Announcement

Collapse
No announcement yet.

Large ISPs blocking port 25?

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Large ISPs blocking port 25?

    Hello all, we have a single Exchange 2003 server and we cannot send to larger ISPs. We continuously get send message errors for AOL, Comcast, SBC Yahoo, SBCGlobal, and AT&T. I googled this and have seen posts about these ISP blocking port 25 (except when from their internal servers) to help ccontrol spam. Is this true? What I have seen on the net is the different ISPs are using different ports to receive inbound e-mails. If this is not the case, what else could be the problem? I am not on any blacklists. I have an IP address exclusively for our exchange server. I am not an open relay. Ani suggestions?

  • #2
    Re: Large ISPs blocking port 25?

    What do the messages actually say?
    How did you check your blacklisting? (mxtoolbox.com is good).
    Do you have a reverse looking for your mail server as well. I know AOL require this for example.
    cheers
    Andy

    Please read this before you post:


    Quis custodiet ipsos custodes?

    Comment


    • #3
      Re: Large ISPs blocking port 25?

      The messages are as follows and these are known good addresses. This is an account that the VP of our company has had for years:

      --- On Tue, 9/23/08, [email protected] <[email protected]> wrote:
      From: [email protected] <[email protected]>
      Subject: Delivery Status Notification (Failure)
      To: [email protected]
      Date: Tuesday, September 23, 2008, 9:47 AM
      This is an automatically generated Delivery Status Notification.

      Delivery to the following recipients failed.

      This one stated failure, there are many that say you do not have permission to send to this account.

      I used a company calle habeus which checks the top 25 blacklists.

      I turned off reverse lookup as it was creating a lot of delayed delivery notices.

      Comment


      • #4
        Re: Large ISPs blocking port 25?

        Just to be sure I would drop your IP into the mxtoolbox site to see what that shows (it is free).
        Some servers don't accept email from addresses without a PTR. Run the diagnostics at the same site too.

        If you telnet to the external mailserver can you send a mail successfully?
        cheers
        Andy

        Please read this before you post:


        Quis custodiet ipsos custodes?

        Comment


        • #5
          Re: Large ISPs blocking port 25?

          I am ok with the blacklist check. Nothing shows up.

          Here are the results of the diagnostics:

          RESULT: websvc02.blackindustrial.com
          Banner: barracuda.blackindustrial.com ESMTP (8061279c63915130cd4dbf3e39ad8cee) [156 ms]
          Connect Time: 0.031 seconds - Good
          Transaction Time: 0.391 seconds - Good
          Relay Check: OK - This server is not an open relay.
          Rev DNS Check: OK - 12.48.56.20 resolves to blackindustrial.com
          GeoCode Info: Geocoding server is unavailable
          Session Transcript: HELO please-read-policy.mxtoolbox.com
          250 barracuda.blackindustrial.com Hello mxtb-pws1.mxtoolbox.com [64.20.227.131], pleased to meet you [31 ms]
          MAIL FROM: <[email protected]>
          250 Ok [31 ms]
          RCPT TO: <[email protected]>
          550 No such domain at this location ([email protected]) [109 ms]
          QUIT
          221 Bye [31 ms]

          Comment


          • #6
            Re: Large ISPs blocking port 25?

            Assuming you posted the correct domains in your post (you should change them)
            From DNSStuff I note

            WARNING: You have duplicate MX records. This means that mailservers may try delivering mail to the same IP more than once. Although technically valid, this is very confusing, and wastes resources. The duplicate MX records are:
            wxxxxx02.xxxxxxxx.xxx. and baxxxxxda..xxxxxxxx.xxx. both resolve to 11.44.55.22.

            Your domain does not have an SPF record. This means that spammers can easily send out E-mail that looks like it came from your domain, which can make your domain look bad (if the recipient thinks you really sent it), and can cost you money (when people complain to you, rather than the spammer). You may want to add an SPF record ASAP, as 01 Oct 2004 was the target date for domains to have SPF records in place (Hotmail, for example, started checking SPF records on 01 Oct 2004).

            What AV do you have on your Exchange? What does message tracking show for these emails?
            cheers
            Andy

            Please read this before you post:


            Quis custodiet ipsos custodes?

            Comment


            • #7
              Re: Large ISPs blocking port 25?

              ISPs blocking port 25 would not affect your ability to send them email. The port blocking that you have referred to is for outbound email, to stop clients running SMTP servers on their networks without them being able to charge them a larger fee.

              What you could be confusing it with is antispam measures such as reverse DNS and SMTP banner. While an SPF record can help, it is not going to be the magic bullet to get your email delivered.

              If you are on a dynamic IP address then you should be sending your email via your ISPs SMTP Server. If you are on a static IP address then get a reverse DNS entry setup by your ISP. If you cannot then you will have to use your ISPs SMTP Server as a smart host on a SMTP connector.

              Simon.
              --
              Simon Butler
              Exchange MVP

              Blog: http://blog.sembee.co.uk/
              More Exchange Content: http://exchange.sembee.info/
              Exchange Resources List: http://exbpa.com/
              In the UK? Hire me: http://www.sembee.co.uk/

              Sembee is a registered trademark, used here with permission.

              Comment


              • #8
                Re: Large ISPs blocking port 25?

                Originally posted by Sembee View Post
                ISPs blocking port 25 would not affect your ability to send them email. The port blocking that you have referred to is for outbound email, to stop clients running SMTP servers on their networks without them being able to charge them a larger fee.
                I think it is different from country to country.
                Here in Denmark, our largest ISP blocks port 25 indbound and outbound.
                The trick here, is to use the ISP's SMTP as Smart Host, as you pointet out

                To recieve mail, make a secondary mx-record, and point it to the ISP's mx-backupserver. The first mx-record will make a timeout because of the blocked port 25. The ISP's mx-server recieves the mail, and forward it to you
                Best regards,
                Carsten.

                Comment


                • #9
                  Re: Large ISPs blocking port 25?

                  Originally posted by cs.dk View Post

                  To receive mail, make a secondary mx-record, and point it to the ISP's mx-backupserver. The first mx-record will make a timeout because of the blocked port 25. The ISP's mx-server recieves the mail, and forward it to you
                  That depends on the ISP being cooperative. Many of them are not, or will charge extra for that service. That is why mail hop type services are popular, allowing email to come in on another port.

                  Simon.
                  --
                  Simon Butler
                  Exchange MVP

                  Blog: http://blog.sembee.co.uk/
                  More Exchange Content: http://exchange.sembee.info/
                  Exchange Resources List: http://exbpa.com/
                  In the UK? Hire me: http://www.sembee.co.uk/

                  Sembee is a registered trademark, used here with permission.

                  Comment

                  Working...
                  X