IP does not like recipient.

I do not need a solution (just sharing information)

Hi,

I am using office 365 as a mail provider. When I send email from my mac to certain email addresses I get the bounce back message below. When I send the extact same message to the exact same recipient using Outlook online the message gets through no problems. 

Why is this email being blocked using my mac mail but not outlook 365?

Any help much appreciated.

Thanks,

Matt.

Hi. This is the qmail-send program at apm-internet.net.
I’m afraid I wasn’t able to deliver your message to the following addresses.
This is a permanent error; I’ve given up. Sorry it didn’t work out.

<aaa@aaa.com>:
67.219.246.101 does not like recipient.
Remote host said: 553-SPF (Sender Policy Framework) domain authentication
553-fail. Refer to the Troubleshooting page at
553-https://linkprotect.cudasvc.com/url?a=http%3a%2f%2fwww.symanteccloud.com%2ftroubleshooting&c=E,1,pc9hEdG61NJSVH7AYssP-yywYul9TSypNsx3RBTdb4TL7v2bHMneVnKqBc9ZeD1QBoe4my3N124U8po0bHHiZAeXEMR3bgcpjJHoFvEa2oPF&typo=1 for more
553 information. (#5.7.1)
Giving up on 67.219.246.101.
STARTTLS proto=TLSv1.2; cipher=ECDHE-RSA-AES256-GCM-SHA384; subject=/C=US/ST=California/L=Mountain View/O=Symantec Corporation/OU=https://linkprotect.cudasvc.com/url?a=https%3a%2f%2f%2f%2fSymantec.cloud%2fCN%3dmail385.messagelabs.com%3b&c=E,1,D8lOzAca7lsjaTLXAGwS1SiiVFfMYaeVAar8gtL8BooaDfYMy_4jwk3PSbbcEmugfMsbGmXHygo_LtDNvMnhwrqbqN7iyBtuOin9qvNsX30wMQ,,&typo=1 issuer=/C=US/O=DigiCert Inc/CN=DigiCert SHA2 Secure Server CA;

— Below this line is a copy of the message.

0

Related:

TLS support

I need a solution

We have one client using secured email service, which requires TSL excrypted messaging, but after enabling TLS for this domain, the TLSSTART command is still unrecognized..  Of course the SMG server at this point don’t even know about the destination domain, and it’s settings. So does the Messaging Gateway support TLS handshaking or not, and what might be the problem here?   
 

 telnet qntsrv9.qnet.fi 25

Trying 62.142.220.9…

Connected to qntsrv9.qnet.fi.

Escape character is ‘^]’.

220 qntsrv9.qnet.fi ESMTP Q-Net Spamcontrol ehlo turvaposti.fi 250-qntsrv9.qnet.fi says EHLO to 212.68.18.130:35317 250-8BITMIME 250-PIPELINING 250-SIZE 110000000

250 ENHANCEDSTATUSCODES

STARTTLS

500 5.5.2 unrecognized command

Jukka

0

Related:

421 Service Temporarily Unavailable

I do not need a solution (just sharing information)

Good day

My client always send message from  programacion.pampilla @ cargotransportperu.com to repsolpampilla @ repsol.com.

Today when cargotransportperu.com send mails to repsol.com receive an error message this message:

== repsolpampilla@repsol.com R=lookuphost T=remote_smtp defer (-44) H=cluster1a.eu.messagelabs.com [3.123.158.38]: SMTP error from remote mail server after RCPT TO:<repsolpampilla@repsol.com>: 421 Service Temporarily Unavailable

Thanks in advance for your help

Here full header:

LOG: MAIN
  cwd=/usr/local/cpanel/whostmgr/docroot 4 args: /usr/sbin/exim -v -M 1iK1A0-003783-Tu
delivering 1iK1A0-003783-Tu
LOG: MAIN
  Sender identification U=cargotra D=cargotransportperu.com S=programacion.pampilla@cargotransportperu.com
Connecting to cluster1.eu.messagelabs.com [85.158.142.97]:25 from 184.154.61.59 … connected
  SMTP<< 220 server-20.tower-222.messagelabs.com ESMTP
  SMTP>> EHLO cargotransportperu.com
  SMTP<< 250-server-20.tower-222.messagelabs.com
         250-STARTTLS
         250-PIPELINING
         250 8BITMIME
  SMTP>> STARTTLS
  SMTP<< 220 ready for TLS
  SMTP>> EHLO cargotransportperu.com
  SMTP<< 250-server-20.tower-222.messagelabs.com
         250-PIPELINING
         250 8BITMIME
  SMTP>> MAIL FROM:<programacion.pampilla@cargotransportperu.com>
  SMTP>> RCPT TO:<repsolpampilla@repsol.com>
  SMTP>> DATA
  SMTP<< 250 OK
  SMTP<< 450-Requested action aborted [9] 222-20, please visit
         450-http://www.symanteccloud.com/troubleshooting for more
         450 details about this error message.
LOG: MAIN
  H=cluster1.eu.messagelabs.com [85.158.142.97]: SMTP error from remote mail server after RCPT TO:<repsolpampilla@repsol.com>: 450-Requested action aborted [9] 222-20, please visitn450-http://www.symanteccloud.com/troubleshooting for moren450 details about this error message.
  SMTP<< 503 RCPT first (#5.5.1)
  SMTP>> QUIT
  SMTP(close)>>
Connecting to cluster1.eu.messagelabs.com [85.158.142.196]:25 from 184.154.61.59 … connected
  SMTP<< 220 server-13.tower-241.messagelabs.com ESMTP
  SMTP>> EHLO cargotransportperu.com
  SMTP<< 250-server-13.tower-241.messagelabs.com
         250-STARTTLS
         250-PIPELINING
         250 8BITMIME
  SMTP>> STARTTLS
  SMTP<< 220 ready for TLS
  SMTP>> EHLO cargotransportperu.com
  SMTP<< 250-server-13.tower-241.messagelabs.com
         250-PIPELINING
         250 8BITMIME
  SMTP>> MAIL FROM:<programacion.pampilla@cargotransportperu.com>
  SMTP>> RCPT TO:<repsolpampilla@repsol.com>
  SMTP>> DATA
  SMTP<< 250 OK
  SMTP<< 450-Requested action aborted [9] 241-13, please visit
         450-http://www.symanteccloud.com/troubleshooting for more
         450 details about this error message.
LOG: MAIN
  H=cluster1.eu.messagelabs.com [85.158.142.196]: SMTP error from remote mail server after RCPT TO:<repsolpampilla@repsol.com>: 450-Requested action aborted [9] 241-13, please visitn450-http://www.symanteccloud.com/troubleshooting for moren450 details about this error message.
  SMTP<< 503 RCPT first (#5.5.1)
  SMTP>> QUIT
  SMTP(close)>>
Connecting to cluster1a.eu.messagelabs.com [52.58.21.128]:25 from 184.154.61.59 … connected
  SMTP<< 220 mail555.messagelabs.com ESMTP Mon, 14 Oct 2019 16:05:38 +0000
  SMTP>> EHLO cargotransportperu.com
  SMTP<< 250-mail555.messagelabs.com Hello ip-100-113-12-211.eu-central-1.aws.symcld.net [100.113.12.211]
         250-SIZE 52428800
         250-8BITMIME
         250-PIPELINING
         250-CHUNKING
         250-PRDR
         250 HELP
  SMTP>> MAIL FROM:<programacion.pampilla@cargotransportperu.com> SIZE=3602907
  SMTP>> RCPT TO:<repsolpampilla@repsol.com>
  SMTP>> DATA
  SMTP<< 250 OK
  SMTP<< 421 Service Temporarily Unavailable
LOG: MAIN
  H=cluster1a.eu.messagelabs.com [52.58.21.128]: SMTP error from remote mail server after RCPT TO:<repsolpampilla@repsol.com>: 421 Service Temporarily Unavailable
  SMTP<< 503-All RCPT commands were rejected with this error:
         503-Service Temporarily Unavailable
         503 Valid RCPT command must precede DATA
  SMTP>> QUIT
  SMTP(close)>>
Connecting to cluster1a.eu.messagelabs.com [3.123.158.38]:25 from 184.154.61.59 … connected
  SMTP<< 220 mail555.messagelabs.com ESMTP Mon, 14 Oct 2019 16:05:38 +0000
  SMTP>> EHLO cargotransportperu.com
  SMTP<< 250-mail555.messagelabs.com Hello ip-100-113-13-49.eu-central-1.aws.symcld.net [100.113.13.49]
         250-SIZE 52428800
         250-8BITMIME
         250-PIPELINING
         250-CHUNKING
         250-PRDR
         250 HELP
  SMTP>> MAIL FROM:<programacion.pampilla@cargotransportperu.com> SIZE=3602907
  SMTP>> RCPT TO:<repsolpampilla@repsol.com>
  SMTP>> DATA
  SMTP<< 250 OK
  SMTP<< 421 Service Temporarily Unavailable
  SMTP<< 503-All RCPT commands were rejected with this error:
         503-Service Temporarily Unavailable
         503 Valid RCPT command must precede DATA
  SMTP>> QUIT
  SMTP(close)>>
LOG: MAIN
  == repsolpampilla@repsol.com R=lookuphost T=remote_smtp defer (-44) H=cluster1a.eu.messagelabs.com [3.123.158.38]: SMTP error from remote mail server after RCPT TO:<repsolpampilla@repsol.com>: 421 Service Temporarily Unavailable
 

0

Related:

VPLEX: Health-check –full reports Call Home “Error” state post NDU[1]

Article Number: 523118 Article Version: 3 Article Type: Break Fix



VPLEX GeoSynchrony,VPLEX Local,VPLEX Metro,VPLEX Series,VPLEX VS2,VPLEX VS6

An Error is reporting in the commandhealth-check –full post upgrade but the Call Home functions properly.

  • Pre NDU Health-check –full doesn’t report an error.

  • Post NDUHealth-check –full reports “Checking Call Home Status” as Error.

  • ConnectEMC_config.xml file looks the same as pre NDU as post NDU.

  • No issues seen in connectemc related logs.

  • The SMTP service is reachable and non-blocked.

  • Call-Home works right, for every triggered call-home test.

  • SYR / CLM system determine call home alerts have being correctly received. Hence, confirming Connecthome is received.

Comparing PRE & POST Non-Disruptive Upgrade (NDU)

PRE NDU

VPlexcli:/> health-check –full

Configuration (CONF):

Checking VPlexCli connectivity to directors……………….. OK

Checking Directors Commission……………………………. OK

Checking Directors Communication Status…………………… OK

Checking Directors Operation Status………………………. OK

Checking Inter-director management connectivity……………. OK

Checking ports status…………………………………… OK

Checking Call Home……………………………………… OK

Checking Connectivity…………………………………… OK

POST NDU

VPlexcli:/> health-check –full

Configuration (CONF):

Checking VPlexCli connectivity to directors……………….. OK

Checking Directors Commission……………………………. OK

Checking Directors Communication Status…………………… OK

Checking Directors Operation Status………………………. OK

Checking Inter-director management connectivity……………. OK

Checking ports status…………………………………… OK

Checking Call Home Status……………………………….. Error

service@vplexMM:/var/log/VPlex/cli> more health_check_full_scan.log

Configuration (CONF):

Checking VPlexCli connectivity to directors……………….. OK

Checking Directors Commission……………………………. OK

Checking Directors Communication Status…………………… OK

Checking Directors Operation Status………………………. OK

Checking Inter-director management connectivity……………. OK

Checking ports status…………………………………… OK

Checking Call Home Status……………………………….. Error

Email Server under Notification type: ‘onSuccess/onFailure’ is either

Not reachable or invalid.

Check if Email Server IP address: ‘10.1.111.100’ is reachable and valid.

Email Server under Notification type: ‘Primary’ and ‘Failover’ are either

Not reachable or invalid.

Check if Email Server IP address: ‘10.1.111.100’ and ‘10.1.111.100’ are

Reachable and valid.

service@vplexMM:/opt/emc/connectemc> cat ConnectEMC_config.xml

<?xml version=”1.0″ encoding=”UTF-8″ standalone=”no” ?>

<ConnectEMCConfig SchemaVersion=”1.1.0″>

<ConnectConfig Type=”Email”>

<Retries>7</Retries>

<Notification>Primary</Notification>

<Timeout>700</Timeout>

<Description></Description>

<BsafeEncrypt>no</BsafeEncrypt>

<IPProtocol>IPV4</IPProtocol>

<EmailServer>10.1.111.100</EmailServer>

<EmailAddress>emailalert@EMC.com</EmailAddress>

<EmailSender>VPlex_CKM00000000999@EMC.com</EmailSender>

<EmailFormat>ASCII</EmailFormat>

<EmailSubject>Call Home</EmailSubject>

<STARTTLS>no</STARTTLS>

<IncludeCallHomeData>no</IncludeCallHomeData>

<InsertBefore></InsertBefore>

<PreProcess></PreProcess>

<PostProcess></PostProcess>

<HeloParameter></HeloParameter>

</ConnectConfig>

<ConnectConfig Type=”Email”>

<Retries>7</Retries>

<Notification>Failover</Notification>

<Timeout>700</Timeout>

<Description></Description>

<BsafeEncrypt>no</BsafeEncrypt>

<IPProtocol>IPV4</IPProtocol>

<EmailServer>10.1.111.100</EmailServer>

<EmailAddress>emailalert@EMC.com</EmailAddress>

<EmailSender> VPlex_CKM00000000999@EMC.com</EmailSender>

<EmailFormat>ASCII</EmailFormat>

<EmailSubject>Call Home</EmailSubject>

<STARTTLS>no</STARTTLS>

<IncludeCallHomeData>no</IncludeCallHomeData>

<InsertBefore></InsertBefore>

<PreProcess></PreProcess>

<PostProcess></PostProcess>

<HeloParameter></HeloParameter>

</ConnectConfig>

<ConnectConfig Type=”Email”>

<Retries>7</Retries>

<Notification>onSuccess/onFailure</Notification>

<Timeout>700</Timeout>

<Description></Description>

<BsafeEncrypt>no</BsafeEncrypt>

<IPProtocol>IPV4</IPProtocol>

<EmailServer>10.1.111.100</EmailServer>

<EmailAddress>customer@genericemailaddress.com</EmailAddress>

<EmailSender>VPlex_CKM00000000999@EMC.com</EmailSender>

<EmailFormat>ASCII</EmailFormat>

<EmailSubject>Call Home</EmailSubject>

<STARTTLS>no</STARTTLS>

<IncludeCallHomeData>yes</IncludeCallHomeData>

<InsertBefore></InsertBefore>

<PreProcess></PreProcess>

<PostProcess></PostProcess>

<HeloParameter></HeloParameter>

</ConnectConfig>

</ConnectEMCConfig>

service@vplexMM:/var/log/ConnectEMC/logs> ping 10.1.111.100

PING 10.1.111.100 (10.1.111.100) 56(84) bytes of data.

— 10.1.111.100 ping statistics —

6 packets transmitted, 0 received, 100% packet loss, time 5010ms

service@vplexMM:~> telnet 10.1.111.100 25

Trying 10.1.111.100…

Connected to 10.1.111.100

Escape character is ‘^]’.

220 emc.com

helo localhost

250 emc.com

mail from: VPlex_CKM00000000999@EMC.com

250 2.1.0 Ok

rcpt to:customer@genericemailaddress.com

250 2.1.0 Ok

VPlexcli:/notifications/call-home> test

call-home test was successful.


As per the above information, this means that the customer is allowing the SMTP service on port “25” only and not the ICMP “ping”.

This error is expected and can be ignored once you verify that the test call home is working and appearing under /opt/emc/connectemc/archive

service@vplexMM:/opt/emc/connectemc/archive> ll

-rw-r—– 1 service users 2814 Jun 25 13:17 RSC_CKM00000000999_062518_011656000.xml

-rw-r—– 1 service users 2814 Jun 25 10:54 RSC_CKM00000000999_062518_105401000.xml

-rw-r—– 1 service users 2814 Jun 25 11:11 RSC_CKM00000000999_062518_111102000.xml

-rw-r—– 1 service users 2814 Jun 25 11:48 RSC_CKM00000000999_062518_114834000.xml

Checking call home status is part of the health-check — full script which does the following:

1- Check the email server for each notification type in /opt/emc/connectemc/ConnectEMC_config.xml

2- Ping the server. If the server is not pingable for any reason (not reachable via network, server is shutdown, ICMP service is blocked via firewall, the <EmailServer> is a DNS name instead of the name in the ConnectEMC_config.xml file).

As a result, the commandhealth-check –full script will fail and will show the following error:

Checking Call Home Status……………………………….. Error

The current healthcheck script checks if call home is enabled and generates a “Warning” state if it’s disabled.

The healthcheck script also checks if call home has been functioning properly with several verifications such as: checking call homes have been generated; the call home emails have been sent successfully sent; or if SMTP server ping is alive.

If any of these verifications fail, the script’s result will be flagged with an error as shown:

Checking Call Home Status……………………………….. Error

After enabling the ICMP protocol on the firewall level between the VPLEX management server and their selected email server used (ESRS, customer’s email server), the Call Home “Error” status is now clean:

VPlexcli:/> health-check –full

Configuration (CONF):

Checking VPlexCli connectivity to directors……………….. OK

Checking Directors Commission……………………………. OK

Checking Directors Communication Status…………………… OK

Checking Directors Operation Status………………………. OK

Checking Inter-director management connectivity……………. OK

Checking ports status…………………………………… OK

Checking Call Home Status……………………………….. OK

Checking Connectivity…………………………………… OK

Checking COM Port Power Level……………………………. OK

Checking Meta Data Backup……………………………….. OK

Checking Meta Data Slot Usage……………………………. OK

Related:

MessageLabs.com 421 Service Temporarily Unavailable, TLS negotiation failed with error IllegalMessage

I do not need a solution (just sharing information)

I have already indeed email a sample message to Symantec (investigation@review.symantec.com) for the NDR message delayed emails.

I poseted in hopes to maybe help with this issue and see if someone else has any ideas.

In the Send connector protocol logs, we see:

2019-01-09T16:42:03.318Z,Internet,08D1234567811DF6,0,,x.x.x.x:25,*,,attempting to connect
2019-01-09T16:42:03.334Z,Internet,08D6723456789DF6,1,x.x.x.x:32944,x.x.x.x:25,+,,
<,220 server-5.tower-347.messagelabs.com ESMTP,
>,EHLO Mail.xxxx.com,
<,250-server-5.tower-347.messagelabs.com,
<,250-STARTTLS,
<,250-PIPELINING,
<,250 8BITMIME,
>,STARTTLS,
<,220 ready for TLS,
*,,Sending certificate
*,”CN=mail.xxxx.com, O=””xxxx, Inc.””, L=xxxx, S=xxxx, C=US”,Certificate subject
*,”CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US”,Certificate issuer name
*,09024235443534F8234324,Certificate serial number
*,FDA0D53434343D933F32345123456789681DAAC3,Certificate thumbprint
*,mail.xxxx.com;autodiscover.xxxx.com;owa.xxxx.com;,Certificate alternate names
*,,TLS negotiation failed with error IllegalMessage
-,,Local

Then we Also See:

2019-01-09T19:35:50.765Z,Internet,08D67123445551F4,0,,x.x.x.x:25,*,,attempting to connect
2019-01-09T19:35:50.765Z,Internet,08D67123445551F4,1,x.x.x.x:48897,x.x.x.x:25,+,,
2019-01-09T19:35:51.093Z,Internet,08D67123445551F4,2,x.x.x.x:48897,x.x.x.x:25,<,”220 mail555.messagelabs.com ESMTP Wed, 09 Jan 2019 19:35:50 +0000″,
2019-01-09T19:35:51.093Z,Internet,08D67123445551F4,3,x.x.x.x:48897,x.x.x.x:25,>,EHLO mail.xxxx.com,
2019-01-09T19:35:51.140Z,Internet,08D67123445551F4,4,x.x.x.x:48897,x.x.x.x:25,<,250-mail555.messagelabs.com Hello ip-100-112-14-171.us-east-1.aws.symcld.net [100.112.14.171],
2019-01-09T19:35:51.140Z,Internet,08D67123445551F4,5,x.x.x.x:48897,x.x.x.x:25,<,250-SIZE 52428800,
2019-01-09T19:35:51.140Z,Internet,08D67123445551F4,6,x.x.x.x:48897,x.x.x.x:25,<,250-8BITMIME,
2019-01-09T19:35:51.140Z,Internet,08D67123445551F4,7,x.x.x.x:48897,x.x.x.x:25,<,250-PIPELINING,
2019-01-09T19:35:51.140Z,Internet,08D67123445551F4,8,x.x.x.x:48897,x.x.x.x:25,<,250-CHUNKING,
2019-01-09T19:35:51.140Z,Internet,08D67123445551F4,9,x.x.x.x:48897,x.x.x.x:25,<,250-PRDR,
2019-01-09T19:35:51.140Z,Internet,08D67123445551F4,10,x.x.x.x:48897,x.x.x.x:25,<,250 HELP,
2019-01-09T19:35:51.140Z,Internet,08D67123445551F4,11,x.x.x.x:48897,x.x.x.x:25,*,,sending message with RecordId 10261234567442 and InternetMessageId <1523344547606.84370@xxxx.com>
2019-01-09T19:35:51.140Z,Internet,08D67123445551F4,12,x.x.x.x:48897,x.x.x.x:25,>,MAIL FROM:<Paul.xxxx@xxxx.com> SIZE=34071,
2019-01-09T19:35:51.140Z,Internet,08D67123445551F4,13,x.x.x.x:48897,x.x.x.x:25,>,RCPT TO:<jschxxxx@xxxx.com>,
2019-01-09T19:35:51.186Z,Internet,08D67123445551F4,14,x.x.x.x:48897,x.x.x.x:25,<,250 OK,
2019-01-09T19:35:51.186Z,Internet,08D67123445551F4,15,x.x.x.x:48897,x.x.x.x:25,<,421 Service Temporarily Unavailable,

All Message Labs Servers we see with TLS Negoiation Problems:

server-6.tower-367.messagelabs.com

server-14.tower-387.messagelabs.com

server-35.tower-384.messagelabs.com

server-9.tower-347.messagelabs.com

server-13.tower-407.messagelabs.com

server-35.tower-404.messagelabs.com

server-3.tower-327.messagelabs.com

server-35.tower-344.messagelabs.com

server-8.tower-341.messagelabs.com

server-16.tower-381.messagelabs.com

server-3.tower-361.messagelabs.com

server-4.tower-246.messagelabs.com

MessageLabs with 421 Service Temporarily Unavailable:

mail555.messagelabs.com

0

Related:

Certificate chain presented by the SMG appliance contains root anchor

I do not need a solution (just sharing information)

During SMTP STARTTLS and HTTPS TLS negotiation the SMG appliance presents a certificate chain.
The presented certificate chain also includes the root anchor certificate which serves no purpose and is increasing the TLS handshake latency.

RFC5246 states:

“Because certificate validation requires that root keys be distributed independently, the self-signed certificate that specifies the root certificate authority MAY be omitted from the chain, under the assumption that the remote end must already possess it in order to validate it in any case.”

So while it seems not to be an issue to include the root certificate according to RFC5246, the SMG appliance could reduce TLS handshake latency by omitting it.

I would like to hear your thoughts on that issue:

https://www.symantec.com/connect/polls/should-root…

0

Related:

  • No Related Posts

.Cloud doesn’t try TLS encryption

I need a solution

I removed the certificate on my email server and turned off the TLS feature because of some cost issue.

Then .Cloud started to send outbound message without encryption.

.Cloud never tries TLS even if 3rd party mail servers (ex: gmail.com) explicitely allow TLS if you send outbound messages without TLS.

Here is a figure which explains the situation.

Here is some additional information:

20180502_FAILED.eml -> TLS test result after I turned off TLS on my server (TLS failed)

<– 220 ts6.checktls.com ESMTP TestSender Wed, 02 May 2018 06:12:10 -0400
–> EHLO mail1.bemta8.messagelabs.com
< — 250-ts6.checktls.com Hello  [216.82.243.199], pleased to meet you
< — 250-ENHANCEDSTATUSCODES
< — 250-8BITMIME
<– 250-STARTTLS
<– 250 HELP
–> MAIL FROM:jaemoo.hur@samsungsquare.com

20180502_SUCCESSFUL.eml -> TLS test result after I turned on TLS on my server (TLS succeeded)

<– 220 ts6.checktls.com ESMTP TestSender Wed, 02 May 2018 06:24:45 -0400
–> EHLO mail1.bemta12.messagelabs.com
< — 250-ts6.checktls.com Hello  [216.82.251.13], pleased to meet you
< — 250-ENHANCEDSTATUSCODES
< — 250-8BITMIME
<– 250-STARTTLS
< — 250 HELP
–> STARTTLS
< — 220 Ready to start TLS
====tls negotiation successful (cypher: AES256-GCM-SHA384)
client cert:
Subject Name: undefined
Issuer  Name: undefined
~~> EHLO mail1.bemta12.messagelabs.com
< ~~ 250-ts6.checktls.com Hello  [216.82.251.13], pleased to meet you
< ~~ 250-ENHANCEDSTATUSCODES
< ~~ 250-8BITMIME
< ~~ 250 HELP
~~> MAIL FROM:jaemoo.hur@samsungsquare.com

 
0

Related:

MessageLabs blocking emails error 501

I need a solution

Hello, we’ve had this issue for a while and have already exhausted trying to communicate directly with the receiving party.  More often than not, they are clueless as to how to remove us from whatever list is being maintained that is blocking our emails and those who seem to have a bit of technical knowledge always claim that they have no control over it.

I’ve tried reaching out to my data center directly who has already tried to whitelist through other means without success so I am opening a ticket here (after several months of trying everything else) as a last resource.

Here is the blocked message.  I am using *** to protect some of the email addresses here but happy to provide these privately if need be.  I’ve also emailed this to the email that is being provided in different similar threads here but have not had a response.

The originating IP that is being blocked is: 107.174.26.221.  This particular IP  I have it exclusively assigned to a single customer so that I am not blocking the entire server.  Here is the email log error:

Hello, this message is intended for your IT department or whoever handles your email service.  We are a Web Hosting company and emails from our servers are being filtered / blocked by yours.  As a consequence, legitimate communication from my clients to your servers are being rejected and thus why I’ve contacted you today.  I am pasting below the actual error message so you can have your IT department troubleshoot and possibly remove us from such blockage.

Thanks!

The source IP address is: 107.174.26.221

LOG: MAIN
  cwd=/usr/local/cpanel/whostmgr/docroot 4 args: /usr/sbin/exim -v -M 1ea0NW-00041X-4v
delivering 1ea0NW-00041X-4v
LOG: MAIN
  Sender identification U=countsy5 D=countryclub.do S=***@countryclub.do
Connecting to cluster1.us.messagelabs.com [216.82.241.131]:25 from 107.174.26.221 … connected
  SMTP<< 501 Connection rejected by policy [7.7] 5405, please visit www.messagelabs.com/support for more details about this error message.
  SMTP>> QUIT
  SMTP(close)>>
LOG: MAIN
  H=cluster1.us.messagelabs.com [216.82.241.131]: SMTP error from remote mail server after initial connection: 501 Connection rejected by policy [7.7] 5405, please visit www.messagelabs.com/support for more details about this error message.
Connecting to cluster1.us.messagelabs.com [216.82.249.179]:25 from 107.174.26.221 … connected
  SMTP<< 501 Connection rejected by policy [7.7] 4408, please visit www.messagelabs.com/support for more details about this error message.
  SMTP>> QUIT
  SMTP(close)>>
LOG: MAIN
  H=cluster1.us.messagelabs.com [216.82.249.179]: SMTP error from remote mail server after initial connection: 501 Connection rejected by policy [7.7] 4408, please visit www.messagelabs.com/support for more details about this error message.
Connecting to cluster1.us.messagelabs.com [216.82.241.243]:25 from 107.174.26.221 … connected
  SMTP<< 501 Connection rejected by policy [7.7] 19209, please visit www.messagelabs.com/support for more details about this error message.
  SMTP>> QUIT
  SMTP(close)>>
LOG: MAIN
  H=cluster1.us.messagelabs.com [216.82.241.243]: SMTP error from remote mail server after initial connection: 501 Connection rejected by policy [7.7] 19209, please visit www.messagelabs.com/support for more details about this error message.
Connecting to cluster1.us.messagelabs.com [216.82.249.211]:25 from 107.174.26.221 … connected
  SMTP<< 501 Connection rejected by policy [7.7] 5307, please visit www.messagelabs.com/support for more details about this error message.
  SMTP>> QUIT
  SMTP(close)>>
LOG: MAIN
  H=cluster1.us.messagelabs.com [216.82.249.211]: SMTP error from remote mail server after initial connection: 501 Connection rejected by policy [7.7] 5307, please visit www.messagelabs.com/support for more details about this error message.
Connecting to cluster1.us.messagelabs.com [216.82.242.44]:25 from 107.174.26.221 … connected
  SMTP<< 501 Connection rejected by policy [7.7] 19704, please visit www.messagelabs.com/support for more details about this error message.
  SMTP>> QUIT
  SMTP(close)>>
LOG: MAIN
  H=cluster1.us.messagelabs.com [216.82.242.44]: SMTP error from remote mail server after initial connection: 501 Connection rejected by policy [7.7] 19704, please visit www.messagelabs.com/support for more details about this error message.
Connecting to cluster1a.us.messagelabs.com [216.82.251.230]:25 from 107.174.26.221 … connected
  SMTP<< 220 server-13.tower-555.messagelabs.com ESMTP
  SMTP>> EHLO mailserver.elatomo.com
  SMTP<< 250-server-13.tower-555.messagelabs.com says EHLO to 107.174.26.221:46132
         250-STARTTLS
         250-PIPELINING
         250 8BITMIME
  SMTP>> STARTTLS
  SMTP<< 220 2.0.0 continue
  SMTP>> EHLO mailserver.elatomo.com
  SMTP<< 250-server-13.tower-555.messagelabs.com says EHLO to 107.174.26.221:46132
         250-PIPELINING
         250 8BITMIME
  SMTP>> MAIL FROM:<***@countryclub.do>
  SMTP>> RCPT TO:<***@totalbank.com>
  SMTP>> DATA
  SMTP<< 250 2.0.0 MAIL FROM accepted
  SMTP<< 421 Service Temporarily Unavailable
  SMTP>> QUIT
  SMTP(close)>>
LOG: MAIN
  == ***@totalbank.com R=dkim_lookuphost T=dkim_remote_smtp defer (-44) H=cluster1a.us.messagelabs.com [216.82.251.230]: SMTP error from remote mail server after RCPT TO:<***@totalbank.com>: 421 Service Temporarily Unavailable

0

Related:

Does the “Reference Data Import -LDAP” App supports LDAPS ?

I have download the “Reference Data Import – LDAP” app and try to install it against our internal AD LDAP.

This LDAP is configured as LDAPS (so that is not starttls configuration) but I can’t get the app to work against our AD implementation.

I get these errors in the App.log when I hit the “Test Connection” button in the app.

2017-11-24 11:18:13,900 [com.ibm] [INFO] – 127.0.0.1 [APP_ID/1401][NOT:0000006000] Unable to start TLS with ldaps://:, LDAP connection already secured over SSL (LDAPS)
2017-11-24 11:18:13,902 [com.ibm] [INFO] – 127.0.0.1 [APP_ID/1401][NOT:0000006000] Connecting to ldaps://: with credentials (bind_dn=””; timeout=60s
2017-11-24 11:18:13,944 [com.ibm] [INFO] – 127.0.0.1 [APP_ID/1401][NOT:0000006000] LDAP connection error: {‘desc’: “Can’t contact LDAP server”}
2017-11-24 11:18:13,946 [com.ibm] [INFO] – 127.0.0.1 [APP_ID/1401][NOT:0000006000] Can’t contact LDAP server
2017-11-24 11:18:13,949 [com.ibm] [INFO] – 127.0.0.1 [APP_ID/1401][NOT:0000006000] Connecting to ldaps://: with credentials (bind_dn=””; timeout=60s
2017-11-24 11:18:13,954 [com.ibm] [INFO] – 127.0.0.1 [APP_ID/1401][NOT:0000006000] LDAP connection error: {‘desc’: “Can’t contact LDAP server”}

I have anonomized the above data. and and actually print out in the log the right information.

Hope someone can give me an clear answer if the App supports LDAPS.

Related: