Blacklist Email Delivery (邮箱不能发送邮件)

Section 1 Problem (邮箱不能发送邮件)

Do you experience the email delivery error which some emails cannot delivery to some mail addresses (but not all) ? The return error email message as below 5 examples.

>>>Error Message 1 Begin>>>

xxxx@xxxcs.com

ironporta1.molasia.com 發生這個錯誤:
#5.7.1 Your access to submit messages to this e-mail system has been rejected.

將此郵件傳送到這個電郵地址時發生問題。請嘗試重新傳送此郵件。如果問題持續發生,請連絡支援人員。

xxx@xxxcs.com

ironporta1.xxxx.com 發生這個錯誤:
#5.7.1 Your access to submit messages to this e-mail system has been rejected.

將此郵件傳送到這個電郵地址時發生問題。請嘗試重新傳送此郵件。如果問題持續發生,請連絡支援人員。

>> >Error Message 1 End>>>

>>>Error Message 2 Begin>>>

COL004-MC1F49.hotmail.com 拒絕您傳送至下列電郵地址的郵件:

rxxxxu@hotmail.com

COL004-MC1F49.hotmail.com 發生這個錯誤:
OU-002 (COL004-MC1F49) Unfortunately, messages from 2xx.xx.xxx.250 weren’t sent. Please contact your Internet service provider since part of their network is on our block list. You can also refer your provider to http://mail.live.com/mail/troubleshooting.aspx#errors.

將此郵件傳送到這個電郵地址時發生問題。請嘗試重新傳送此郵件。如果問題持續發生,請連絡支援人員。

 

系統管理員的診斷資訊:

產生的伺服器: mail.xxxxx.com.hk

rxxxxxu@hotmail.com
COL004-MC1F49.hotmail.com #550 OU-002 (COL004-MC1F49) Unfortunately, messages from 2xx.xx.xxx.250 weren’t sent. Please contact your Internet service provider since part of their network is on our block list. You can also refer your provider to http://mail.live.com/mail/troubleshooting.aspx#errors. ##

>>> Error Message 2 End>>>

>>>Error Message 3 Begin>>>

sun.01link.net 拒絕您傳送至下列電郵地址的郵件:

xxx@xxx.com

sun.01link.net 發生這個錯誤:
“JunkMail rejected – mail.keetat.com.hk [2
xx.xx.xxx.250]:28500 is in an RBL, see Blocked – see http://cbl.abuseat.org/lookup.cgi?ip=219.76.176.250

將此郵件傳送到這個電郵地址時發生問題。請嘗試重新傳送此郵件。如果問題持續發生,請連絡支援人員。

>>> Error Message 3 End>>>

>>>Error Message 4 Begin>>>

傳遞至下列收件者或群組失敗:

xxx@xxxl.com
伺服器嘗試傳遞此郵件,但沒有成功,現在已停止嘗試。請嘗試重新傳送此郵件。如果問題持續發生,請聯絡支援人員。

>>> Error Message 4 End>>

>>>Error Message 5 Begin>>>

From: Mail Delivery System [mailto:MAILER-DAEMON@yxxxr.com]

Sent: Wednesday, April 01, 2015 1:00 PM

To: xxxxx@xxx.com.hk

Subject: Undelivered Mail Returned to Sender

Importance: High

 

This is the mail system at host uk.yi-enter.com.

 

I’m sorry to have to inform you that your message could not be delivered to one or more recipients. It’s attached below.

 

For further assistance, please send mail to postmaster.

 

If you do so, please include this problem report. You can delete your own text from the attached returned message.

 

The mail system

 

<xxx@xxxx.com>: host mxwcom.263xmail.com[211.150.82.6] said: 550

xxx@xxxx.com:user not exist (in reply to RCPT TO command)

>>> Error Message 5 End>>>

 

Section 2. Investigation (分析)

The problem is that those reputed network computer declared our email domain server is spam and blacklist us. We found from the http://mxtoolbox.com, and it will come up the blacklist result which we require to apply for removing blacklist item one by one. However, Weexperience that those blacklist is very difficult to be completely removed. The actual situation is that we cannot guarantee our network without any spam and virus especially difficult for small SME without much investment on network security.

email-blacklist-1

Even-though I submitted for removal, the result was that some were removed, but some others added, as below diagram.Maybe a period of time after removal, it put thedomain to blacklist again.It is a very annoying problem, and quite trouble.

email-blacklist-2

Section 3. Solution (解决方法)

Join the Email Relay Pay Service. 付费给中继服务供应商,采用他们的中继服务器作为Exchange转发主机,设置如下描述。

Step 1. 打开Exchange2010管理控制台-〉组织配置-〉集线器传输-〉发送连接器

email-relay-1

Step 2.右键新建发送连接器,填写smtp名称

email-relay-2

Step 3. 添加地址空间

email-relay-3

Step 4. 在地址空间添加SMTP,输入*走中继服务。

email-relay-4

Step 5. 选择通过以下智能主机路由邮件

email-relay-5

Step 6. 添加新的智能主机,完全限定的域名:mailrelay.xxxxx.com(手动输入确保正确)

email-relay-6

Step 7.

email-relay-7

Step 8

email-relay-8

Step 9

email-relay-9

Step 10

email-relay-10

Step 11

email-relay-11

 

Step 12. 自己的连接器需要禁用,Select “Yes” below:

email-relay-12

 

Step 13. 重启exchange 传输服务,传输服务在windows系统的管理工具的服务里面,查找 Exchange  Transport Service。 restart

email-relay-13

Step 14. 在域名的dns管理下面加上中继地址的记录,v=spf1 include:spf.yi-xxxxr.com ~all

替换掉这一条无用的spf记录

 

 

email-relay-14

email-relay-15

 

Step 15. dns系统可能在国内还未刷新,在谷歌已经刷新了,仍有退信问题,就是spf记录!不用太担心!生效后,就可以了!

亦可删除以下的DNS项目,disable 谷歌:

Text(TXT) ,google-site-verification=KQNoFNHJ2d18XVfDByr1Yh6asZru7Opedw-c6p2DM-o

email-relay-16

 - END -

规范电子邮件发送对象

主旨: 规范发送邮件的收件者,减少不必要的邮件传递,防止收件人浪费收阅邮件的时间。

问题现象:若果当事人每天收到的邮件达200-250份,如果不全数阅读这些邮件,会担心重要的信息被忽略,如果全数阅读邮件,则又会浪费很多的时间,处理不到其它事情。我相信很多人有这样的烦恼。 Read More

IT人在工廠日記 – CBL 電郵封鎖問題 (2014/06/18)

最近兩個月,我公司的電郵系統地址經常被 http://www.spamhaus.org/ 列到 CBL 黑名單中,而限制了電郵的傳送,影響公司運作。CBL 黑名單的起因是網絡內某些電腦中了木馬病毒,例如:Conficker botnet,這會发送了大量的垃圾邮件给对方,因而被封鎖。我用過網絡掃描、更新殺毒軟件…等等方法,解決了問題,但是,一、兩星期後,又再被列到CBL 黑名单中,經常解決後又發生,是認真煩擾。

剛好收到雲盟公司郵件中繼轉發服務的廣告,此服務主要解決的是外發郵件退回問題,企業郵件服務器通過設置中繼轉發服務器地址,便可保證正常發送;而服務價錢不貴,唯有採用吧。

唉!我真懷疑制造問題和解決問題的是同一火伙人,我們越是倚賴某事,便越大機會被人利用來威脅,詐取好處,例如這次的電郵問題;所以最好便是充實自己,有能力自保,不受威脅。

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

參考資料: 

1. http://www.yienter.com/

2. http://cbl.abuseat.org/

3. http://www.spamhaus.org/lookup.lasso

4. How to find BOTs in a LAN

4.1 On Windows, use this in a dos command window:

在DOS 下跑 :   netstat 5

This will give you a list of all network connections your machine has open, much like *NIX netstat above every 5 seconds until you stop it. You’re looking for very much the same sort of things as *NIX netstat above. You’ll probably see Microsoft, Yahoo and other familiar names – they’re normal (from your browser, IM etc). “Akamai” perhaps won’t be familiar, but it’s normal too. Lots of port 25 connections is the usual sign of infection.

4.2 Port Scanners using Nmap tool

Detailed description of how to use nmap is well beyond the scope of this paper. For our purposes, the following command will do most of what you want and be non-destructive – won’t do any damage:

nmap -A [machine or network specification]

nmap-scan

有效电邮通信的9个技巧

1。 显示名称
正确在电邮中显示您自己的姓名,这是收件人将收到您的第一个良好印象。
各自邮件的‘个人信息显示名称要填写,例如:王大明的 “Wang Daimin(王小明)”,英文姓的第一个字母为大写,英文名的第一个字母也为大写,姓与名之间加空格作为间隔,中文姓名写在括号内;致於公共邮箱而又是专人专用,应按公司标准格式,写上中英文姓名,若是多人共用的部门邮箱,亦应写上英文部门名称,及中文部门名称於括号内。 Read More

Security Awareness for email & Internet usage

General Rules of using email from Corp IT policy:

l  There should be a clear business objective and need to send a mass mail.

l  The target group should be carefully selected so that the mail is relevant to all or most of the people receiving it.

l  Don’t spend spam: such as advertising or anything that can be considered as junk mail. Read More