IP being blocked by Symantec global

I need a solution

I’m an ISP providing email services to my clients. One of my clients has had trouble sending to a particular domain, but her email address is being block by Symantec globally because of poor reputation. how can we be re-evaluated?

0

Related:

Recipient address rejected from aitelecom.net

I need a solution

Hello,

We can’t send messages to recipients who use messagelabs email service,

Our email server mail.aitelecom.net is at IP address 200.9.182.24 and 200.9.182.6

Is it possible to remove this IP address from the blacklist?

Last month we had an issue with one of our accounts sending spam, but we have fixed since then.

this is a sample of rejected message:

De: Mail Delivery System <MAILER-DAEMON@messagelabs.com> Enviado el: viernes, 14 de diciembre de 2018 05:42 a.m.

Para: ocastillo@aitelecom.net

Asunto: Mail Delivery Failure

This is the mail delivery agent at Symantec Email Security.cloud.

I was unable to deliver your message to the following addresses:

 we ha

ocastillo@aitelecom.net

Reason: 554 5.7.1 <ocastillo@aitelecom.net>: Recipient address rejected: SMTP AUTH is required, or it is a spam with forged sender domain

The message subject was: Directorio Empresarial Mexicano 2019 The message date was: Fri, 14 Dec 2018 05:41:52 -0600 The message identifier was: 0F/69-08740-217931C5 The message reference was: server-9.tower-346.messagelabs.com!1544787715!3047177!8

Please do not reply to this email as it is sent from an unattended mailbox.

Contact your email administrator if you need more information, or instructions for resolving this issue.

Regards,

Manuel Canto

0

Related:

SEPM is unable to send Auto Email notification

I do not need a solution (just sharing information)

We installed SEPM 14 MP2 but never got Auto email notification working. After working with Symantec support, it was very frustrating and requested to close the case as it was going no where. Recently I had some time to work on it. Key environment:

            1) Email Server: Office 356 and all emails are scanned by Message Lab Email Security.Cloud

             2) Web Security.Cloud

Error messages “Symantec Endpoint Protection Manager cannot send a test email using the settings you specified. Verify your email server settings. For more information, see the knowledgebase article: How to configure email server settings

I was not sure what address to define in Admin >> Server >> Edit Server Properties >> Email Server >> Server address. Symantec supported tried with different O365 addresses like: outlook.office365.com, smtp.office365.com etc. and none worked. TECH240170 was not so helpful and scm-ui*.err log was showing error like this:

26/09/2017 2:09:58 PM  STDOUT: Sending test email …

26/09/2017 2:10:27 PM Email INFO: Start to send email to [secteam@abc.com] using server: cluster4.us.messagelabs.com.

26/09/2017 2:10:27 PM  STDOUT: Start to send email to [secteam@abc.com] using server: cluster4.us.messagelabs.com.

26/09/2017 2:10:27 PM Email INFO: Sending email…

26/09/2017 2:10:28 PM Email SEVERE: Valid unsent addresses: [secteam@abc.com]

26/09/2017 2:10:28 PM Email SEVERE: Fail to send email to secteam@abc.com using server: cluster4.us.messagelabs.com.

secteam@abc.com was indeed a valid address.

What I figured out: in Admin >> Server >> Edit Server Properties >> Email Server >> Server address – maker sure it matches with the address of O365 Admin Console >> Setup >> Domains >> Required DNS settings >> MX

Now this should obviously match in Message Lab under Services >> Email Services >> Inbound Routes.

Further running a packet capture on SEPM, I found this very interesting:

220 ME1AUS01FT008.mail.protection.outlook.com Microsoft ESMTP MAIL Service ready at Tue, 26 Sep 2017 04:35:30 +0000

EHLO SYD.corp.abc.com

250-ME1AUS01FT008.mail.protection.outlook.com Hello [X.Y.255.70]

250-SIZE 157286400

250-PIPELINING

250-DSN

250-ENHANCEDSTATUSCODES

250-STARTTLS

250-8BITMIME

250-BINARYMIME

250 CHUNKING

MAIL FROM:<moin.sobhan@abc.com>

250 2.1.0 Sender OK

RCPT TO:<secteam@abc.com>

550 5.7.606 Access denied, banned sending IP [X.Y.255.70]. To request removal from this list please visit https://sender.office.com/ and follow the directions. For more information please go to  http://go.microsoft.com/fwlink/?LinkID=526655 (AS16012609) [ME1AUS01FT008.eop-AUS01.prod.protection.outlook.com]

RSET

250 2.0.0 Resetting

QUIT

221 2.0.0 Service closing transmission channel

Now the address X.Y.266.70 is our registered IP assigned for our domain in Message Lab under  Services > Web Security Services > Web Routes. Further going to the link https://sender.office.com/, I came across our IP was blocked. It gives the option to delist the IP and issue was resolved.

0

Related:

How to send customer email notifications (alerts) without customer email server?

Hi,

Customer has externalized the Email Services, so they don’t have an email server in their company. They still would like to receive alerts emails from VNX, but now they don’t have his own SMTP Server to do that. I’ve read in the ESRS release notes:

Note: The email server is on the customer’s network. ESRS should not be used for SMTP traffic destined for the customer, that is, mail will not be forwarded.

We are going to install ESRS VE. is there any ESRS VE functionality that can send mails to customer? Has anybody tried any free SMTP application to do that?

Thanks in advance

Related:

ICC 4.0 Email connector fails to resolve one of the configured email address

ICC 4.0 Email connector fails to resolve one of the configured email address with below error message –
**AFUM0024E:** An error occurred: The store DN and the mailbox DN could not be derived for user ID ‘xxx@xxx.com’

The mailbox is hosted on MS Exchange server 2010.
Attached are mail connector trace log snippet. .

[One for successful resolution of email address][1].
[Other for error we are facing.][2]

[1]: /answers/storage/temp/17112-mailconnectortrace-resolvedasacegrup.txt
[2]: /answers/storage/temp/17113-mailconnectortrace-resolvefailure.txt

Related:

The logon to Outlook Web Access failed. If the problem continues, contact technical support for your organization and tell them the following: The Active Directory profile for “%1” does not have a primary SMTP address.This may have happened because the user’s account was not created with the Exchange Management Console or Exchange Server’s command-line tools. The following Exchange Management Shell steps provide one way of correcting the most common cause of the problem. Get-User “%2” | Disable-Mailbox. Get-User “%3” | Enable-Mailbox At the prompt, enter the mailbox database name (normally “Mailbox Store”).

Details
Product: Exchange
Event ID: 37
Source: MSExchange OWA
Version: 8.0
Symbolic Name: PrimarySmtpAddressUnavailable
Message: The logon to Outlook Web Access failed. If the problem continues, contact technical support for your organization and tell them the following: The Active Directory profile for “%1” does not have a primary SMTP address.This may have happened because the user’s account was not created with the Exchange Management Console or Exchange Server’s command-line tools. The following Exchange Management Shell steps provide one way of correcting the most common cause of the problem. Get-User “%2” | Disable-Mailbox. Get-User “%3” | Enable-Mailbox At the prompt, enter the mailbox database name (normally “Mailbox Store”).
   
Explanation

This Error event indicates that the user referenced in the event description could not log on to their mailbox using Microsoft® Office Outlook® Web Access because their mailbox does not have a primary Simple Mail Transfer Protocol (SMTP) address. Each user can have one or more SMTP addresses, but one of these addresses must be the primary address. The primary SMTP address displays in bold in the Exchange Management Console. This event may occur if the user mailbox was not created by using the Exchange Management Console or the Exchange Management Shell.

   
User Action

To resolve this error, follow these steps:

  1. Disable the mailbox for the user.

  2. Create a new mailbox for the user.

You can perform these procedures by using the Exchange Management Console or the Exchange Management Shell.

For information about how to disable a mailbox, see How to Disable a Mailbox.

For information about how to create a mailbox, see How to Create a Mailbox for a New User.

If you are not already doing so, consider running the tools that Microsoft Exchange offers to help administrators analyze and troubleshoot their Exchange environment. These tools can help you make sure that your configuration is in line with Microsoft best practices. They can also help you identify and resolve performance issues, improve mail flow, and better manage disaster recovery scenarios. Go to the Toolbox node of the Exchange Management Console to run these tools now. For more information about these tools, see Toolbox in the Exchange Server 2007 Help.

Related:

Troubleshoot errors: Exchange – Mailbox has Exceeded Maximum Mailbox Size

ERROR – The mailbox for has exceeded the maximum mailbox size. This mailbox cannot send or receive messages. Incoming messages to this mailbox are returned to sender. The mailbox owner should be notified about the condition of the mailbox as soon as possible.

Most organizations implement mailbox quotas on their Exchange. While this policy is good for managing disk space and enforce users to clean up their mailboxes, this also poses a challenge for individual users when they exceed their quota. In this case the user has exceeded their send and receive quota. Even though it is recommended to monitor mailbox quotas on a regular basis through custom Exchange reporting, many organizations fail to do this because of the effort required and the IT support team works in a reactive way.

In most cases it is the end-user who reports to the IT support staff that they cannot receive or send email messages anymore. The IT support staff may engage in various levels of troubleshooting to finally come into a conclusion that this issue is mail quota related and can then advice the user to clean up some room – or increase the quota for the user.

This troubleshooting process can be removed when bringing Exchange servers under Intelligent Monitoring – mailbox quota events are picked up by monitoring and an alert is generated. This allows the IT support staff to respond to the issue before the end-user even notices the issue. This, in turn, can greatly improve the IT support staff efficiency and improve end-user perception of IT service level.

Related: