Client Blocked from SMTP how to find in log
Question asked by digital.iway - 7/17/2015 at 8:28 AM
I have a client domain that is getting blocked from sending mail but can receive mail fine.  As soon as I white-list their network ip address mail will flow again.  I do not want to keep them white listed so I would like to know how can I find out what address is causing this in the log and why this is happening?
I have the SM 14.1.5675
Any help or directions is appreciated.

2 Replies

Reply to Thread
SpamHurts Replied
Marked As Answer
I have a guess. I bet that you have a rule, as do I that blocks for failed login attempts someone on their network is failing to authenticate with their third party email client or  smart hone.
Search the domain name with related traffic. Start with the SMTP log, but also check POP log and IMAP log. Once the result display click CTRL F5 On the browser and search the page for "too many connections failure" I just start typing "too many" You will see the IP blocked or "authentication failed" Up above that look for the user name and then the EHLO message. That will tell you the machine, in case there are many in the office. 
Remember kids, every time a spam message gets blocked, a nerd gets their glasses. spamhurts/July 15
digital.iway Replied
thank you for the help on this!  That pointed me in the right direction and I actually found the issue/problem account in the SMTP log.

Reply to Thread