Something's wrong with this email server: mine can never reach it

philjans
philjans used Ask the Experts™
on
Hi,
My Exchange 2016 seems to be unable to sends email to a compagny and I notice that it could be because of the header which is different then others:
Total retry attempts: 16

...@distmorissette.com
Server returned '400 4.4.7 Message delayed'

Here's the header in question:
[Contacting distmorissette.com [198.50.159.188]...]
[Connected]
220-rwh01.bigtek.org ESMTP Exim 4.91 #1 Thu, 14 Feb 2019 16:37:13 -0500
220-We do not authorize the use of this system to transport unsolicited,
220 and/or bulk e-mail.
EHLO mx1.validemail.com
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
David FavorFractional CTO
Distinguished Expert 2018

Commented:
Likely best to do an audit of your SPF + DKIM + DMARC infrastructure.

My guess is you'll find something wrong.

https://dmarcian.com/ provides a great toolset for this type of debugging.

To fully test your DKIM infrastructure, send an email to any Gmail address, then select the message to be read -> more -> Original Message...

Will show a DKIM pass/fail line at bottom of the message.
David FavorFractional CTO
Distinguished Expert 2018

Commented:
If you have problems figuring out how to debug this, provide...

1) IP of server initiating SMTP send.

2) From: address of message sent.

3) If you're using a relay service, specify name of service used.

Commented:
The error is not very clear. Sometimes it's much easier to contact the IT on the other side. Could be something as simple as adding a whitelist entry (if they're willing).
Ensure you’re charging the right price for your IT

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden using our free interactive tool and use it to determine the right price for your IT services. Start calculating Now!

Dr. KlahnPrincipal Software Engineer

Commented:
220-We do not authorize the use of this system to transport unsolicited,
220 and/or bulk e-mail.


After two or three tries a greylist would probably let the email through.  After 16 tries it's clear that the receiving MTA will not deliver this email.

That suggests to me that the sending domain or the sending MTA's CIDR block is on somebody's blacklist.  If that is the case and they are reporting attempts to a block list, then the more you hammer on that particular site the harder that block will become.

Suggestion:  Go out and check the spam blocklists and see if the sending domain or CIDR block is on one of them.

Here's five that I use.  There are many more.

spamhaus.org
spamcop.net
abuseat.org
uceprotect.net
barracudacentral.org

Author

Commented:
@David Foster
1) IP of server initiating SMTP send.
69.70.105.166

2) From: address of message sent.
pjanson@maisonsusineescote.com

3) If you're using a relay service, specify name of service used.
Right now our email server sends it directly but in 1 week it will be Proofpoint (which you can see their spf details in my spf)
your spf records is the following

~$ host -t txt XXXXXXXXXXXXXXX
XXXXXXXXXXXXX descriptive text "v=spf1 mx a include:interspireSPF.smtp.com a:dispatch-us.ppe-hosted.com include:retailspf.smtp.com ~all"

which breaks down as

interspireSPF.smtp.com descriptive text "v=spf1 ip4:192.40.160.0/19 ~all" ==> that is not your IP

retailspf.smtp.com descriptive text "v=spf1 ip4:192.40.160.0/19 ip4:74.91.80.0/20 ~all" ===> not you either

the final "~all" instructs the server to delay all mail

you need to add ip:YOURIP to the spf record

$ host dispatch-us.ppe-hosted.com
dispatch-us.ppe-hosted.com has address 67.231.154.189
dispatch-us.ppe-hosted.com has address 148.163.129.56
dispatch-us.ppe-hosted.com has address 148.163.129.63
dispatch-us.ppe-hosted.com has address 67.231.154.164
dispatch-us.ppe-hosted.com has address 148.163.129.52
dispatch-us.ppe-hosted.com has address 67.231.154.188
dispatch-us.ppe-hosted.com has address 67.231.154.186
dispatch-us.ppe-hosted.com has address 148.163.129.58
dispatch-us.ppe-hosted.com has address 67.231.154.187
dispatch-us.ppe-hosted.com has address 67.231.154.184
dispatch-us.ppe-hosted.com has address 148.163.129.62
dispatch-us.ppe-hosted.com has address 148.163.129.48
dispatch-us.ppe-hosted.com has address 67.231.154.183
dispatch-us.ppe-hosted.com has address 148.163.129.53
dispatch-us.ppe-hosted.com has address 67.231.154.165
dispatch-us.ppe-hosted.com has address 148.163.129.49

==> not you either

...

"~all" at the end means defer everything"
add "ip4:YOURIP" to the SPF record and you'll be able to send email.

remove other records if they have no reason to send on your domain's behalf

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial