[Webinar] Streamline your web hosting managementRegister Today

x
?
Solved

Remote Server returned '550 5.7.1 Recipient not authorized, your IP has been found on a block list'

Posted on 2014-02-25
7
Medium Priority
?
18,916 Views
1 Endorsement
Last Modified: 2014-03-04
Hi Exchange Expert,

Two  customer of ours are getting mail rejected from us because they are on a block list. In the past, I would add them in the Hub Transport Anti-Spam IP Allow List Providers and everything would be fine. This time it didn't resolve the issue.  Is it possible that this issue isn't being caused by our Exchange server or dns/MX record misconfiguration on their part.  

I observed that one of them is using the Exchange Online Protection since they have example.protection.outlook.com when queried using mxtoolbox.com and other is hosted Exchange (prod.exchange-labs.com)

Here is NDR message that external users receiving:

mail.abc.com (domain removed) rejected your message to the following email addresses:

John Excel (jexel@abc.com)
mail.abc.com  gave this error:
Recipient not authorized, your IP has been found on a block list

Your message wasn't delivered due to a permission or security issue. It may have been rejected by a moderator, the address may only accept email from certain senders, or another restriction may be preventing delivery.

 Diagnostic information for administrators:

Generating server: BY2PR01MB361.prod.exchangelabs.com
jexcel@abc.com
mail.abc.com
Remote Server returned '550 5.7.1 Recipient not authorized, your IP has been found on a block list'

 Original message headers:

Received: from BY2PR01MB171.prod.exchangelabs.com (10.242.233.153) by
 BY2PR01MB361.prod.exchangelabs.com (10.141.139.142) with Microsoft SMTP
 Server (TLS) id 15.0.883.10; Tue, 25 Feb 2014 19:36:44 +0000
Received: from BY2PR01MB171.prod.exchangelabs.com ([10.242.233.153]) by
 BY2PR01MB171.prod.exchangelabs.com ([10.242.233.153]) with mapi id
 15.00.0883.010; Tue, 25 Feb 2014 19:36:44 +0000
From: Derrick<Derrick.lee@xyz.com>
To: "John Excel" <jexcel@abc.com>
Subject: Test
Thread-Topic: Test
Thread-Index: Ac8yYOSt96staBysRta1C6vrdIFedQ==
Date: Tue, 25 Feb 2014 19:36:43 +0000
Message-ID: <aba69f29b4b74cc598456b541ec90917@BY2PR01MB171.prod.exchangelabs.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Test:
x-originating-ip: [50.1.2.23] (this is not real)
x-forefront-prvs: 01334458E5
x-forefront-antispam-report: SFV:NSPM;SFS:(10009001)(6009001)(199002)(189002)(15202345003)(74316001)(51856001)(90146001)(4396001)(87266001)(74366001)(69226001)(87936001)(95666003)(2656002)(66066001)(76482001)(85852003)(81342001)(65816001)(31966008)(54316002)(92566001)(16236675002)(85306002)(555874004)(56776001)(558084003)(46102001)(56816005)(63696002)(76786001)(53806001)(59766001)(50986001)(77982001)(47976001)(47736001)(47446002)(83072002)(74662001)(54356001)(81542001)(74706001)(81816001)(80976001)(93516002)(83322001)(80022001)(49866001)(74876001)(93136001)(15975445006)(86362001)(19300405004)(33646001)(19580395003)(94316002)(79102001)(76796001)(74502001)(94946001)(95416001)(81686001)(76176001)(24736002);DIR:OUT;SFP:1101;SCL:1;SRVR:BY2PR01MB361;H:BY2PR01MB171.prod.exchangelabs.com;CLIP:157.130.40.106;FPR:;PTR:InfoNoRecords;A:1;MX:1;LANG:;
Content-Type: multipart/alternative;
        boundary="_000_aba69f29b4b74cc598456b541ec90917BY2PR01MB171prodexchang_"
MIME-Version: 1.0
X-OriginatorOrg: xyz.com

Any help would be really appreciated.

Thanks,
1
Comment
Question by:Deorali
7 Comments
 
LVL 34

Expert Comment

by:Shreedhar Ette
ID: 39887418
Hello,

Go to http://mxtoolbox.com/blacklists.aspx 

Perform Black list check for your domain and exchange server public ip address.

If it is balck listed them remove from RBL to restore mail flow.
0
 
LVL 1

Author Comment

by:Deorali
ID: 39887422
Shredhar,

Already checked. My mail server is not blacklisted.  So far only two external users mails are being rejected.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 39887578
If your server is being rejected you will be found on a blocklist somewhere.

Have you checked on www.blacklistalert.org too?

Alan
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 39887605
"Two  customer of ours are getting mail rejected from us because they are on a block list. In the past, I would add them in the Hub Transport Anti-Spam IP Allow List Providers and everything would be fine."

That doesn't make sense.

If you are blocking them, then adding them to the list is fine.
If they are blocking you, then it wouldn't do.

It isn't clear whether this is INBOUND or OUTBOUND email (to you).
If it is INBOUND, then you are blocking them, and need to establish why.
If it is OUTBOUND then you are being blocked, which means you are on a blacklist. Office365 uses its own internal blacklist.

Simon.
0
 
LVL 1

Author Comment

by:Deorali
ID: 39887612
Just to be clear. The issue is that mail from external users (INBOUND) are being rejected by my mail server. The above mentioned NDR message is what external user is getting. It is with just two external users.

Yes, I whitelisted the IP and domain in the exchange server but still the issue does not go away.
0
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 2000 total points
ID: 39887646
The first thing I would do is modify the NDR so it reports which blacklist it was found on. That will probably mean an NDR for each blacklist.

To do this, use a custom response code:
https://social.technet.microsoft.com/wiki/contents/articles/5071.exchange-2010-ip-block-list-providers-and-the-variables.aspx

After whitelisting, did you restart the transport service?
Are you sure you had the correct IP address that the messages are coming from? You have mentioned they are using hosted Exchange providers, do they route their OUTBOUND email from them?

Simon.
0
 
LVL 1

Author Closing Comment

by:Deorali
ID: 39903939
External user was using Office 365.  Office 365 use a range of IPs and  it so happened that IP of their outbound mail server was blacklisted on that particular day.  Following day  our mail server was able to process incoming mail from their mail server.

Thank you all for Simon and the rest for your help.
0

Featured Post

SMB Security Just Got a Layer Stronger

WatchGuard acquires Percipient Networks to extend protection to the DNS layer, further increasing the value of Total Security Suite.  Learn more about what this means for you and how you can improve your security with WatchGuard today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If Skype for Business came with your office 2016 or office 365 installation, you may find that it's almost impossible to either disable or remove it. The application will often launch with each start of Windows, even when explicitly configured not t…
Are you looking to start a business? Do you own and operate a small company? If so, here are some courses you need to take before you hire a full-time IT staff.
Do you want to know how to make a graph with Microsoft Access? First, create a query with the data for the chart. Then make a blank form and add a chart control. This video also shows how to change what data is displayed on the graph as well as form…
Whether it be Exchange Server Crash Issues, Dirty Shutdown Errors or Failed to mount error, Stellar Phoenix Mailbox Exchange Recovery has always got your back. With the help of its easy to understand user interface and 3 simple steps recovery proced…
Suggested Courses

590 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question