Hi all,

We have an issue with a new Exchange 2013 environment consisting of 2 CAS and 2 MBX servers running on Windows 2012 R2. The messages sent from these servers are being bounced by more than 1 enterprise sized organizations using Edge servers without probable cause.. The only error it is giving back is: Remote Server returned '550 5.7.1 Message rejected due to content restrictions'

What was checked/changed sofar:

- Updated Exchange to CU8

- Blacklists

- Reverse DNS addresses

- Sending mail through a 3rd party smarthost

- Enabled header firewall to clean routing info from header

- Told the send connector use HELO instead of EHLO

- Told the send connector to ignore STARTTLS

- Changed RemoteDomain Characterset and NonMimeCharacterSet from ISO-8859-1 to UTF-8

- Changed RemoteDomain LineWrapSize to 78

- Changed RemoteDomain ContentType from MimeHtmlText to MimeText


Now, the following part may be important..

What we now found out is when we forwarded the NDR message to another 3rd party mail server, then forward the NDR from there to the original recipient it will also bounce? Even when we copy a small bit from that NDR or original message into a new email on the working environment the message will get bounced..

I'm getting desperate, please help!! Thanks in advance!


-Emile

• Edited by Emile Dorst 23 hours 3 minutes ago

Hello Ed,

Thank you for your reply! Very true, sorry, I'm not using NLB to load balance, it's a DAG consisting of 1 FSW, 2 MBX and 2 seperate CAS servers..

Hello S. Nithyanandham

Yes, the message is being rejected due to restricted content, problem is I can't find any..

Just got an e-mail from Microsoft Support stating there is nothing wrong with the Exchange environment but we're dealing with a false positive. I've notified Cloudmark and now waiting for response.

"We have an issue with a new Exchange 2013 cluster consisting of 2 CAS and 2 MBX servers..."

Maybe that's your problem.  CAS and Mailbox servers can't be in the same cluster.  CAS servers can't be in a cluster at all unless you're talking about a Network Load Balancing cluster.  If you have a DAG, which is what I presume you're talking about with the Mailbox servers and the CAS and Mailbox roles are on the same server, you can't use NLB because they're incompatible.

Hi ,

Seems like Content filter Agent is enabled on the Edge server .Please have a look in to the below mentioned message.

The only error it is giving back is: Remote Server returned '550 5.7.1 Message rejected due to content restrictions'

So the message which is send from your side is blocked by content filter Agent in Edge server due to restricted content on the send message.

If they're just CAS servers they can't be a member of the DAG.

So you're saying that messages leaving your organization are being bounced by other organizations?  That wouldn't be a problem with your Exchange Server but by what you're sending or something else like maybe being blacklisted.