My company is having issues with returned mail that we send out to external domains.
A few weeks ago we replaced a firewall and changed ISP providers and began subsequently having issues RECEIVING emails from external sources because we hadn't updated our new IPs in the DNS records. After making the necessary configuration changes and setting up SMTP forwarding over port 25 to our mail server, everything was working fine up until a few days ago when we started having mail sent out returned to us. We aren't having any trouble communicating internally (to recipients on our domain) but it seems we're having trouble with outbound messages to web-based email recipients. (@hotmail, @live, @yahoo, @gmail...etc)
Currently we are running Server 2003 SP2 and exchange 2003. I'm very unfamiliar with configuring Exchange and could really use some help in narrowing down the possibilities. I did some research and am becoming suspicious of Sender ID being the culprit due to our recent IP address change and the likelihood that Sender ID is identifying us as a fake domain. Am I going in entirely the wrong direction? Any input or guidance would be infinitely appreciated.
This is the message that is returned when an outbound message fails...this particular one was sent to my @live.com account for testing purposes...
Your message did not reach some or all of the intended recipients. The following recipient(s) could not be reached: [email protected] on 5/17/2012 3:02 PM There was a SMTP communication problem with the recipient's email server. Please contact your system administrator. Unfortunately, messages from xx.x.xx.x weren't sent. Please contact your Internet service provider since part of their network is on our block list.
I tried a reverse DNS lookup and found that we are set up as a Forward-confirmed reverse DNS. So do I just need to contact my ISP and have them correct their DNS records or is this something I can solve on our end??
MX ToolBox is a great tool for these situations. It checks all your DNS records, and other common configurations. It can check most blocklists for your server's IP address as well.
Go to https://www.mxtoolbox.com/diagnostic.aspx and enter your IP address. This does the basic SMTP diags.
After it runs, you will see a link for blacklist near the bottom of the transcript. Click that to check for blocklists.
The text of that bounce message at least will point you in the right direction:
In other words, the receiving end rejected the mail because the sending IP address (ie, your IP address) is in its blocklist.
You also mention in your question that the outbound delivery problem started after a renumbering, and that outbound delivery worked without problems prior to the change in IP address.
Based on this data, the IP address was probably (but not necessarily) blacklisted before you got it, most likely due to the actions of a previous customer of your ISP.
Hopefully this will at least point you in the right direction towards getting this fixed.