Exchange email problem (S25R) Rule
Results 1 to 9 of 9

Thread: Exchange email problem (S25R) Rule

  1. #1
    Senior Member
    Join Date
    Feb 2003
    Location
    Memphis, TN
    Posts
    3,747

    Exchange email problem (S25R) Rule

    One of the users here at work has been emailing with a gentlemen for the past week, then all of a sudden, yesterday, she couldn't email him anymore.

    This is what we get for a NDR.

    Code:
    There was a SMTP communication problem with the recipient's email server.  Please contact your system administrator.
    
                <mail.XXXX.com #5.5.0 smtp;550 <xx-xxx-xxx-31.static.twtelecom.net[XX.XXX.XXX.31]>: Client host rejected: REJECTED S25R RULE>
    This is the SMTP log

    Code:
    208.XXX.XXX.7, OutboundConnectionCommand, 6/26/2007, 10:04:48, SMTPSVC1, UAM-DC, -, 281, 0, 4, 0, 0, RCPT, -, TO:<XXXX@barfieldinc.com>,
    208.XXX.XXX.7, OutboundConnectionResponse, 6/26/2007, 10:04:48, SMTPSVC1, UAM-DC, -, 422, 0, 101, 0, 0, -, -, 450 <XX-XXX-XXX-31.static.twtelecom.net[XX.XXX.XXX.31]>: Client host rejected: 450 REJECTED S25R RULE,
    208.XXX.XXX.7, OutboundConnectionCommand, 6/26/2007, 10:04:48, SMTPSVC1, UAM-DC, -, 422, 0, 4, 0, 0, RSET, -, -,
    208.XXX.XXX.7, OutboundConnectionResponse, 6/26/2007, 10:04:48, SMTPSVC1, UAM-DC, -, 484, 0, 6, 0, 0, -, -, 250 Ok,
    Not really that sure where to go from here with it....this is Exchange server 2003, and it does have the GFI mail essentials package on it.

    I googled that S25R rule, but have not been able to find much on it other than some sort of Anti-spam tool maybe?

    Any help would be appreciated..thanks
    =

  2. #2
    AOs Resident Troll
    Join Date
    Nov 2003
    Posts
    3,152
    Do you have a proper reverse lookup for your mail server.

    We recently had this issue.

    Antispam filters will block mail unless it is registered.

    MLF
    How people treat you is their karma- how you react is yours-Wayne Dyer

  3. #3
    Senior Member
    Join Date
    Oct 2001
    Posts
    748
    It is an anti-spam system. Selective SMTP Rejection.

    http://www.gabacho-net.jp/en/anti-spam/

    Not much info in English, I've never heard of that name or error message before so I'm guessing that maybe this is something that is used in parts of Asia or East Europe.

  4. #4
    Senior Member
    Join Date
    Feb 2003
    Location
    Memphis, TN
    Posts
    3,747
    Yes we do have Reverse DNS setup properly (Had to do this a long time ago).

    So...theres not much I can do about this other than possibly contact the administrator of that domain?

    From what I can tell, this is out of my hands...am I correct in assuming that?

    Thanks.
    =

  5. #5
    Senior Member
    Join Date
    Feb 2003
    Location
    Memphis, TN
    Posts
    3,747
    And just to verify my RDNS..here is a Report from dns stuff


    Code:
    mail.xxx.com is not an IP address, so I am using 66.xxx.xx.xx (the A record for mail.xxx.com).
    
    Location: United States [City: Memphis, Tennessee]
    
    Preparation:
    The  reverse DNS entry for an IP is found by reversing the IP, adding it to "in-addr.arpa", and looking up the PTR record.
    So, the reverse DNS entry for 66.xxx.xxx.xx is found by looking up the PTR record for
     31.xxx.xxx.66.in-addr.arpa.
    All DNS requests start by asking the root servers, and they let us know what to do next.
    See How Reverse DNS Lookups Work for more information.
    
    How I am searching:
    Asking h.root-servers.net for xx.xxx.xxx.66.in-addr.arpa PTR record:  
           h.root-servers.net says to go to figwort.arin.net. (zone: 66.in-addr.arpa.)
    Asking figwort.arin.net. for xx.xxx.xxx.66.in-addr.arpa PTR record:  
           figwort.arin.net [192.42.93.32] says to go to ns1.milw.twtelecom.net. (zone: 162.66.in-addr.arpa.)
    Asking ns1.milw.twtelecom.net. for xx.xxx.xxx.66.in-addr.arpa PTR record:  Reports 66-xxx-xxx-xx.static.twtelecom.net. [from 216.136.95.2]
    
    Answer:
    66.xxx.xxx.xx PTR record: 66-xxx-xxx-xx.static.twtelecom.net. [TTL 86400s] [A=66.xxx.xxx.xx]
    =

  6. #6
    Right turn Clyde Nokia's Avatar
    Join Date
    Aug 2003
    Location
    Button Moon
    Posts
    1,696
    Have you checked if you are blacklisted? This happened on one of my domains a while ago - it turned out the server 'helo' name was not the same as the PTR DNS record, hence we got blacklisted. rDNS worked fine it was just an issue with the server name.
    Drugs have taught an entire generation of kids the metric system.

    http://tazforum.**********.com/

  7. #7
    THE Bastard Sys***** dinowuff's Avatar
    Join Date
    Jun 2003
    Location
    Third planet from the Sun
    Posts
    1,252
    cheyenne1212:

    They may have instituted spam filters like MX Logic or some other service. I know when I turned mine on I forgot to check the censor list. The word Blow was in the list. So any emails concerning blow molding (plastic) was denied.

    Oops!

    Do a MX record lookup through DNSSTUFF dot com and see if their mail is being routed through a service
    09:F9:11:02:9D:74:E3:5B8:41:56:C5:63:56:88:C0

  8. #8
    Senior Member
    Join Date
    Feb 2003
    Location
    Memphis, TN
    Posts
    3,747
    I think it might be what your talking about dino.

    Tested this persons email address that we cannot send to..from dnsstuff and this is what I got.

    Code:
    Getting MX record for barfieldinc.com (from local DNS server, may be cached)... Got it!
    
    Host	Preference	IP(s) [Country]
    mail2.innovativeinternet.net.	20	208.244.165.7 [US]
    mail3.innovativeinternet.net.	30	207.44.168.240 [US]
    
    
    
    
    Step 1:  Try connecting to the following mailserver:
             mail2.innovativeinternet.net. - 208.244.165.7
    
    Step 2:  If unsuccessful in step 1, try connecting to the following mailserver:
             mail3.innovativeinternet.net. - 207.44.168.240
    
    Step 3:  If still unsuccessful, queue the E-mail for later delivery.
    
    
    
    Trying to connect to all mailservers:
    
       mail2.innovativeinternet.net. - 208.244.165.7  [Could not connect: Got an unknown RCPT TO response: 550 <85.3b.354a.static.theplanet.com[74.53.59.133]>: Client host rejected: REJECTED S25R RULE
    ]
       mail3.innovativeinternet.net. - 207.44.168.240  [Could not connect: Got an unknown RCPT TO response: 550 <85.3b.354a.static.theplanet.com[74.53.59.133]>: Client host rejected: REJECTED S25R RULE http://www.innovativeinternet.com/support/rejected_email.html
    I tried going to the link right above to see what that does, but it doesn't do anything for me.

    Notice the main A records go to another IP in a different range...The planet(who I happen to have a few servers at), offer a "Spirius" email filtering solution...maybe thats whats going on.

    I'm talking with them over there to see if I can confirm or deny that...if so, then I'll be talking with the admin of that domain to see if they can whitelist us.


    THanks for the help guys.
    =

  9. #9
    Senior Member WolfeTone's Avatar
    Join Date
    Jun 2007
    Location
    Ireland
    Posts
    197
    You might want to check and make sure your Exchange Server is not an Open Relay.

Similar Threads

  1. The Problem of Evil
    By rcgreen in forum Cosmos
    Replies: 45
    Last Post: April 20th, 2007, 08:41 PM
  2. Port List
    By ThePreacher in forum Miscellaneous Security Discussions
    Replies: 17
    Last Post: December 14th, 2006, 09:37 PM
  3. Email Security Problem
    By listener in forum Newbie Security Questions
    Replies: 8
    Last Post: January 18th, 2003, 07:36 AM
  4. Exchange 2000 Problem
    By Louie in forum Microsoft Security Discussions
    Replies: 8
    Last Post: August 29th, 2002, 09:31 PM
  5. The Worlds Longest Thread!
    By Noble Hamlet in forum AntiOnline's General Chit Chat
    Replies: 1100
    Last Post: March 17th, 2002, 09:38 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •