Unable to send email to some domains

Today I worked on an issue where the SBS2003 server could not send mail to some domains.  The NDR when sending to the Microsoft.com domain was similar to:

5.7.1 <Your e-mail was rejected by an anti-spam content filter on gateway. Reasons for rejection may be: obscene language, graphics, or spam-like characteristics. Removing these may let the e-mail through the filter.>

 

Note the Microsoft.com domain is an example, we actually could not send mail to several domains, each with a slightly different NDR.

 

This issue was a result of the receiving mail server doing some sort of lookup on the sending server's IP/Domain and then rejecting the mail based on the lookup.  Typically the receiving server is set to query a blacklist prior to accepting the message.  In this case, the receiving mail server was one of Microsoft's inbound SMTP servers.  I am not sure what the Microsoft mail servers use as far as a blacklist query.  I do know that some blacklists contain entire subnets of IP addresses! 

 

So what to do??  You could contact Microsoft and request that you get off the blacklist.  Microsoft will likely say "hey, we use YourFavRBLList.com and they have you on the list, you will need to contact YourFavRBLList.com to get off their list".  So you diligently go to www.YourFavRBLList.com and follow the instructions.  They are cryptic at best and typically automated.  You can click "test my mailserver for relay" and plug in your IP address and then hope their automated tool works properly...then you wait 48 hours and test again...and hopefully your IP is off the list.  Whew, you can now send mail to the Microsoft.com domain.  Now you can't send mail to Yahoo.com with a similar "your email looks like spam and your IP is dynamic" NDR...so you start the process over again with Yahoo.  You call Yahoo (or hit some sort of web based support site on Yahoo.com) and the person at Yahoo says "hey, we use TheOtherCoolRBL.com list, you will need to call TheOtherCoolRBL.com and get off their list".  So...you go to www.TheOtherCoolRBL.com and do a lookup on your IP, and you show on their list.  However you notice your IP is not specifically blocked but your ENTIRE SUBNET is blocked (like 68.113.*.*).  So you follow their instructions and try to get off *that* list.  Well, come to find out that Yahoo has a standing policy to block "non-business class" IP addresses and your address is classified as "non-business"!  You scratch your head because your customer is paying $100/month for a static IP address from the local ISP's "business services division".  After a strong cup of coffee you decide to quit messing with Yahoo (no one uses Yahoo anyway!) and go on to AOL.  You notice that the NDR from the AOL domain actually contains a link you can click on, like "click on the following link to see why you can't send mail to AOL.com".  When you click on the AOL link, it takes you to a page that says something like "your reverse DNS zone doesn't look quite right".  You throw the mouse across the room and happily watch it smash into a thousand peices (you have been wanting one of the new laser mice anyway!).  REVERSE DNS LOOKUP...aaaaaarrrrrrrgggggghhhhhhhh!!!!!!!!  So you go to www.CoolDNSCheckingWebsite.com and plug in your email domain of FrustratedUser.com.  The results are something like bla.bla.bla.addr.arpa...what the heck does that mean??  You then pick up your stuff, walk out of the office and as you pass the business owner's office and you mention something about going back to "snail mail".

 

...or...

 

...you can do what we did on this case and set the SMTP Connector in Exchange System Manager to "forward to host" and plug in your ISP's mail server and call it a day.

 

As you leave the site, stop by your local computer store and pick up one of those new laser mice...darn they are cool!