delist@messaging.microsoft.com and include your ip address .

Laxjoey1Author Commented:
Hello EchgGURU,

 Got a question, on the digital certificate on the exchange box, the smtp service is not enabled for the digital certificate on the CAS server it only lists POP3, IMAP4 and IIS as services enabled.  Is that the proper configuration.  Please see attached
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Internet / Email Software

From novice to tech pro — start learning today.