This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Mail rejected "550 Administrative prohibition"

A customer is unable to send us mail, but they could before. The Sophos UTM SMTP log shows nothing when I click on the line. Ie the Delivery Log is empty.

The reason in the list is just "Rejected: Spam (confirmed)" which isn't that helpful.

The undeliverable message the sender received said:

"astaro1.bordo.com.au rejected your message to the following e-mail addresses:

'Anna' (annax@bordo.com.au)  

astaro1.bordo.com.au gave this error:
Administrative prohibition 

A problem occurred during the delivery of this message to this e-mail address. Try sending this message again. If the problem continues, please contact your helpdesk.

Diagnostic information for administrators:

Generating server: MMSBS.minemech.local

annax@bordo.com.au
astaro1.bordo.com.au #550 Administrative prohibition ##

Checking to see if they are on any RBLs using Multi-RBL Check Results | The Anti-Abuse Project

gives the all-clear.

The original message headers say:

Received: from MMSBS.minemech.local ([fe80::2c93:2b2b:3019:e3c4]) by
MMSBS.minemech.local ([fe80::2c93:2b2b:3019:e3c4%10]) with mapi id
14.01.0438.000; Mon, 17 Nov 2014 13:18:30 +1000

I presume the problem is the SMTP host name?

(If so, why doesn't it say so!)

Any suggestions would be most appreciated.

Thanks,

James.


This thread was automatically locked due to age.
  • must be that somewhere a blacklist has gone gaga? at the moment I am whitelisting domains on my UTM, but this seems to me to NOT be the solution. anybody?
  • Same thing here with a lot of mail senders.
    When I check the sender ip's at Cyren IP manually, they do not have any information about the sender ip's.

    Regards
  • According to RonaldJ, this problem should have been resolved by an hour and a half after MichaelP's post above: https://community.sophos.com/products/unified-threat-management/astaroorg/f/56/t/49612

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • I can confirm that this seems to have been resolved, thank you! (It did take almost 72 hours, thought...)
  • Looks like the problem is back for me: 

    2020:02:03-14:58:04 astaro1-1 exim-in[19739]: 2020-02-03 14:58:04 1iySs7-00058N-0M DKIM: d=cambrown-org.20150623.gappssmtp.com s=20150623 c=relaxed/relaxed a=rsa-sha256 [verification succeeded]
    2020:02:03-14:58:05 astaro1-1 exim-in[19739]: 2020-02-03 14:58:05 1iySs7-00058N-0M ctasd reports 'Confirmed' RefID:str=0001.0A15020A.5E3785C8.0078,ss=4,sh,re=0.000,recu=0.000,reip=0.000,cl=4,cld=1,fgs=8
    2020:02:03-14:58:05 astaro1-1 exim-in[19739]: 2020-02-03 14:58:05 1iySs7-00058N-0M id="1003" severity="info" sys="SecureMail" sub="smtp" name="email rejected" srcip="2607:f8b0:4864:20::52c"
     
    James.
  • ctasd reports 'Confirmed'

    James, I think  this is a different issue than the one from 2015.  I recommend changing 'Reject at SMTP time' to "Off" and the 'Confirmed Spam' option to "Quarantine" instead of blackholing them.  That will give you the opportunity to see which senders need to be whitelisted or have an Exception created.  Later, you can turn Reject and Blackhole back on.

    Any better luck with that?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA