[Dshield] Somewhat OT -- bouncing e-mails -- help needed

Stasiniewicz, Adam stasinia at msoe.edu
Sun Jan 28 23:30:57 GMT 2007


Relay denied error messages have two causes.  First, either one of your
outgoing email servers does not have your email server's IPs in their list
of allow to relay IPs.  Or the receiving system has misconfigured their
internally server relay settings.  To test, look at all the bounces you are
getting.  If they are only for a small handful of domains, then most likely
the receiving servers are having problems.  But if there are a large amount
of domains that you get relay problems, then it looks like a problem on your
end.  If that is the case, double-check your Exchange connector settings (if
you use one) and the SMTP virtual server settings.  Then check the
configuration of your smart host and firewall; as they might also be causing
problems.

Without more knowledge of how your network is setup and not being able to
see the unedited error message, it is hard to further troubleshoot a relay
problem.

Hope that helps,
Adam Stasiniewicz

-----Original Message-----
From: list-bounces at lists.dshield.org [mailto:list-bounces at lists.dshield.org]
On Behalf Of Timothy A. Holmes
Sent: Saturday, January 27, 2007 4:50 PM
To: General DShield Discussion List
Subject: [Dshield] Somewhat OT -- bouncing e-mails -- help needed

Hi folks:

I am totally at my wits end here on this:

Our administrator and some of our teachers use outlook e-mail
distribution lists a lot, and we have been having a LOT of trouble with
bouncing e-mails.  The bounce pattern is totally random -- I used a list
of names that he sent me and sent out 2 messages about half an hour
apart - I got DIFFERENT bounces than he got.


Our server is a windows 2003 server exchange (part of active directory)
which we host ourselves, and is physically located on our premises.  As
far as I know its clean (who can be sure with windows) the bounce
messages are predominantly 550 relaying denied messages, ive included 2
below (addresses removed to protect the innocent)

We (and our ISP) have checked the block lists setc, and we are finding
nothing there.  Im fresh out of ideas and could really use some help /
guidance etc



------------------------------------------(bounce message
1)---------------------------------------
Your message did not reach some or all of the intended recipients.

      Subject:	FW: Irishman
      Sent:	1/12/2007 9:26 AM

The following recipient(s) could not be reached:

      XXXXXXXX at YYYYYYYYYYY.com on 1/12/2007 9:26 AM
            You do not have permission to send to this recipient.  For
assistance, contact your system administrator.
            <srvexch-01.mcaschool.local #5.7.1 smtp;501 5.7.1 This
system is not configured to relay mail (r) from
<RRRRR.RRRRRRRR at mcaschool.net> to <XXXXXXXXXXXXX.YYYYYYYYYYYYYYY.com>
for 24.239.210.32>


-----------------------------------------(bounce message
2)----------------------------------------

Your message did not reach some or all of the intended recipients.

      Subject:	This is a second test message
      Sent:	1/27/2007 2:12 PM

The following recipient(s) could not be reached:

      KKKKKKKKKKKKKK at FFFFFFFFFFFFFFFFF.com on 1/27/2007 2:12 PM
            There was a SMTP communication problem with the recipient's
email server.  Please contact your system administrator.
            <srvexch-01.mcaschool.local #5.5.0 smtp;571
KKKKKKKKKKKKK at FFFFFFFFFFFFFF.com prohibited. We do not relay>


------------------------------------------------------------------------
---------------------------

Tim Holmes
IT Manager / Webmaster / Teacher

Medina Christian Academy
A Higher Standard... 


_________________________________________

SANS 2007 March 29 - April 6 in San Diego, CA offers 52 Courses
taught by our top rated instructors plus a huge vendor tools expo.
Register Today! http://www.sans.org/info/2501 (BROCHURECODE: ISC)


More information about the list mailing list