Solved

Remote Server returned '550 5.7.1 Recipient not authorized, your IP has been found on a block list'

Posted on 2014-02-25
7
17,858 Views
1 Endorsement
Last Modified: 2014-03-04
Hi Exchange Expert,

Two  customer of ours are getting mail rejected from us because they are on a block list. In the past, I would add them in the Hub Transport Anti-Spam IP Allow List Providers and everything would be fine. This time it didn't resolve the issue.  Is it possible that this issue isn't being caused by our Exchange server or dns/MX record misconfiguration on their part.  

I observed that one of them is using the Exchange Online Protection since they have example.protection.outlook.com when queried using mxtoolbox.com and other is hosted Exchange (prod.exchange-labs.com)

Here is NDR message that external users receiving:

mail.abc.com (domain removed) rejected your message to the following email addresses:

John Excel (jexel@abc.com)
mail.abc.com  gave this error:
Recipient not authorized, your IP has been found on a block list

Your message wasn't delivered due to a permission or security issue. It may have been rejected by a moderator, the address may only accept email from certain senders, or another restriction may be preventing delivery.

 Diagnostic information for administrators:

Generating server: BY2PR01MB361.prod.exchangelabs.com
jexcel@abc.com
mail.abc.com
Remote Server returned '550 5.7.1 Recipient not authorized, your IP has been found on a block list'

 Original message headers:

Received: from BY2PR01MB171.prod.exchangelabs.com (10.242.233.153) by
 BY2PR01MB361.prod.exchangelabs.com (10.141.139.142) with Microsoft SMTP
 Server (TLS) id 15.0.883.10; Tue, 25 Feb 2014 19:36:44 +0000
Received: from BY2PR01MB171.prod.exchangelabs.com ([10.242.233.153]) by
 BY2PR01MB171.prod.exchangelabs.com ([10.242.233.153]) with mapi id
 15.00.0883.010; Tue, 25 Feb 2014 19:36:44 +0000
From: Derrick<Derrick.lee@xyz.com>
To: "John Excel" <jexcel@abc.com>
Subject: Test
Thread-Topic: Test
Thread-Index: Ac8yYOSt96staBysRta1C6vrdIFedQ==
Date: Tue, 25 Feb 2014 19:36:43 +0000
Message-ID: <aba69f29b4b74cc598456b541ec90917@BY2PR01MB171.prod.exchangelabs.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Test:
x-originating-ip: [50.1.2.23] (this is not real)
x-forefront-prvs: 01334458E5
x-forefront-antispam-report: SFV:NSPM;SFS:(10009001)(6009001)(199002)(189002)(15202345003)(74316001)(51856001)(90146001)(4396001)(87266001)(74366001)(69226001)(87936001)(95666003)(2656002)(66066001)(76482001)(85852003)(81342001)(65816001)(31966008)(54316002)(92566001)(16236675002)(85306002)(555874004)(56776001)(558084003)(46102001)(56816005)(63696002)(76786001)(53806001)(59766001)(50986001)(77982001)(47976001)(47736001)(47446002)(83072002)(74662001)(54356001)(81542001)(74706001)(81816001)(80976001)(93516002)(83322001)(80022001)(49866001)(74876001)(93136001)(15975445006)(86362001)(19300405004)(33646001)(19580395003)(94316002)(79102001)(76796001)(74502001)(94946001)(95416001)(81686001)(76176001)(24736002);DIR:OUT;SFP:1101;SCL:1;SRVR:BY2PR01MB361;H:BY2PR01MB171.prod.exchangelabs.com;CLIP:157.130.40.106;FPR:;PTR:InfoNoRecords;A:1;MX:1;LANG:;
Content-Type: multipart/alternative;
        boundary="_000_aba69f29b4b74cc598456b541ec90917BY2PR01MB171prodexchang_"
MIME-Version: 1.0
X-OriginatorOrg: xyz.com

Any help would be really appreciated.

Thanks,
1
Comment
Question by:Deorali
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 34

Expert Comment

by:Shreedhar Ette
ID: 39887418
Hello,

Go to http://mxtoolbox.com/blacklists.aspx 

Perform Black list check for your domain and exchange server public ip address.

If it is balck listed them remove from RBL to restore mail flow.
0
 
LVL 1

Author Comment

by:Deorali
ID: 39887422
Shredhar,

Already checked. My mail server is not blacklisted.  So far only two external users mails are being rejected.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 39887578
If your server is being rejected you will be found on a blocklist somewhere.

Have you checked on www.blacklistalert.org too?

Alan
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 39887605
"Two  customer of ours are getting mail rejected from us because they are on a block list. In the past, I would add them in the Hub Transport Anti-Spam IP Allow List Providers and everything would be fine."

That doesn't make sense.

If you are blocking them, then adding them to the list is fine.
If they are blocking you, then it wouldn't do.

It isn't clear whether this is INBOUND or OUTBOUND email (to you).
If it is INBOUND, then you are blocking them, and need to establish why.
If it is OUTBOUND then you are being blocked, which means you are on a blacklist. Office365 uses its own internal blacklist.

Simon.
0
 
LVL 1

Author Comment

by:Deorali
ID: 39887612
Just to be clear. The issue is that mail from external users (INBOUND) are being rejected by my mail server. The above mentioned NDR message is what external user is getting. It is with just two external users.

Yes, I whitelisted the IP and domain in the exchange server but still the issue does not go away.
0
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 500 total points
ID: 39887646
The first thing I would do is modify the NDR so it reports which blacklist it was found on. That will probably mean an NDR for each blacklist.

To do this, use a custom response code:
https://social.technet.microsoft.com/wiki/contents/articles/5071.exchange-2010-ip-block-list-providers-and-the-variables.aspx

After whitelisting, did you restart the transport service?
Are you sure you had the correct IP address that the messages are coming from? You have mentioned they are using hosted Exchange providers, do they route their OUTBOUND email from them?

Simon.
0
 
LVL 1

Author Closing Comment

by:Deorali
ID: 39903939
External user was using Office 365.  Office 365 use a range of IPs and  it so happened that IP of their outbound mail server was blacklisted on that particular day.  Following day  our mail server was able to process incoming mail from their mail server.

Thank you all for Simon and the rest for your help.
0

Featured Post

Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article describes how you can use Custom Document Properties to store settings and other information in your workbook so that they will be available the next time you open the workbook.
If you need to forecast numbers -- typically for finance -- the Windows and Mac versions of Excel 2016 have a basket of tools to get the job done.
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…
In this video you will find out how to export Office 365 mailboxes using the built in eDiscovery tool. Bear in mind that although this method might be useful in some cases, using PST files as Office 365 backup is troublesome in a long run (more on t…

627 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question