Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Remote Server returned '550 5.7.1 Recipient not authorized, your IP has been found on a block list'

Posted on 2014-02-25
7
Medium Priority
?
18,542 Views
1 Endorsement
Last Modified: 2014-03-04
Hi Exchange Expert,

Two  customer of ours are getting mail rejected from us because they are on a block list. In the past, I would add them in the Hub Transport Anti-Spam IP Allow List Providers and everything would be fine. This time it didn't resolve the issue.  Is it possible that this issue isn't being caused by our Exchange server or dns/MX record misconfiguration on their part.  

I observed that one of them is using the Exchange Online Protection since they have example.protection.outlook.com when queried using mxtoolbox.com and other is hosted Exchange (prod.exchange-labs.com)

Here is NDR message that external users receiving:

mail.abc.com (domain removed) rejected your message to the following email addresses:

John Excel (jexel@abc.com)
mail.abc.com  gave this error:
Recipient not authorized, your IP has been found on a block list

Your message wasn't delivered due to a permission or security issue. It may have been rejected by a moderator, the address may only accept email from certain senders, or another restriction may be preventing delivery.

 Diagnostic information for administrators:

Generating server: BY2PR01MB361.prod.exchangelabs.com
jexcel@abc.com
mail.abc.com
Remote Server returned '550 5.7.1 Recipient not authorized, your IP has been found on a block list'

 Original message headers:

Received: from BY2PR01MB171.prod.exchangelabs.com (10.242.233.153) by
 BY2PR01MB361.prod.exchangelabs.com (10.141.139.142) with Microsoft SMTP
 Server (TLS) id 15.0.883.10; Tue, 25 Feb 2014 19:36:44 +0000
Received: from BY2PR01MB171.prod.exchangelabs.com ([10.242.233.153]) by
 BY2PR01MB171.prod.exchangelabs.com ([10.242.233.153]) with mapi id
 15.00.0883.010; Tue, 25 Feb 2014 19:36:44 +0000
From: Derrick<Derrick.lee@xyz.com>
To: "John Excel" <jexcel@abc.com>
Subject: Test
Thread-Topic: Test
Thread-Index: Ac8yYOSt96staBysRta1C6vrdIFedQ==
Date: Tue, 25 Feb 2014 19:36:43 +0000
Message-ID: <aba69f29b4b74cc598456b541ec90917@BY2PR01MB171.prod.exchangelabs.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Test:
x-originating-ip: [50.1.2.23] (this is not real)
x-forefront-prvs: 01334458E5
x-forefront-antispam-report: SFV:NSPM;SFS:(10009001)(6009001)(199002)(189002)(15202345003)(74316001)(51856001)(90146001)(4396001)(87266001)(74366001)(69226001)(87936001)(95666003)(2656002)(66066001)(76482001)(85852003)(81342001)(65816001)(31966008)(54316002)(92566001)(16236675002)(85306002)(555874004)(56776001)(558084003)(46102001)(56816005)(63696002)(76786001)(53806001)(59766001)(50986001)(77982001)(47976001)(47736001)(47446002)(83072002)(74662001)(54356001)(81542001)(74706001)(81816001)(80976001)(93516002)(83322001)(80022001)(49866001)(74876001)(93136001)(15975445006)(86362001)(19300405004)(33646001)(19580395003)(94316002)(79102001)(76796001)(74502001)(94946001)(95416001)(81686001)(76176001)(24736002);DIR:OUT;SFP:1101;SCL:1;SRVR:BY2PR01MB361;H:BY2PR01MB171.prod.exchangelabs.com;CLIP:157.130.40.106;FPR:;PTR:InfoNoRecords;A:1;MX:1;LANG:;
Content-Type: multipart/alternative;
        boundary="_000_aba69f29b4b74cc598456b541ec90917BY2PR01MB171prodexchang_"
MIME-Version: 1.0
X-OriginatorOrg: xyz.com

Any help would be really appreciated.

Thanks,
1
Comment
Question by:Deorali
7 Comments
 
LVL 34

Expert Comment

by:Shreedhar Ette
ID: 39887418
Hello,

Go to http://mxtoolbox.com/blacklists.aspx 

Perform Black list check for your domain and exchange server public ip address.

If it is balck listed them remove from RBL to restore mail flow.
0
 
LVL 1

Author Comment

by:Deorali
ID: 39887422
Shredhar,

Already checked. My mail server is not blacklisted.  So far only two external users mails are being rejected.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 39887578
If your server is being rejected you will be found on a blocklist somewhere.

Have you checked on www.blacklistalert.org too?

Alan
0
Prepare for your VMware VCP6-DCV exam.

Josh Coen and Jason Langer have prepared the latest edition of VCP study guide. Both authors have been working in the IT field for more than a decade, and both hold VMware certifications. This 163-page guide covers all 10 of the exam blueprint sections.

 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 39887605
"Two  customer of ours are getting mail rejected from us because they are on a block list. In the past, I would add them in the Hub Transport Anti-Spam IP Allow List Providers and everything would be fine."

That doesn't make sense.

If you are blocking them, then adding them to the list is fine.
If they are blocking you, then it wouldn't do.

It isn't clear whether this is INBOUND or OUTBOUND email (to you).
If it is INBOUND, then you are blocking them, and need to establish why.
If it is OUTBOUND then you are being blocked, which means you are on a blacklist. Office365 uses its own internal blacklist.

Simon.
0
 
LVL 1

Author Comment

by:Deorali
ID: 39887612
Just to be clear. The issue is that mail from external users (INBOUND) are being rejected by my mail server. The above mentioned NDR message is what external user is getting. It is with just two external users.

Yes, I whitelisted the IP and domain in the exchange server but still the issue does not go away.
0
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 2000 total points
ID: 39887646
The first thing I would do is modify the NDR so it reports which blacklist it was found on. That will probably mean an NDR for each blacklist.

To do this, use a custom response code:
https://social.technet.microsoft.com/wiki/contents/articles/5071.exchange-2010-ip-block-list-providers-and-the-variables.aspx

After whitelisting, did you restart the transport service?
Are you sure you had the correct IP address that the messages are coming from? You have mentioned they are using hosted Exchange providers, do they route their OUTBOUND email from them?

Simon.
0
 
LVL 1

Author Closing Comment

by:Deorali
ID: 39903939
External user was using Office 365.  Office 365 use a range of IPs and  it so happened that IP of their outbound mail server was blacklisted on that particular day.  Following day  our mail server was able to process incoming mail from their mail server.

Thank you all for Simon and the rest for your help.
0

Featured Post

Cyber Threats to Small Businesses (Part 1)

This past May, Webroot surveyed more than 600 IT decision-makers at medium-sized companies to see how these small businesses perceived new threats facing their organizations.  Read what Webroot CISO, Gary Hayslip, has to say about the survey in part 1 of this 2-part blog series.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Stellar Exchange Toolkit: this 5 in 1 toolkit comes loaded with mega-software tool. Here’s an introduction to tools’ usage and advantages:
In this post, I will showcase the steps for how to create groups in Office 365. Office 365 groups allow for ease of flexibility and collaboration between staff members.
Polish reports in Access so they look terrific. Take yourself to another level. Equations, Back Color, Alternate Back Color. Write easy VBA Code. Tighten space to use less pages. Launch report from a menu, considering criteria only when it is filled…
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…

824 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question