Solved

NDR message from email server, can't send

Posted on 2014-03-26
7
975 Views
Last Modified: 2014-03-27
I have a weird problem with emailing out.
This problem happens to only one recipient, it just started happening today.
When we send emails to him, all reaches except one with attachment and 'credit card' on subject.

I seems like the recipient email server rejects based on their spam  filtering, but the NDR message seems as it's actually from our email server(sending out).
============================================

Your message did not reach some or all of the intended recipients.

      Subject:      CREDIT CARD   XXXXXXX XXXXX  xXXXXXX
      Sent:      3/26/2014 2:13 PM

The following recipient(s) could not be reached:

      recipeint@hisdomain.com on 3/26/2014 2:13 PM
            The recipient could not be processed because it would violate the security policy in force
            <mail.mydomain.com #5.7.0 smtp;550 5.7.0 Local Policy Violation>
=======================================

As you see, the NDR message says "  <mail.mydomain.com #5.7.0 smtp;550 5.7.0 Local Policy Violation>" which seems as the problem was from our side.


We use GFI mailessential + exchange server 2003 std
0
Comment
Question by:crcsupport
  • 4
  • 3
7 Comments
 
LVL 14

Assisted Solution

by:Justin Yeung
Justin Yeung earned 500 total points
ID: 39957342
0
 
LVL 1

Author Comment

by:crcsupport
ID: 39957466
I tested sending emails to the trouble recipient, the email consisted email message with 'credit card' and 3 attachments, 1 .doc file and 2 .rtf files.
I sent sample emails;

case 1: without attachment.  OK
case 2: with attachment and subject without 'credit card' on both. NDR
case 3: with only the .doc attachment OK
case 4: with only the two .rtf attachments. NDR

So, now the email with .rtf (rich text format) attachments doesn't reach. This is filtering activity either on email server or spam filter. As we don't scan outgoing emails, I guess the recipient email server does, but still I can't convince the recipient system admins because  the NDR says (seems as) it's from our email server. How can I show their system admin if it's really from their spam filter? Because SMTP log and NDR are only that I have.

Or do I really have problem somewhere except our email server and spam filter?
0
 
LVL 1

Author Comment

by:crcsupport
ID: 39957540
The following is the exchange log I found;


2014-03-26 21:09:56 xx.xxx.xxx.xxx OutboundConnectionResponse SMTPSVC1 EXCHANG_SERV - 25 - - 220+mx0a-0015f701.pphosted.com+ESMTP+mfa-m0043804 0 0 49 0 1219 SMTP - - - -
2014-03-26 21:09:56 xx.xxx.xxx.xxx OutboundConnectionCommand SMTPSVC1 EXCHANG_SERV - 25 EHLO - mail.mydomain.com 0 0 4 0 1219 SMTP - - - -
2014-03-26 21:09:56 xx.xxx.xxx.xxx OutboundConnectionResponse SMTPSVC1 EXCHANG_SERV - 25 - - 250-mx0a-0015f701.pphosted.com+Hello+mail.mydomain.com+[AAA.AAA.AAA.AAA (my email server NAT IP)],+pleased+to+meet+you 0 0 97 0 1297 SMTP - - - -
2014-03-26 21:09:57 xx.xxx.xxx.xxx OutboundConnectionCommand SMTPSVC1 EXCHANG_SERV - 25 MAIL - FROM:<myname@mydomain.com> 0 0 4 0 2281 SMTP - - - -
2014-03-26 21:09:57 xx.xxx.xxx.xxx OutboundConnectionResponse SMTPSVC1 EXCHANG_SERV - 25 - - 250+2.1.0+Sender+ok 0 0 19 0 2375 SMTP - - - -
2014-03-26 21:09:57 xx.xxx.xxx.xxx OutboundConnectionCommand SMTPSVC1 EXCHANG_SERV - 25 RCPT - TO:<hisname@hisdomain.com> 0 0 4 0 2375 SMTP - - - -
2014-03-26 21:09:57 xx.xxx.xxx.xxx OutboundConnectionResponse SMTPSVC1 EXCHANG_SERV - 25 - - 250+2.1.5+Recipient+ok 0 0 22 0 2453 SMTP - - - -
2014-03-26 21:09:57 xx.xxx.xxx.xxx OutboundConnectionCommand SMTPSVC1 EXCHANG_SERV - 25 DATA - - 0 0 4 0 2453 SMTP - - - -
2014-03-26 21:09:57 xx.xxx.xxx.xxx OutboundConnectionResponse SMTPSVC1 EXCHANG_SERV - 25 - - 354+Enter+mail,+end+with+"."+on+a+line+by+itself 0 0 48 0 2547 SMTP - - - -
2014-03-26 21:10:04 xx.xxx.xxx.xxx OutboundConnectionResponse SMTPSVC1 EXCHANG_SERV - 25 - - 550+5.7.0+Local+Policy+Violation 0 0 32 0 8750 SMTP - - - -
2014-03-26 21:10:04 xx.xxx.xxx.xxx OutboundConnectionCommand SMTPSVC1 EXCHANG_SERV - 25 QUIT - - 0 0 4 0 9250 SMTP - - - -
2014-03-26 21:10:04 xx.xxx.xxx.xxx OutboundConnectionResponse SMTPSVC1 EXCHANG_SERV - 25 - - 221+2.0.0+mx0a-0015f701.pphosted.com+Closing+connection 0 0 55 0 9328 SMTP - - - -
0
Zoho SalesIQ

Hassle-free live chat software re-imagined for business growth. 2 users, always free.

 
LVL 14

Assisted Solution

by:Justin Yeung
Justin Yeung earned 500 total points
ID: 39957826
2014-03-26 21:10:04 xx.xxx.xxx.xxx OutboundConnectionResponse SMTPSVC1 EXCHANG_SERV - 25 - - 550+5.7.0+Local+Policy+Violation 0 0 32 0 8750 SMTP - - - -

Who's ip is that ( yours or other)
0
 
LVL 1

Author Comment

by:crcsupport
ID: 39959273
That's our IP address
0
 
LVL 1

Author Comment

by:crcsupport
ID: 39959283
But you know before that, local violation, our server is connected to their server, then local violation occurred soon  after our exchange server finished with '.' ending the outbound email. Isn't that the response from their pphosted.com (spam audit) machine, not from ours?
0
 
LVL 14

Accepted Solution

by:
Justin Yeung earned 500 total points
ID: 39959716
This is not from your server at all

It is basically doing a Helo (relay) on the recipient server via your exchange server

Your connection got closed without success

Please contact the administrator on the other end
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Email signatures have numerous marketing benefits. Here are 8 top reasons to turn your email signature into a marketing channel.
This process describes the steps required to Import and Export data from and to .pst files using Exchange 2010. We can use these steps to export data from a user to a .pst file, import data back to the same or a different user, or even import data t…
This Micro Tutorial will demonstrate the easy use of Gmail embedding images in your email so the recipient of your email can view them in context.
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

947 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now