Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Remote Server returned '550 5.7.1 Recipient not authorized, your IP has been found on a block list'

Posted on 2014-02-25
7
16,955 Views
1 Endorsement
Last Modified: 2014-03-04
Hi Exchange Expert,

Two  customer of ours are getting mail rejected from us because they are on a block list. In the past, I would add them in the Hub Transport Anti-Spam IP Allow List Providers and everything would be fine. This time it didn't resolve the issue.  Is it possible that this issue isn't being caused by our Exchange server or dns/MX record misconfiguration on their part.  

I observed that one of them is using the Exchange Online Protection since they have example.protection.outlook.com when queried using mxtoolbox.com and other is hosted Exchange (prod.exchange-labs.com)

Here is NDR message that external users receiving:

mail.abc.com (domain removed) rejected your message to the following email addresses:

John Excel (jexel@abc.com)
mail.abc.com  gave this error:
Recipient not authorized, your IP has been found on a block list

Your message wasn't delivered due to a permission or security issue. It may have been rejected by a moderator, the address may only accept email from certain senders, or another restriction may be preventing delivery.

 Diagnostic information for administrators:

Generating server: BY2PR01MB361.prod.exchangelabs.com
jexcel@abc.com
mail.abc.com
Remote Server returned '550 5.7.1 Recipient not authorized, your IP has been found on a block list'

 Original message headers:

Received: from BY2PR01MB171.prod.exchangelabs.com (10.242.233.153) by
 BY2PR01MB361.prod.exchangelabs.com (10.141.139.142) with Microsoft SMTP
 Server (TLS) id 15.0.883.10; Tue, 25 Feb 2014 19:36:44 +0000
Received: from BY2PR01MB171.prod.exchangelabs.com ([10.242.233.153]) by
 BY2PR01MB171.prod.exchangelabs.com ([10.242.233.153]) with mapi id
 15.00.0883.010; Tue, 25 Feb 2014 19:36:44 +0000
From: Derrick<Derrick.lee@xyz.com>
To: "John Excel" <jexcel@abc.com>
Subject: Test
Thread-Topic: Test
Thread-Index: Ac8yYOSt96staBysRta1C6vrdIFedQ==
Date: Tue, 25 Feb 2014 19:36:43 +0000
Message-ID: <aba69f29b4b74cc598456b541ec90917@BY2PR01MB171.prod.exchangelabs.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Test:
x-originating-ip: [50.1.2.23] (this is not real)
x-forefront-prvs: 01334458E5
x-forefront-antispam-report: SFV:NSPM;SFS:(10009001)(6009001)(199002)(189002)(15202345003)(74316001)(51856001)(90146001)(4396001)(87266001)(74366001)(69226001)(87936001)(95666003)(2656002)(66066001)(76482001)(85852003)(81342001)(65816001)(31966008)(54316002)(92566001)(16236675002)(85306002)(555874004)(56776001)(558084003)(46102001)(56816005)(63696002)(76786001)(53806001)(59766001)(50986001)(77982001)(47976001)(47736001)(47446002)(83072002)(74662001)(54356001)(81542001)(74706001)(81816001)(80976001)(93516002)(83322001)(80022001)(49866001)(74876001)(93136001)(15975445006)(86362001)(19300405004)(33646001)(19580395003)(94316002)(79102001)(76796001)(74502001)(94946001)(95416001)(81686001)(76176001)(24736002);DIR:OUT;SFP:1101;SCL:1;SRVR:BY2PR01MB361;H:BY2PR01MB171.prod.exchangelabs.com;CLIP:157.130.40.106;FPR:;PTR:InfoNoRecords;A:1;MX:1;LANG:;
Content-Type: multipart/alternative;
        boundary="_000_aba69f29b4b74cc598456b541ec90917BY2PR01MB171prodexchang_"
MIME-Version: 1.0
X-OriginatorOrg: xyz.com

Any help would be really appreciated.

Thanks,
1
Comment
Question by:Deorali
7 Comments
 
LVL 34

Expert Comment

by:Shreedhar Ette
ID: 39887418
Hello,

Go to http://mxtoolbox.com/blacklists.aspx 

Perform Black list check for your domain and exchange server public ip address.

If it is balck listed them remove from RBL to restore mail flow.
0
 
LVL 1

Author Comment

by:Deorali
ID: 39887422
Shredhar,

Already checked. My mail server is not blacklisted.  So far only two external users mails are being rejected.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 39887578
If your server is being rejected you will be found on a blocklist somewhere.

Have you checked on www.blacklistalert.org too?

Alan
0
Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 39887605
"Two  customer of ours are getting mail rejected from us because they are on a block list. In the past, I would add them in the Hub Transport Anti-Spam IP Allow List Providers and everything would be fine."

That doesn't make sense.

If you are blocking them, then adding them to the list is fine.
If they are blocking you, then it wouldn't do.

It isn't clear whether this is INBOUND or OUTBOUND email (to you).
If it is INBOUND, then you are blocking them, and need to establish why.
If it is OUTBOUND then you are being blocked, which means you are on a blacklist. Office365 uses its own internal blacklist.

Simon.
0
 
LVL 1

Author Comment

by:Deorali
ID: 39887612
Just to be clear. The issue is that mail from external users (INBOUND) are being rejected by my mail server. The above mentioned NDR message is what external user is getting. It is with just two external users.

Yes, I whitelisted the IP and domain in the exchange server but still the issue does not go away.
0
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 500 total points
ID: 39887646
The first thing I would do is modify the NDR so it reports which blacklist it was found on. That will probably mean an NDR for each blacklist.

To do this, use a custom response code:
https://social.technet.microsoft.com/wiki/contents/articles/5071.exchange-2010-ip-block-list-providers-and-the-variables.aspx

After whitelisting, did you restart the transport service?
Are you sure you had the correct IP address that the messages are coming from? You have mentioned they are using hosted Exchange providers, do they route their OUTBOUND email from them?

Simon.
0
 
LVL 1

Author Closing Comment

by:Deorali
ID: 39903939
External user was using Office 365.  Office 365 use a range of IPs and  it so happened that IP of their outbound mail server was blacklisted on that particular day.  Following day  our mail server was able to process incoming mail from their mail server.

Thank you all for Simon and the rest for your help.
0

Featured Post

Networking for the Cloud Era

Join Microsoft and Riverbed for a discussion and demonstration of enhancements to SteelConnect:
-One-click orchestration and cloud connectivity in Azure environments
-Tight integration of SD-WAN and WAN optimization capabilities
-Scalability and resiliency equal to a data center

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Following basic email etiquette rules will help you write a professional email and achieve a good, lasting impression with your contacts.
A list of top three free exchange EDB viewers that helps the user to extract a mailbox from an unmounted .edb file and get a clear preview of all emails & other items with just a single click on mailboxes.
Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…
Polish reports in Access so they look terrific. Take yourself to another level. Equations, Back Color, Alternate Back Color. Write easy VBA Code. Tighten space to use less pages. Launch report from a menu, considering criteria only when it is filled…

792 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question