Something's wrong with this email server: mine can never reach it
Hi,
My Exchange 2016 seems to be unable to sends email to a compagny and I notice that it could be because of the header which is different then others:
Total retry attempts: 16
...@distmorissette.com
Server returned '400 4.4.7 Message delayed'
Here's the header in question:
[Contacting distmorissette.com [198.50.159.188]...]
[Connected]
220-rwh01.bigtek.org ESMTP Exim 4.91 #1 Thu, 14 Feb 2019 16:37:13 -0500
220-We do not authorize the use of this system to transport unsolicited,
220 and/or bulk e-mail.
EHLO mx1.validemail.com
My Exchange 2016 seems to be unable to sends email to a compagny and I notice that it could be because of the header which is different then others:
Total retry attempts: 16
...@distmorissette.com
Server returned '400 4.4.7 Message delayed'
Here's the header in question:
[Contacting distmorissette.com [198.50.159.188]...]
[Connected]
220-rwh01.bigtek.org ESMTP Exim 4.91 #1 Thu, 14 Feb 2019 16:37:13 -0500
220-We do not authorize the use of this system to transport unsolicited,
220 and/or bulk e-mail.
EHLO mx1.validemail.com
If you have problems figuring out how to debug this, provide...
1) IP of server initiating SMTP send.
2) From: address of message sent.
3) If you're using a relay service, specify name of service used.
1) IP of server initiating SMTP send.
2) From: address of message sent.
3) If you're using a relay service, specify name of service used.
The error is not very clear. Sometimes it's much easier to contact the IT on the other side. Could be something as simple as adding a whitelist entry (if they're willing).
220-We do not authorize the use of this system to transport unsolicited,
220 and/or bulk e-mail.
After two or three tries a greylist would probably let the email through. After 16 tries it's clear that the receiving MTA will not deliver this email.
That suggests to me that the sending domain or the sending MTA's CIDR block is on somebody's blacklist. If that is the case and they are reporting attempts to a block list, then the more you hammer on that particular site the harder that block will become.
Suggestion: Go out and check the spam blocklists and see if the sending domain or CIDR block is on one of them.
Here's five that I use. There are many more.
spamhaus.org
spamcop.net
abuseat.org
uceprotect.net
barracudacentral.org
220 and/or bulk e-mail.
After two or three tries a greylist would probably let the email through. After 16 tries it's clear that the receiving MTA will not deliver this email.
That suggests to me that the sending domain or the sending MTA's CIDR block is on somebody's blacklist. If that is the case and they are reporting attempts to a block list, then the more you hammer on that particular site the harder that block will become.
Suggestion: Go out and check the spam blocklists and see if the sending domain or CIDR block is on one of them.
Here's five that I use. There are many more.
spamhaus.org
spamcop.net
abuseat.org
uceprotect.net
barracudacentral.org
ASKER
@David Foster
1) IP of server initiating SMTP send.
69.70.105.166
2) From: address of message sent.
pjanson@maisonsusineescote
3) If you're using a relay service, specify name of service used.
Right now our email server sends it directly but in 1 week it will be Proofpoint (which you can see their spf details in my spf)
1) IP of server initiating SMTP send.
69.70.105.166
2) From: address of message sent.
pjanson@maisonsusineescote
3) If you're using a relay service, specify name of service used.
Right now our email server sends it directly but in 1 week it will be Proofpoint (which you can see their spf details in my spf)
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
add "ip4:YOURIP" to the SPF record and you'll be able to send email.
remove other records if they have no reason to send on your domain's behalf
remove other records if they have no reason to send on your domain's behalf
My guess is you'll find something wrong.
https://dmarcian.com/ provides a great toolset for this type of debugging.
To fully test your DKIM infrastructure, send an email to any Gmail address, then select the message to be read -> more -> Original Message...
Will show a DKIM pass/fail line at bottom of the message.