|
|
|
date: Tue, 1 Jul 2008 17:14:00 -0700,
group: microsoft.public.exchange.clients
back
Re: 554 5.7.1
These are messages your users are sending to outside domains, right?
The recipients' antispam measures consider your server to be a spam source,
as you're being told in the NDR. That could be because you're blacklisted,
your subnet is suspect perhaps because of your ISP, you have a dynamic IP
address, your SPF record isn't right, or something else. I'd recommend you
contact the recipients' postmasters.
--
Ed Crowley
MVP - Exchange
"Protecting the world from PSTs and brick backups!"
"Roland Hall" wrote in message
news:2ACDA496-432A-450A-BDF6-D626B6D1F001@microsoft.com...
> Your message did not reach some or all of the intended recipients.
>
> Subject: RE: my docs
> Sent: 7/1/2008 3:41 PM
>
> The following recipient(s) could not be reached:
>
> xxx@xxx.com on 7/1/2008 3:41 PM
> You do not have permission to send to this recipient. For
> assistance, contact your system administrator.
> <xxx.xxx.xxx #5.7.1 smtp;554 5.7.1 The message from
> () with the subject of (RE: my docs) matches a profile the
> Internet community may consider spam. Please revise your message before
> resending.>
>
> I've x'd out the addresses. I have numerous customers having this same
> issue. The current work around is to send mail in plain text. It appears
> there was an update, perhaps a security update, on Exchange servers
> recently.
> It does not effect everyone sending nor everyone receiving (foreign
> recipients) but when it does, converting the same message to plain text
> allows it to send properly.
>
> One would think it was content filtering or filtering all HTML formatted
> mail but doubtful this many people would have made this modication
> consciously as a group effort.
>
> None of these domains is showing any RBLs or any DNS issues. It just
> appears to block HTML formatted mail.
date: Tue, 1 Jul 2008 21:55:19 -0700
author: Ed Crowley [MVP]
Re: 554 5.7.1
Ed...
Please re-read my post. It ONLY blocks HTML formatted mail. It does NOT
block plain text mail. (Emphasis added for legibiltiy)
It's not a RBL, DNSBL, nothing re: the ISP and a suspicious subnet, no
dynamic IPs, no issues with SPF records, etc.
All of these, AT DIFFERENT CUSTOMERS, started happening around the same
time, for various customers, with various of their customers and it's
showing up more and more. My customers are NOT related to each other and
short of updates from MSFT, nothing has been modified in any of these
networks and they're all running Exchange/Outlook 2K3/2K7. They have
different ISPs. The ONLY common denominator is MSFT.
There are NO logos and NO SPAM content and NO reason for any of these
messages to be blocked.
--
Roland Hall
"Ed Crowley [MVP]" wrote in message
news:%23XJfU$$2IHA.2348@TK2MSFTNGP06.phx.gbl...
> These are messages your users are sending to outside domains, right?
>
> The recipients' antispam measures consider your server to be a spam
> source, as you're being told in the NDR. That could be because you're
> blacklisted, your subnet is suspect perhaps because of your ISP, you have
> a dynamic IP address, your SPF record isn't right, or something else. I'd
> recommend you contact the recipients' postmasters.
> --
> Ed Crowley
> MVP - Exchange
> "Protecting the world from PSTs and brick backups!"
>
> "Roland Hall" wrote in message
> news:2ACDA496-432A-450A-BDF6-D626B6D1F001@microsoft.com...
>> Your message did not reach some or all of the intended recipients.
>>
>> Subject: RE: my docs
>> Sent: 7/1/2008 3:41 PM
>>
>> The following recipient(s) could not be reached:
>>
>> xxx@xxx.com on 7/1/2008 3:41 PM
>> You do not have permission to send to this recipient. For
>> assistance, contact your system administrator.
>> <xxx.xxx.xxx #5.7.1 smtp;554 5.7.1 The message from
>> () with the subject of (RE: my docs) matches a profile
>> the
>> Internet community may consider spam. Please revise your message before
>> resending.>
>>
>> I've x'd out the addresses. I have numerous customers having this same
>> issue. The current work around is to send mail in plain text. It
>> appears
>> there was an update, perhaps a security update, on Exchange servers
>> recently.
>> It does not effect everyone sending nor everyone receiving (foreign
>> recipients) but when it does, converting the same message to plain text
>> allows it to send properly.
>>
>> One would think it was content filtering or filtering all HTML formatted
>> mail but doubtful this many people would have made this modication
>> consciously as a group effort.
>>
>> None of these domains is showing any RBLs or any DNS issues. It just
>> appears to block HTML formatted mail.
>
>
date: Wed, 2 Jul 2008 07:44:50 -0500
author: Roland Hall nobody@nowhere
Re: 554 5.7.1
On Wed, 2 Jul 2008 07:44:50 -0500, "Roland Hall" <nobody@nowhere>
wrote:
>Ed...
>
>Please re-read my post. It ONLY blocks HTML formatted mail. It does NOT
>block plain text mail. (Emphasis added for legibiltiy)
>It's not a RBL, DNSBL, nothing re: the ISP and a suspicious subnet, no
>dynamic IPs, no issues with SPF records, etc.
>
>All of these, AT DIFFERENT CUSTOMERS, started happening around the same
>time, for various customers, with various of their customers and it's
>showing up more and more. My customers are NOT related to each other and
>short of updates from MSFT, nothing has been modified in any of these
>networks and they're all running Exchange/Outlook 2K3/2K7. They have
>different ISPs. The ONLY common denominator is MSFT.
>
>There are NO logos and NO SPAM content and NO reason for any of these
>messages to be blocked.
I would still ask the people on the other end whose systems are
blocking the mail. Personally, I havent heard of anyone else having
these issues on the level you are implying.
date: Wed, 02 Jul 2008 08:51:54 -0400
author: Andy David {MVP}
Re: 554 5.7.1
"Andy David {MVP}" wrote in message
news:hbum6410tbk4629fqtjc4mdu2390gef4da@4ax.com...
> On Wed, 2 Jul 2008 07:44:50 -0500, "Roland Hall" <nobody@nowhere>
> wrote:
>
>>Ed...
>>
>>Please re-read my post. It ONLY blocks HTML formatted mail. It does NOT
>>block plain text mail. (Emphasis added for legibiltiy)
>>It's not a RBL, DNSBL, nothing re: the ISP and a suspicious subnet, no
>>dynamic IPs, no issues with SPF records, etc.
>>
>>All of these, AT DIFFERENT CUSTOMERS, started happening around the same
>>time, for various customers, with various of their customers and it's
>>showing up more and more. My customers are NOT related to each other and
>>short of updates from MSFT, nothing has been modified in any of these
>>networks and they're all running Exchange/Outlook 2K3/2K7. They have
>>different ISPs. The ONLY common denominator is MSFT.
>>
>>There are NO logos and NO SPAM content and NO reason for any of these
>>messages to be blocked.
>
>
> I would still ask the people on the other end whose systems are
> blocking the mail. Personally, I havent heard of anyone else having
> these issues on the level you are implying.
>
Which would explain why I cannot find anything about it on the net but it
sounds very new. I did just see a message today that one was being blocked
for VBA content but none of the others have that.
Is it possible that mail is being sent out as RTF so VBA macros might be
included?
--
Roland Hall
date: Wed, 2 Jul 2008 08:23:46 -0500
author: Roland Hall nobody@nowhere
Re: 554 5.7.1
In article , nobody@nowhere
says...
> Ed...
>
> Please re-read my post. It ONLY blocks HTML formatted mail. It does NOT
> block plain text mail. (Emphasis added for legibiltiy)
> It's not a RBL, DNSBL, nothing re: the ISP and a suspicious subnet, no
> dynamic IPs, no issues with SPF records, etc.
>
> All of these, AT DIFFERENT CUSTOMERS, started happening around the same
> time, for various customers, with various of their customers and it's
> showing up more and more. My customers are NOT related to each other and
> short of updates from MSFT, nothing has been modified in any of these
> networks and they're all running Exchange/Outlook 2K3/2K7. They have
> different ISPs. The ONLY common denominator is MSFT.
>
> There are NO logos and NO SPAM content and NO reason for any of these
> messages to be blocked.
Personally, I would love it if all HTML e-mail was blocked everywhere.
It would eliminate a huge group of malware attack vectors, and would
dramatically reduce the bandwidth needed for e-mail.
--
Remove the ns_ from if replying by e-mail (but keep posts in the
newsgroups if possible).
date: Wed, 2 Jul 2008 10:33:56 -0400
author: David Kerber
Re: 554 5.7.1
I agree but one of my customers actually told me yesterday, "but plain text
is not as pretty."
--
Roland Hall
"David Kerber" wrote in message
news:MPG.22d55be11c81d2b4989c8c@news.conversent.net...
In article , nobody@nowhere
says...
> Ed...
>
> Please re-read my post. It ONLY blocks HTML formatted mail. It does NOT
> block plain text mail. (Emphasis added for legibiltiy)
> It's not a RBL, DNSBL, nothing re: the ISP and a suspicious subnet, no
> dynamic IPs, no issues with SPF records, etc.
>
> All of these, AT DIFFERENT CUSTOMERS, started happening around the same
> time, for various customers, with various of their customers and it's
> showing up more and more. My customers are NOT related to each other and
> short of updates from MSFT, nothing has been modified in any of these
> networks and they're all running Exchange/Outlook 2K3/2K7. They have
> different ISPs. The ONLY common denominator is MSFT.
>
> There are NO logos and NO SPAM content and NO reason for any of these
> messages to be blocked.
Personally, I would love it if all HTML e-mail was blocked everywhere.
It would eliminate a huge group of malware attack vectors, and would
dramatically reduce the bandwidth needed for e-mail.
--
Remove the ns_ from if replying by e-mail (but keep posts in the
newsgroups if possible).
date: Wed, 2 Jul 2008 21:17:15 -0500
author: Roland Hall nobody@nowhere
Re: 554 5.7.1
The update is some of these were setup to send RTF mail and not use MS Word
as the editor. Two others, one which I saw, one remote in the Gulf of
Mexico, were set as HTML and one set with MS Word as the editor. Not sure
about the one offshore. No reply to that question yet. This is the one
that had a return of embedded VBA macros. I find it hard to believe this is
HTML formatted.
The question is why did this suddenly start happening? Does Exchange, by
default, block RTF mail from foreign email addresses and allow it from local
users?
--
Roland Hall
"Roland Hall" <nobody@nowhere> wrote in message
news:uTTccbE3IHA.1428@TK2MSFTNGP06.phx.gbl...
"Andy David {MVP}" wrote in message
news:hbum6410tbk4629fqtjc4mdu2390gef4da@4ax.com...
> On Wed, 2 Jul 2008 07:44:50 -0500, "Roland Hall" <nobody@nowhere>
> wrote:
>
>>Ed...
>>
>>Please re-read my post. It ONLY blocks HTML formatted mail. It does NOT
>>block plain text mail. (Emphasis added for legibiltiy)
>>It's not a RBL, DNSBL, nothing re: the ISP and a suspicious subnet, no
>>dynamic IPs, no issues with SPF records, etc.
>>
>>All of these, AT DIFFERENT CUSTOMERS, started happening around the same
>>time, for various customers, with various of their customers and it's
>>showing up more and more. My customers are NOT related to each other and
>>short of updates from MSFT, nothing has been modified in any of these
>>networks and they're all running Exchange/Outlook 2K3/2K7. They have
>>different ISPs. The ONLY common denominator is MSFT.
>>
>>There are NO logos and NO SPAM content and NO reason for any of these
>>messages to be blocked.
>
>
> I would still ask the people on the other end whose systems are
> blocking the mail. Personally, I havent heard of anyone else having
> these issues on the level you are implying.
>
Which would explain why I cannot find anything about it on the net but it
sounds very new. I did just see a message today that one was being blocked
for VBA content but none of the others have that.
Is it possible that mail is being sent out as RTF so VBA macros might be
included?
--
Roland Hall
date: Wed, 2 Jul 2008 21:21:25 -0500
author: Roland Hall nobody@nowhere
Re: 554 5.7.1
Question: is there any commonality between your recipients?
In specific, are your complainants' hosted on att.yahoo?
"Roland Hall" <nobody@nowhere> wrote in message
news:%2334WqLL3IHA.5088@TK2MSFTNGP03.phx.gbl...
>I agree but one of my customers actually told me yesterday, "but plain text
> is not as pretty."
>
> --
> Roland Hall
> "David Kerber" wrote in message
> news:MPG.22d55be11c81d2b4989c8c@news.conversent.net...
> In article , nobody@nowhere
> says...
>> Ed...
>>
>> Please re-read my post. It ONLY blocks HTML formatted mail. It does NOT
>> block plain text mail. (Emphasis added for legibiltiy)
>> It's not a RBL, DNSBL, nothing re: the ISP and a suspicious subnet, no
>> dynamic IPs, no issues with SPF records, etc.
>>
>> All of these, AT DIFFERENT CUSTOMERS, started happening around the same
>> time, for various customers, with various of their customers and it's
>> showing up more and more. My customers are NOT related to each other and
>> short of updates from MSFT, nothing has been modified in any of these
>> networks and they're all running Exchange/Outlook 2K3/2K7. They have
>> different ISPs. The ONLY common denominator is MSFT.
>>
>> There are NO logos and NO SPAM content and NO reason for any of these
>> messages to be blocked.
>
> Personally, I would love it if all HTML e-mail was blocked everywhere.
> It would eliminate a huge group of malware attack vectors, and would
> dramatically reduce the bandwidth needed for e-mail.
>
> --
> Remove the ns_ from if replying by e-mail (but keep posts in the
> newsgroups if possible).
>
>
date: Fri, 4 Jul 2008 02:19:04 -0700
author: Beoweolf
|
|
