Solved

Email Getting Rejected But Not Blacklisted

Posted on 2014-09-24
19
4,305 Views
1 Endorsement
Last Modified: 2014-09-24
A lot of our outgoing mail is getting rejected by recipient servers.  I originally thought we were blacklisted but checking with all of the lists, it doesn't look like we are.  We have virus checking on our spam filter and it is not seeing anything.

We are using Exchange 2007 and a Barracuda Spam & Virus Firewall.

Some of the return errors:
This message has been rejected due to content judged to be spam by the internet community??IB212 <http://x.co/crbounce>

554 Email rejected due to security policies - http://kb.mimecast.com/Mimecast_Knowledge_Base/Administration_Console/Monitoring/Mimecast_SMTP_Error_Codes#554

said: 554 Denied

Thank you for any help you can provide.
1
Comment
Question by:tjking45
  • 9
  • 6
  • 3
  • +1
19 Comments
 
LVL 7

Expert Comment

by:Satyendra Sharma
ID: 40342428
Are you also scanning your outbound email traffic as well?
Have you checked on your connecting IP's to see if they are listed on any RBL's or something?
Do you have a on-prem antivirus/antispam or is it hosted solution?
0
 
LVL 7

Expert Comment

by:Satyendra Sharma
ID: 40342434
Test your connecting IP for all the outbound email traffic - http://mxtoolbox.com/blacklists.aspx
0
 

Author Comment

by:tjking45
ID: 40342445
Yes, we are scanning outgoing email through the spam filter.
I just checked all of the destination IPs and they appear to be clean.
Our spam filter is on-premise.
0
 

Author Comment

by:tjking45
ID: 40342450
I checked with Mxtoolbox and I get all green checkmarks all the way down.
0
 
LVL 7

Expert Comment

by:Satyendra Sharma
ID: 40342458
have you tried sending email from your corp account to hotmail and see if it gets delivered?
or this is a specific recipient domain who is complianing?

Do you have a actual NDR and message header info?
0
 

Author Comment

by:tjking45
ID: 40342463
Not all emails are getting blocked, only to a handful of domains.  GoDaddy (secureserver) is one of them, I tried to whitelist with them and they say we are not currently blocked.

I do have several NDR messages.  Here is one:
#< #5.0.0 X-Spam-&-Virus-Firewall; host presmtp.ex2.secureserver.net[68.178.213.37] said: 552 5.2.0 v4S71o00y0N3D3C01 - v4S71o00y0N3D3C014S7R4 This message has been rejected due to content judged to be spam by the internet community??IB212 <http://x.co/crbounce> (in reply to end of DATA command)> #SMTP#

Let me know if that is what you are talking about.
0
 

Author Comment

by:tjking45
ID: 40342474
Here is another:

#< #5.0.0 X-Spam-&-Virus-Firewall; host service109-us.mimecast.com[207.211.31.85] said: 554 Email rejected due to security policies - http://kb.mimecast.com/Mimecast_Knowledge_Base/Administration_Console/Monitoring/Mimecast_SMTP_Error_Codes#554 (in reply to end of DATA command)> #SMTP#
0
 
LVL 7

Expert Comment

by:Satyendra Sharma
ID: 40342496
552 This message has been rejected due to content judged to be spam by the Internet community.

The email message contains a link, attachment, or pattern caught by our filters as spam.      Please include an option to opt out in your email messages. Then check your sending lists to ensure you are only sending to recipients who have selected to opt in to receiving your mail. If you feel this message has been flagged as spam erroneously, please be sure to obtain a copy of the original message attempting to be sent, and then contact support.

Source - https://support.godaddy.com/help/article/3568/dealing-with-email-bouncebacks

Are there any kind of special attachment or url in the bounced messages? Are all messages to godaddy failing?
0
 
LVL 27

Expert Comment

by:davorin
ID: 40342524
Do you have correctly specified reverse DNS and SPF records?
0
Want to promote your upcoming event?

Are you going to an event? Are you going to be exhibiting at a tradeshow? Talking at a conference? Using a promotional banner in your email signature ensures that your organization’s most important contacts stay in the know and can potentially spread the word about the event.

 

Author Comment

by:tjking45
ID: 40342545
There are no special attachments or URLs.  One of the emails had a basic 1 page PDF.

Another thing... it's not just limited to the recipient.  If the sender (my co-worker) forwards the email to me, I can forward the email to the recipient without issue.

We have about 5 senders in the office today that just started having issues.  Everyone else seems to be fine.
0
 

Author Comment

by:tjking45
ID: 40342599
Looks like Reverse DNS is correct, but maybe an issue with SPF?

spf:
Test      Result      
X      SPF No Records                  No SPF records found                        More Info
OK      SPF Record Deprecated      There are no records of type SPF      
OK      SPF Invalid Syntax            The SPF record is valid      
OK      SPF Multiple Records            Less than two SPF records found
0
 
LVL 7

Expert Comment

by:Satyendra Sharma
ID: 40342602
Add your connecting IP for outbound email traffic in your SPF and that should make a difference or resolve this issue.
0
 

Author Comment

by:tjking45
ID: 40342619
I'm not exactly sure how to do that.  It's the IT director (my boss) that handles the web hosting and he's not in the office.  

Is that in the web host settings?
0
 
LVL 7

Expert Comment

by:Satyendra Sharma
ID: 40342669
Its a text file that sits in the dns if your dns his hosted then you will login into the portal and modify the text file.

Here is a url provided by microsoft on SPF record creation - http://www.microsoft.com/mscorp/safety/content/technologies/senderid/wizard/
0
 
LVL 27

Expert Comment

by:davorin
ID: 40342811
So this is not the cause of your issues. Focus on other things and you may take care of this later.

It looks that you don't have configured SPF records.
While it is good to have SFP records, it is better not to have them than have them mis-configured. They are saying from which servers can be sent mails with your domain. It is used to protect your domain from mail spoofing.
0
 
LVL 27

Expert Comment

by:davorin
ID: 40342847
Were the problematic mails send to multiple recipients?
0
 
LVL 1

Accepted Solution

by:
Joe Mika earned 500 total points
ID: 40342872
I have seen this lately with Gmail.  For some reason if you embed a URL in the message, especially in the signature line it seems to bounce mails.
0
 

Author Comment

by:tjking45
ID: 40342883
Some of the bouncebacks came from an email with many recipients while others came from emails with just one recipient.

I am having them try sending without their signature.  (Our signature has several links embedded).
0
 

Author Closing Comment

by:tjking45
ID: 40342980
Joe - I think you solved it!  If we remove their signature, the email goes through fine.  So I started deleting parts of the signature one at a time to see when it would actually send.  

***There was a small Google+ icon with an embedded bit.ly link.  As soon as I deleted that, the email gets delivered every time.
0

Featured Post

Free book by J.Peter Bruzzese, Microsoft MVP

Are you using Office 365? Trying to set up email signatures but you’re struggling with transport rules and connectors? Let renowned Microsoft MVP J.Peter Bruzzese show you how in this exclusive e-book on Office 365 email signatures. Better yet, it’s free!

Join & Write a Comment

Exchange server is not supported in any cloud-hosted platform (other than Azure with Azure Premium Storage).
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
In this video we show how to create a mailbox database in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Servers >> Data…
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now