Emails that are greylisted are coming back to the sender with a NDR - ORF Forums

Emails that are greylisted are coming back to the sender with a NDR RSS Back to forum

1

Hi,

On some emails we receive they are being greylisted, but the sender gets a NDR back and then the email fails to resend. I have looked and the grey listing error being sent is 4.7.1 Temporarily rejected. Try again later.
However the sender is getting.
A communication failure occurred during the delivery of this message. Please try resending the message later. If the problem continues, contact your helpdesk.

Diagnostic information for administrators:
Generating server: DUB004-OMC1S11.hotmail.com
#< #5.5.0 smtp;550 relay not permitted> #SMTP#

We run Exchange 2010 on an SBS2011 server and exchange antispam is turned off and ORF transport agent is set to priority 2.

This is happing on approx 30% of emails sent from various domains.

I am a bit stumped on what the issue is, i have this software running and another server and have no issues at all with that?

TIA
Russell.

by russell.singer 8 years ago
2

Hello Russell,

Thank you for reporting this issue. Could you send us the NDR with the complete 'diagnostic information' to ? I would appreciate if you could attach the corresponding ORF log file (e.g. orf-2016-01-18.log) as well - which can be found in the ORF program directory (default: \Program Files (x86)\ORF Fusion). I will review them and get back to you as soon as possible.

by Daniel Novak (Vamsoft) 8 years ago
3

@russell.singer: Do you have more than one active mail server or MX records? In my limited experience with greylisting I have seen some sending servers go thru the entire list of MX records in rapid sequence and then give up on the third 4.7.1 Temporarily rejected. There is no guarantee they will ask once, get the first 4.7.1, wait and then retry later from the same sending IP address to the same receiving server to allow greylisting to work.

by Sam Russo 8 years ago
(in reply to this post)

4

@Sam Russo: Thanks for the replies. We only have one active server and one mx record. The problem seems to have resolved itself. I sent through the best practice settings once more and still had the same error. Rebooting the server for some reason resolved the issue and over the past couple of days we have had no further problems.
Thanks again.

by russell.singer 8 years ago
(in reply to this post)

5

@Sam Russo: Sam is right. There is no guarantee that emails coming from large mail service providers, such as Microsoft (Hotmail/Outlook.com, Office 365) and Google, are resent from the same IP address. They use large clusters of mail servers and the second delivery attempt might originate from a different server, resulting in a series of endless delays.

As a workaround, I suggest adding the mail server IP ranges of Google and Microsoft (and any provider that is not "greylisting friendly") to the Greylisting IP Exception list. I have compiled a list which contains all of the IP ranges that they might use to send emails from. To use it, download the file below and simply import it into ORF (File > Import > Greylisting > IP Exception list). Make sure to save the configuration to apply the changes (Ctrl + S).

https://www.dropbox.com/s/d774q7bvtxjp8or/IP_rngs_20160121.txt?dl=0

To retrieve the up-to-date IP address ranges anytime, use one of the common DNS lookup tools (nslookup, dig, host) and look up the SPF records associated with the problematic domains. The guys at Google were kind enough to even provide step-by-step instructions - that work for any domain - on how to do this: https://support.google.com/a/answer/60764?hl=en

by Daniel Novak (Vamsoft) 8 years ago
(in reply to this post)

6

We see similar behavior. Exchange 2010 on SBS2011 all updates and current ORF. We're seeing it with domains that use salesforce.com.

by Indy 8 years ago

New comment

Fill in the form below to add a new comment. All fields are required. If you are a registered user on our site, please sign in first.

It will not be published.
hnp1 | hnp2