Print Page | Close Window

557 You are not allowed to send mail to

Printed From: LogSat Software
Category: Spam Filter ISP
Forum Name: Spam Filter ISP Support
Forum Description: General support for Spam Filter ISP
Printed Date: 21 May 2019 at 9:14am

Topic: 557 You are not allowed to send mail to
Posted By: ykaraman1
Subject: 557 You are not allowed to send mail to
Date Posted: 22 March 2007 at 12:16pm

I am receiving the following message when I attempt to send mail from an outlook client to an external e-mail account:

557 You are not allowed to send mail to -

Interestingly, when I use the Mail Enable web client I don't receive the message and the e-mail gets sent to its destination (internal or external).

I setup Spam Filter and Mail Enable on the same server. SF listens to one IP address (e.g. of the server at port 25 and relays it to my Mail Enable server on address (e.g. at port 25. This works fine on ME web mail (inbound and out). This also works on outlook clients on inbound external mail or in/outbound internal mail. But when I attempt to send an outbound external mail from Outlook I get the message listed above.

My ME server sends mail on IP at port 25.

I have to run SF and ME on the same server.

Your help will be appreciated as we are getting close to making a puchase decision.



Posted By: LogSat
Date Posted: 22 March 2007 at 4:00pm

Form the 557 error you described, it appears that the outlook client is connecting to SpamFilter, not to MailEnable, to send out its email. As SpamFilter by default will not emails to be relayed to a domain that is not in your local domains list, SpamFilter will reject the connectino with a 557 error.

You have several options available.
  • Ensure your outlook client is using ME's IP of as their "Outgoing SMTP Server". If you believe this is how the client is configured, make sure that SpamFilter and ME are not "fighting" to listen on port 25 on the server. By default SpamFilter will bind to port 25 on all IPs on the server. You can of course specify a single IP address to use, but you will need to do the same with ME. To verify which software is listening on port 25 of an IP, simply open a MSDOS prompt ant type "telnet 25". The welcome banner you receive should indicate that ME (and not SF) is listening on that IP.
  • If you want the outlook client to use SpamFilter instead of ME as their "Outgoing SMTP Server", you will need to add the IP(s) of the client(s) to an IP whitelist in SpamFilter, so that they are allowed to relay.
  • Implement SMTP Authentication in SpamFilter. We support Active Directory, LDAP, and Unix-style password files. Authenticated users are whitelisted and thus can relay emails anyhwere.

Roberto Franceschetti" rel="nofollow - LogSat Software" rel="nofollow - Spam Filter ISP

Posted By: ykaraman1
Date Posted: 22 March 2007 at 5:41pm

I tried a number of options:

1) Setup SF-ISP on one IP and ME on another on the same server such that SF-SIP forwards e-mail to ME on that IP. This didn't work for Outlook clients.

2) SF-ISP and ME on same IP but different ports. Didn't work for outlook clients.

In both cases SF-ISP acts as the SMTP server and needs authentication. We can't use the authentication solution as this would be to costly from admin stand point.

However, mysteriously we can send ME web mail out to external address from any option above. I don't know why web mail is acting any differently then clients sending SMTP messages via outlook clients.

I know I am missing something as your second deployment diagram indicates that this should be supported.

Also, is there anyway to configure SF-ISP to listed to only one IP address and ignore the others? ME can do that (seemingly only for inbound though). In this way if I can have SF-ISP only listen to one IP and ME the other one I can have ME send mail from its own server instead of SF-ISP grabbing it and treating it as unauthorized access.



Posted By: LogSat
Date Posted: 23 March 2007 at 7:18pm
In regards to your issue, your ME web mail will usually always work as it interfaces directly with ME, and thus ME will always be able to send emails via that interface. Your outlook clients have a different configuration. They, as all other email clients, must use an "Outgoing SMTP Server" to send emails. Before implementing SpamFilter, your outlook clients were probably (we're simply guessing here, so I apologize if we guess wrong) using ME as their "Outgoing SMTP Server". When implementing SpamFilter, admins usually avoid changing their mail server (ME in your case) configuration, as if they were to change the port or the server name used by ME, that would require reconfiguring all the outlook clients.

If you decide to implement scenarion #2 of our network samples ("Single SMTP server with a single IP address directly connected to Internet"), that configuration requires changing the port of your ME server. Doing that would then also require all your outlook clients to change the port used in their "Outgoing SMTP Server" configuration, and is thus not an ideal solution.

We'd recommend using the first option, "SMTP servers directly connected to Internet". This allows you to keep "as-is" the ME configuration (and thus not requiring changes to your outlook clients). To do so however, you need to configure SpamFilter so that it listens on a different IP address than the one used by ME. This can be done, as you asked, from the "Settings - Confiiguration" tab in SpamFilter. Under the "SMTP listener socket" there is a blank entry for the "IP(s)". This indicates that SpamFilter will bind to port 25 on all IPs on the server. To configure SpamFilter to only listen on a specific IP address, simply enter that IP address in that field and click on "Save SMTP Settings". The final step in this configuration is to change your MX record to point to the new IP address used by SpamFilter rather than to the one used by ME. If your servers are behind a firewall, things are even easier, as at this point you can follow our sample #3 "SMTP servers behind Firewall", and instead of modifying your MX record, you can reconfigure your firewall to forward traffic to the IP used by SpamFilter rather than to ME.

Roberto Franceschetti" rel="nofollow - LogSat Software" rel="nofollow - Spam Filter ISP

Print Page | Close Window