email bouncing back

We have a single exchange 2016 server running on a Windows 2012 (std) server under hyperv, which appears to be working OK.

Unfortunately, we have on recipient who does not receive or mail, and we get a bounce back, as follows :-

mx1416.ess.rzc.cudaops.com rejected your message to the following email addresses:
Jon Pinder (JPin***@*********.co.uk)
Your message couldn't be delivered and there was no valid enhanced status code being issued by the remote mail system to determine the exact cause, status: '550 permanent failure for one or more recipients (jpin***@*********.co.uk:blocked)'.
mx1416.ess.rzc.cudaops.com gave this error:
permanent failure for one or more recipients (jpin***@*********.co.uk:blocked)

Diagnostic information for administrators:
Generating server: exch2016.******.local
JPin***@*********.co.uk
mx1416.ess.rzc.cudaops.com
Remote Server returned '550 permanent failure for one or more recipients (jpin***@*********.co.uk:blocked)'
Original message headers:
Received: from exch2016.******.local (192.***.**.223) by exch2016.******.local
 (192.***.**.223) with Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.544.27; Wed, 26
 Oct 2016 15:13:05 +0100
Received: from exch2016.******.local ([fe80::4a1:ffb0:8292:d868]) by
 exch2016.******.local ([fe80::4a1:****:8292:d868%12]) with mapi id
 15.01.0544.027; Wed, 26 Oct 2016 15:13:05 +0100
From: nic** <nic**@******-******.co.uk>
To: J** Pin*** <JPin***@*********.co.uk>
Subject: RE:
Thread-Index: AQHSL5LqAARXhrh+vkSr0nov8vAbnqC6xrdw
Date: Wed, 26 Oct 2016 14:13:05 +0000
Message-ID: <355fa14881234da186171a611ae60fd5@******-*******.co.uk>
References: <OF37DC72C3.5B4E3A93-ON80258058.004DF9A5-80258058.004E031B@*********.co.uk>
In-Reply-To: <OF37DC72C3.5B4E3A93-ON80258058.004DF9A5-80258058.004E031B@*********.co.uk>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-originating-ip: [192.***.**.8]
Content-Type: multipart/mixed;
        boundary="_005_355fa14881234da186171a611ae60fd5**********couk_"
MIME-Version: 1.0


Can anyone give me any suggestions as to where this is becoming a problem, as my first instinct was that their SPAM server was rejecting it??

They assure me that it is not, but dont understand the NDR,

Can anyone help?

Many thanks
LVL 1
nigelbeatsonAsked:
Who is Participating?
 
Jason CrawfordConnect With a Mentor Transport NinjaCommented:
I think the recipient MTA is definitely the culprit in this instance because of this line in the NDR:

mx1416.ess.rzc.cudaops.com rejected your message to the following email addresses:
Jon Pinder (JPin***@*********.co.uk)

I'm assuming mx1416.ess.rzc.cudaops.com is the recipient, correct?  It also looks like email to the specific email address was blocked:

Remote Server returned '550 permanent failure for one or more recipients (jpin***@*********.co.uk:blocked)'

Can you re-engage the recipient's IT dept?
0
 
Nick RhodeIT DirectorCommented:
Perhaps the domain is not whitelisted on the spam filter? or the user needs to be added to the filter in order to send mail etc
0
 
nigelbeatsonAuthor Commented:
They tell me that the mail is not reaching them?

Is there any way to tell from the NDR?

I am unaware we have to whitelist domains at our end to send them out? We are using Vamsoft ORF here, and have not whitelisted outgoing mail before?
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
JohnBusiness Consultant (Owner)Commented:
I have seen this a while back and spam was not the issue. In this case it was an old DNS record. Updating the DNS server addresses to a newer DNS server fixed the issue.
0
 
nigelbeatsonAuthor Commented:
Thanks everyone.

I have no idea who mx1416.ess.rzc.cudaops.com is. It is not anything like the domain name of the destination host?

Not sure what you mean John about updating the DNS server addresses? It only affects one recipient, which is why I thought it must be their server. Having said that the server aparently rejecting it is unknown to me, Im just bemused!

We have spoken with their IT, and they just say its our server, Not very helpful Im afraid.
0
 
Jason CrawfordTransport NinjaCommented:
Their IT is incorrect.  If you have protocol logging enabled on your Send Connector we could use transport logs to further prove our point, but really all the evidence they need is right there in the NDR.  Here is another forum post for that same server:

https://community.spiceworks.com/topic/750013-email-rejected-quarantined-when-sending-to-particular-domain
0
 
nigelbeatsonAuthor Commented:
ok thanks.

i could understand it if i could see their mail server was the one named in the ndr. but who is mx1416.ess.rzc.cudaops.com??

this appears to be the server rejecting it, but how do we identify where / what this is?

i think they are just looking at it and saying "it's not us"?

thanks
0
 
Jason CrawfordTransport NinjaCommented:
What is the MX record for the recipient domain?
0
 
nigelbeatsonAuthor Commented:
the mx record is indicated as :-

d79972a.ess.barracudanetworks.com
0
 
nigelbeatsonAuthor Commented:
I realised that the "cuda" part of the server which refused it, indicated it was their 3rd party mail services server which was rejecting the message.

Many thanks to all.
0
 
Claude RoxboroughCommented:
Sender needs to tell their IT department as the senders system is believing the sent email to be phishing threats.  The recipients need to be whitelisted on the senders system.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.