Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

NDR message from email server, can't send

Posted on 2014-03-26
7
Medium Priority
?
1,059 Views
Last Modified: 2014-03-27
I have a weird problem with emailing out.
This problem happens to only one recipient, it just started happening today.
When we send emails to him, all reaches except one with attachment and 'credit card' on subject.

I seems like the recipient email server rejects based on their spam  filtering, but the NDR message seems as it's actually from our email server(sending out).
============================================

Your message did not reach some or all of the intended recipients.

      Subject:      CREDIT CARD   XXXXXXX XXXXX  xXXXXXX
      Sent:      3/26/2014 2:13 PM

The following recipient(s) could not be reached:

      recipeint@hisdomain.com on 3/26/2014 2:13 PM
            The recipient could not be processed because it would violate the security policy in force
            <mail.mydomain.com #5.7.0 smtp;550 5.7.0 Local Policy Violation>
=======================================

As you see, the NDR message says "  <mail.mydomain.com #5.7.0 smtp;550 5.7.0 Local Policy Violation>" which seems as the problem was from our side.


We use GFI mailessential + exchange server 2003 std
0
Comment
Question by:crcsupport
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
7 Comments
 
LVL 14

Assisted Solution

by:Justin Yeung
Justin Yeung earned 2000 total points
ID: 39957342
0
 
LVL 1

Author Comment

by:crcsupport
ID: 39957466
I tested sending emails to the trouble recipient, the email consisted email message with 'credit card' and 3 attachments, 1 .doc file and 2 .rtf files.
I sent sample emails;

case 1: without attachment.  OK
case 2: with attachment and subject without 'credit card' on both. NDR
case 3: with only the .doc attachment OK
case 4: with only the two .rtf attachments. NDR

So, now the email with .rtf (rich text format) attachments doesn't reach. This is filtering activity either on email server or spam filter. As we don't scan outgoing emails, I guess the recipient email server does, but still I can't convince the recipient system admins because  the NDR says (seems as) it's from our email server. How can I show their system admin if it's really from their spam filter? Because SMTP log and NDR are only that I have.

Or do I really have problem somewhere except our email server and spam filter?
0
 
LVL 1

Author Comment

by:crcsupport
ID: 39957540
The following is the exchange log I found;


2014-03-26 21:09:56 xx.xxx.xxx.xxx OutboundConnectionResponse SMTPSVC1 EXCHANG_SERV - 25 - - 220+mx0a-0015f701.pphosted.com+ESMTP+mfa-m0043804 0 0 49 0 1219 SMTP - - - -
2014-03-26 21:09:56 xx.xxx.xxx.xxx OutboundConnectionCommand SMTPSVC1 EXCHANG_SERV - 25 EHLO - mail.mydomain.com 0 0 4 0 1219 SMTP - - - -
2014-03-26 21:09:56 xx.xxx.xxx.xxx OutboundConnectionResponse SMTPSVC1 EXCHANG_SERV - 25 - - 250-mx0a-0015f701.pphosted.com+Hello+mail.mydomain.com+[AAA.AAA.AAA.AAA (my email server NAT IP)],+pleased+to+meet+you 0 0 97 0 1297 SMTP - - - -
2014-03-26 21:09:57 xx.xxx.xxx.xxx OutboundConnectionCommand SMTPSVC1 EXCHANG_SERV - 25 MAIL - FROM:<myname@mydomain.com> 0 0 4 0 2281 SMTP - - - -
2014-03-26 21:09:57 xx.xxx.xxx.xxx OutboundConnectionResponse SMTPSVC1 EXCHANG_SERV - 25 - - 250+2.1.0+Sender+ok 0 0 19 0 2375 SMTP - - - -
2014-03-26 21:09:57 xx.xxx.xxx.xxx OutboundConnectionCommand SMTPSVC1 EXCHANG_SERV - 25 RCPT - TO:<hisname@hisdomain.com> 0 0 4 0 2375 SMTP - - - -
2014-03-26 21:09:57 xx.xxx.xxx.xxx OutboundConnectionResponse SMTPSVC1 EXCHANG_SERV - 25 - - 250+2.1.5+Recipient+ok 0 0 22 0 2453 SMTP - - - -
2014-03-26 21:09:57 xx.xxx.xxx.xxx OutboundConnectionCommand SMTPSVC1 EXCHANG_SERV - 25 DATA - - 0 0 4 0 2453 SMTP - - - -
2014-03-26 21:09:57 xx.xxx.xxx.xxx OutboundConnectionResponse SMTPSVC1 EXCHANG_SERV - 25 - - 354+Enter+mail,+end+with+"."+on+a+line+by+itself 0 0 48 0 2547 SMTP - - - -
2014-03-26 21:10:04 xx.xxx.xxx.xxx OutboundConnectionResponse SMTPSVC1 EXCHANG_SERV - 25 - - 550+5.7.0+Local+Policy+Violation 0 0 32 0 8750 SMTP - - - -
2014-03-26 21:10:04 xx.xxx.xxx.xxx OutboundConnectionCommand SMTPSVC1 EXCHANG_SERV - 25 QUIT - - 0 0 4 0 9250 SMTP - - - -
2014-03-26 21:10:04 xx.xxx.xxx.xxx OutboundConnectionResponse SMTPSVC1 EXCHANG_SERV - 25 - - 221+2.0.0+mx0a-0015f701.pphosted.com+Closing+connection 0 0 55 0 9328 SMTP - - - -
0
Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

 
LVL 14

Assisted Solution

by:Justin Yeung
Justin Yeung earned 2000 total points
ID: 39957826
2014-03-26 21:10:04 xx.xxx.xxx.xxx OutboundConnectionResponse SMTPSVC1 EXCHANG_SERV - 25 - - 550+5.7.0+Local+Policy+Violation 0 0 32 0 8750 SMTP - - - -

Who's ip is that ( yours or other)
0
 
LVL 1

Author Comment

by:crcsupport
ID: 39959273
That's our IP address
0
 
LVL 1

Author Comment

by:crcsupport
ID: 39959283
But you know before that, local violation, our server is connected to their server, then local violation occurred soon  after our exchange server finished with '.' ending the outbound email. Isn't that the response from their pphosted.com (spam audit) machine, not from ours?
0
 
LVL 14

Accepted Solution

by:
Justin Yeung earned 2000 total points
ID: 39959716
This is not from your server at all

It is basically doing a Helo (relay) on the recipient server via your exchange server

Your connection got closed without success

Please contact the administrator on the other end
0

Featured Post

Are You Ready for GDPR?

With the GDPR deadline set for May 25, 2018, many organizations are ill-prepared due to uncertainty about the criteria for compliance. According to a recent WatchGuard survey, a staggering 37% of respondents don't even know if their organization needs to comply with GDPR. Do you?

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Phishing attempts can come in all forms, shapes and sizes. No matter how familiar you think you are with them, always remember to take extra precaution when opening an email with attachments or links.
Preparing an email is something we should all take special care with – especially when the email is for somebody you may not know very well. The pressures of everyday working life stacked with a hectic office environment can make this a real challen…
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…

715 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question