Weird Exchange Server message  | | | 
February 21st, 2002, 09:20 AM
|
#1 (permalink)
| | Senior Member
Join Date: Oct 2001 Location: New Hampshire, USA
Posts: 641
| Weird Exchange Server message
I am receiving a strange error message concerning delivery of e-mail to **recipient**@**domain name**.ch'
Your message did not reach some or all of the intended recipients.
Subject: test message
Sent: 2/21/2002 9:04 AM
The following recipient(s) could not be reached:
'**recipient**@**domain name**.ch' on 2/21/2002 9:05 AM
Unable to deliver the message due to a communications failure
The MTS-ID of the original message is: c=US;a= ;p=**our company's name**;l=**our mail server's name**
MSEXCH:IMS:**company name**:**our mail server's name**3501 (000B09AA) 501 mail not accepted from blacklisted
IP address
I have never encountered the "blacklisted IP address" error before and know that there are no IP address restrictions in the Exchange server settings.
has anyone else seen this 501 error before? | 
|  | |
February 21st, 2002, 09:28 AM
|
#2 (permalink)
| | Ultimate Member
Join Date: Oct 2001 Location: Queen Creek, AZ
Posts: 1,480
|
Sounds like an outgoing E-mail got blocked on the far end... Quote:
501 mail not accepted from blacklisted
IP address
| Sounds like either your IP or network is on a black hole list (go to www.samspade.org to check ) or someone maually blocked the exchange server's IP and or IP block.. You may have to contact the admins at the other end to find out. If you have been blacklisted... how secure are your passwords for admin and user accounts and do you have an open-relay?? | |
| | |
February 21st, 2002, 09:31 AM
|
#3 (permalink)
| | Member
Join Date: Oct 2001 Location: New York, New York
Posts: 258
|
Is the recipient using some sort of firewall or internet mail firewall that is blocking your company's ip? Maybe mistaking your ip as spam. Try to email the person from an internet account(non exchange) to see if they are aware of any problems. | |
| | |
February 21st, 2002, 09:36 AM
|
#4 (permalink)
| | Senior Member
Join Date: Oct 2001 Location: New Hampshire, USA
Posts: 641
|
I thought MS Exchange server 501 errors had to do with the local mail server finding an invalid syntax with the TO: address of the e-mail - is this correct?
Could it be that the most recent service pack for Exchange server changed the error message of "invalid syntax" to "blacklisted IP"? | |
| | |
February 21st, 2002, 10:19 AM
|
#5 (permalink)
| | Senior Member
Join Date: Oct 2001 Location: New Hampshire, USA
Posts: 641
|
AzKidd69, you were dead on. We were added to a black hole list referenced through samspade.org.
Sometime last year someone hacked through and started forwarding mail through our SMTP server for a few hours before we could block it. Apparently this compromise meant that our IP was traced back as a source for some of those mailings and we were then added to a blacklist.
As the SMTP forwarding problem has been resolved on our side, it looks like the fastest way to resolve the blacklisted IP problem is to change the IP associated with our domain mail server and modify the MX records accordingly. We will try and run multiple MX records for the mail server to ensure backwards compatibility between DNS records pointing to the old IP and the new IP. Hopefully this will prevent eliminate any mail blockages during the transition phase of this operation
Thanks for your help.
Last edited by ctaylor : February 21st, 2002 at 10:22 AM.
| |
| | |
February 21st, 2002, 10:40 AM
|
#6 (permalink)
| | Ultimate Member
Join Date: Oct 2001 Location: Queen Creek, AZ
Posts: 1,480
|
Kewl.. thanks for letting us know what was up and that you figured out the problem.
And yeah I would say when you were getting used as a relay definitely would put you on the black-hole list pretty quick | |
| | |
February 21st, 2002, 11:34 AM
|
#7 (permalink)
| | Senior Member
Join Date: Oct 2001 Location: New Hampshire, USA
Posts: 641
|
it definitely looks like removing our IP from the various and sundry organizations who have blacklisted us is quite the chore..... | |
| | |
February 22nd, 2002, 11:52 AM
|
#8 (permalink)
| | Member
Join Date: Oct 2001 Location: Houston, BY GOD, Texas
Posts: 98
|
More than likely, someone used your email server as a relay to spam and you got busted for it.
Their web site is: http://mail-abuse.org/rbl/
They have a procedure for verifying that your server cannot be "raped" again. They have much information on how to secure servers as well.
Joel "Doc" Hopper
[Doc] It appears that AZ and I had the same idea. We were talking about it in the IRC channel and decided to post at the same time. I do not know if you looked at the MAPS list yet is why I mentioned it.[/Doc]
Last edited by DocHopper : February 22nd, 2002 at 11:55 AM.
| |
| | |
February 22nd, 2002, 11:52 AM
|
#9 (permalink)
| | Ultimate Member
Join Date: Oct 2001 Location: Queen Creek, AZ
Posts: 1,480
|
lol Doc.. ya beat me to it.. | |
| | |
February 22nd, 2002, 12:30 PM
|
#10 (permalink)
| | Not Really a Member
Join Date: Oct 2001
Posts: 26,164
|
was also thinking maybe he got heisted  lol or maybe that he had smtp forwarding turned on.
Typically a good mail server will keep trying to send mail for a few days before giving up, so if it gets the wrong IP it should just hold it and keep trying for a few days by then the DNS will have replicated and it will be able to send smoothly 
Or maybe your ISP will route the email for you to the new IP. | 
| | | Thread Tools | Search this Thread | | | | |
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests) | | | | Most Active Discussions  | | | | |   Recent Discussions  | | | | |
 |
hardware
prices 
