Solved

550 5.7.1 Sender ID (PRA) Not Permitted - Our record if remote.cmp.org.uk

Posted on 2014-11-10
7
425 Views
Last Modified: 2014-11-12
Hi, We got this back from an outgoing email today.

"550 5.7.1 Sender ID (PRA) Not Permitted" From what I can see online and previous questions the problem needs to be resolved at the recipients exchange who we have emailed successfully in the past.

Is there a work around at out end or something Im not seeing. Full DNR below.

remote.domain.com rejected your message to the following e-mail addresses:

Chris someone (csomeone@domain.com)


remote.domain.com gave this error:
Sender ID (PRA) Not Permitted


Your message wasn't delivered due to a permission or security issue. It may have been rejected by a moderator, the address may only accept e-mail from certain senders, or another restriction may be preventing delivery.

I noticed in the message below that the emails went out from our server "CMPSERVER.CMDOMAIN.local" our domain is cmp.org.uk MX records all point to remote.cmp.org.uk or cmp.org.uk

Thanks.






Diagnostic information for administrators:

Generating server: CMPSERVER.CMDOMAIN.local

Csomeone@domain.com
remote.domain.com #550 5.7.1 Sender ID (PRA) Not Permitted ##

Original message headers:

Received: from optiplex2 (172.16.1.22) by CMPSERVER.CMDOMAIN.local
 (172.16.1.100) with Microsoft SMTP Server (TLS) id 14.3.210.2; Fri, 31 Oct
 2014 10:55:57 +0000
X-Archetype-Title: Hilton Brighton - Tech detail & CE Cert's
X-Archetype-ProjectNo: A3806
Message-ID: <ARCHETYPE-5ad4156c-1e60-e411-a1c9-901b0e0d5d56@7-141030-102051-6053>
Thread-Topic: Hilton Brighton - Tech detail & CE Cert's
Thread-Index: 5AD4156C-1E60-E411-A1C9-901B0E0D5D56
X-Priority: 3
X-Mailer: Version 13.03 (build 13.03.4867 - component Archetype.Modules.Email) - http://www.archetype.uk.net/
MIME-Version: 1.0
Date: Fri, 31 Oct 2014 10:55:57 +0000
Subject: Hilton Brighton - Tech detail & CE Cert's
From: Irene xxxxxxx <****@cmp.org.uk>
Reply-To: <****@cmp.org.uk>
To: Chris Someone <csomeone@domain.com>
Content-Type: multipart/mixed;
      boundary="------------040601060500000600040200"
Return-Path: ****@cmp.org.uk
0
Comment
Question by:dlogan83
  • 3
  • 2
7 Comments
 
LVL 5

Expert Comment

by:Abdul Khadja Alaoudine
ID: 40432252
Yes, the problem needs to be resolved at recepient's end. Looks like they are blocking emails from your end. This could also be recepient's server is checking your domain's SPF record and failing to find one / correct one.
0
 
LVL 35

Expert Comment

by:Kimputer
ID: 40432362
Definitely your own SPF record. Therefore, either ask the recipient to solve it for you (not reasonable, as SPF is a valid filtering option), or solve it yourself by having your current faulty SPF record fixed.

Your current SPF record:

"v=spf1 include:spf.remote.cmp.org.uk -all"

but you are NOT sending from the spf.remote.cmp.org.uk host at all!
0
 

Author Comment

by:dlogan83
ID: 40432373
Thanks guys,

Should I change the SPF record to cmp.org.uk ?
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 35

Expert Comment

by:Kimputer
ID: 40432383
That depends if your SENDING machine is really cmp.org.uk or not (having public IP 209.235.144.9). Reverse DNS for 209.235.144.9 is hostedc31.carrierzone.com though, so it might still fail.
To be sure, use the PUBLIC IP address of the sending machine.
0
 

Author Comment

by:dlogan83
ID: 40432436
Hi I changed the spf record and ran a test on http://vamsoft.com/support/tools/spf-policy-tester using my public ip and got this return.  We send emails out direct from our cmp.org.uk sbs2011 exchange server using our public IP, which i believe the MX records point to remote.cmp.org.uk. Should this also be revised to point to cmp.org.uk?

Sorry my knowledge is very limited on SPF records.



    SPF check start.
        Domain: cmp.org.uk
    Getting SPF (TXT) record.
    Found SPF record.
    SPF policy record data:
        v=spf1 include:spf.cmp.org.uk -all
    Evaluating SPF policy:
        v=spf1 include:spf.cmp.org.uk -all
    Policy parsed OK, no warnings.
    Evaluating SPF policy string.
        Evaluating SPF mechanism "include".
            Prefix: Pass.
            Argument domain-spec: spf.cmp.org.uk
            Domain argument after macro expansion:
                spf.cmp.org.uk
            SPF check start.
                Domain: spf.cmp.org.uk
            Getting SPF (TXT) record.
            Got NXDOMAIN, returning SPF Unknown.
            SPF policy evaluation finished with SPF Unknown. SPF policy was not found.
        SPF Unknown / None causes evaluation to abort with SPF Unknown.
    Finished evaluating SPF policy.
    SPF policy evaluation finished with SPF Unknown.
0
 
LVL 35

Accepted Solution

by:
Kimputer earned 500 total points
ID: 40432469
your SPF record should be "v=spf1 include:public_ip -all"

where you replace public_ip with your real public ip.

If you're really sure the domain name is the correct IP:

your SPF record should be "v=spf1 include:cmp.org.uk -all"

You keep putting spf in front of the hostname, making it from valid to invalid.
0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Lotus Notes – formerly IBM Notes – is an email client application, while IBM Domino (earlier Lotus Domino) is an email server. The client possesses a set of features that are even more advanced as compared to that of Outlook. Likewise, IBM Domino is…
Learn to move / copy / export exchange contacts to iPhone without using any software. Also see the issues in configuration of exchange with iPhone to migrate contacts.
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…

785 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question