550 5.7.1 Sender ID (PRA) Not Permitted - Our record if remote.cmp.org.uk

Hi, We got this back from an outgoing email today.

"550 5.7.1 Sender ID (PRA) Not Permitted" From what I can see online and previous questions the problem needs to be resolved at the recipients exchange who we have emailed successfully in the past.

Is there a work around at out end or something Im not seeing. Full DNR below.

remote.domain.com rejected your message to the following e-mail addresses:

Chris someone (csomeone@domain.com)

remote.domain.com gave this error:
Sender ID (PRA) Not Permitted

Your message wasn't delivered due to a permission or security issue. It may have been rejected by a moderator, the address may only accept e-mail from certain senders, or another restriction may be preventing delivery.

I noticed in the message below that the emails went out from our server "CMPSERVER.CMDOMAIN.local" our domain is cmp.org.uk MX records all point to remote.cmp.org.uk or cmp.org.uk


Diagnostic information for administrators:

Generating server: CMPSERVER.CMDOMAIN.local

remote.domain.com #550 5.7.1 Sender ID (PRA) Not Permitted ##

Original message headers:

Received: from optiplex2 ( by CMPSERVER.CMDOMAIN.local
 ( with Microsoft SMTP Server (TLS) id; Fri, 31 Oct
 2014 10:55:57 +0000
X-Archetype-Title: Hilton Brighton - Tech detail & CE Cert's
X-Archetype-ProjectNo: A3806
Message-ID: <ARCHETYPE-5ad4156c-1e60-e411-a1c9-901b0e0d5d56@7-141030-102051-6053>
Thread-Topic: Hilton Brighton - Tech detail & CE Cert's
Thread-Index: 5AD4156C-1E60-E411-A1C9-901B0E0D5D56
X-Priority: 3
X-Mailer: Version 13.03 (build 13.03.4867 - component Archetype.Modules.Email) - http://www.archetype.uk.net/
MIME-Version: 1.0
Date: Fri, 31 Oct 2014 10:55:57 +0000
Subject: Hilton Brighton - Tech detail & CE Cert's
From: Irene xxxxxxx <****@cmp.org.uk>
Reply-To: <****@cmp.org.uk>
To: Chris Someone <csomeone@domain.com>
Content-Type: multipart/mixed;
Return-Path: ****@cmp.org.uk
David LoganDirectorAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Abdul Khadja AlaoudineTechnical ConsultantCommented:
Yes, the problem needs to be resolved at recepient's end. Looks like they are blocking emails from your end. This could also be recepient's server is checking your domain's SPF record and failing to find one / correct one.
Definitely your own SPF record. Therefore, either ask the recipient to solve it for you (not reasonable, as SPF is a valid filtering option), or solve it yourself by having your current faulty SPF record fixed.

Your current SPF record:

"v=spf1 include:spf.remote.cmp.org.uk -all"

but you are NOT sending from the spf.remote.cmp.org.uk host at all!
David LoganDirectorAuthor Commented:
Thanks guys,

Should I change the SPF record to cmp.org.uk ?
Determine the Perfect Price for Your IT Services

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden with our free interactive tool and use it to determine the right price for your IT services. Download your free eBook now!

That depends if your SENDING machine is really cmp.org.uk or not (having public IP Reverse DNS for is hostedc31.carrierzone.com though, so it might still fail.
To be sure, use the PUBLIC IP address of the sending machine.
David LoganDirectorAuthor Commented:
Hi I changed the spf record and ran a test on http://vamsoft.com/support/tools/spf-policy-tester using my public ip and got this return.  We send emails out direct from our cmp.org.uk sbs2011 exchange server using our public IP, which i believe the MX records point to remote.cmp.org.uk. Should this also be revised to point to cmp.org.uk?

Sorry my knowledge is very limited on SPF records.

    SPF check start.
        Domain: cmp.org.uk
    Getting SPF (TXT) record.
    Found SPF record.
    SPF policy record data:
        v=spf1 include:spf.cmp.org.uk -all
    Evaluating SPF policy:
        v=spf1 include:spf.cmp.org.uk -all
    Policy parsed OK, no warnings.
    Evaluating SPF policy string.
        Evaluating SPF mechanism "include".
            Prefix: Pass.
            Argument domain-spec: spf.cmp.org.uk
            Domain argument after macro expansion:
            SPF check start.
                Domain: spf.cmp.org.uk
            Getting SPF (TXT) record.
            Got NXDOMAIN, returning SPF Unknown.
            SPF policy evaluation finished with SPF Unknown. SPF policy was not found.
        SPF Unknown / None causes evaluation to abort with SPF Unknown.
    Finished evaluating SPF policy.
    SPF policy evaluation finished with SPF Unknown.
your SPF record should be "v=spf1 include:public_ip -all"

where you replace public_ip with your real public ip.

If you're really sure the domain name is the correct IP:

your SPF record should be "v=spf1 include:cmp.org.uk -all"

You keep putting spf in front of the hostname, making it from valid to invalid.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.