Skip to main content
mallory6540's profile
mallory6540
100 Points
250 Points

16 Messages

 • 

374 Points

Wed, Jun 15, 2022 4:06 PM

Still having EMAIL Failure sending out to some

Here is a response from the IT for our local County Government Offices when my emails to them, keep getting kicked back and not going through:

Good morning,

 

In regards to the above ticket, it looks like the actual issue is likely on Darmstadt-indiana.org’s side, however the emails are being blocked by our mail filter because of those problems. We have reason to suspect based on the mail header coming in that their email server has been somehow compromised and our email filter has blocked their email for intent, which is this case is intent to spread ransomware. From a quick look, it looks like their email is relaying through an outside email server known to be involved in the spread of the Emotet ransomware variant that targeted banks and financial institutions a couple years back.

We CAN allow these messages through the filter but any links or attachments would be considered highly suspect and could likely pose a threat to our network. Since we seem to have no issue emailing out to them, I would suggest forwarding this message to their clerk to have their IT investigate this matter.

 

Let me know if you need anything further on this matter, thanks!

 

Mark Nance
Technical Services Manager

MCSE, MCSA, MCNPS, MS, A+
Advanced Network & Computer Services, Inc.

Office 812-602-6650

Fax     812-602-6601
mnance@advncs.com

Question

 • 

Updated 

3 d ago

31

1

0

Brand User
elyzabethv

5.2K Messages

 • 

94.7K Points

16 d ago

Hello, 

If this is a government email that you're experiencing issues sending to, you may need to add a DKIM:

 

‎DKIM Record | Homestead Community

12

0

mallory6540

16 Messages

 • 

374 Points

@elyzabethv​ Yes, just doesn't make sense that it changed all of a sudden.  We've been emailing these same email addresses for over a decade.  Something changed on Homestead's end and now we're getting emails kicked back daily from all different kinds of addresses.  

Why wouldn't homestead fix the issue, isn't this what we're paying for? We've been with Homestead for many years.   We're not IT, we're government.  :) 

(edited)

Like

Reply

16 d ago

0

Brand User
elyzabethv

5.2K Messages

 • 

94.7K Points

Hello,

 

If you could provide the bounceback here that will help determine exactly what the issue was, but we do get reports of bouncebacks that are likely related to the same reason you are. We understand that the extra steps are not quite ideal, but it is not a coincidence all of these bouncebacks are happening as of recently, and there are many certain changes that email platforms are currently in process of, and others that have already processed that change. One notable example is Google, and the TXT record was able to help bypass most of those issues. Since your business is government, there are extra walls of security that are in place, and unfortunately, that is a limitation on Homestead's end, and is why we recommended the article listed about DKIM and using Cloudflare to support those records. We hope we can accommodate this inside of Homestead soon.
We are aware that this is not ideal, but we are in the process of making changes to our email platform to reduce the number of bouncebacks that are received. Also, keep in mind because Homestead is a shared email server if someone on the Homestead email server sends a spam campaign, that can flag your email falsely for malware. These issues are generally short-lived as we do have email engineers working constantly to stop and prevent spam abuse and to fix the issues as they come up.
I hope this clears up any confusion, and please know that we do report these bouncebacks as often as they are provided to us to help better everyone's experience.

Like

Reply

15 d ago

0

mallory6540

16 Messages

 • 

374 Points

Yes, I pasted a bounce back below we got from the fire department.  I've also received bounce back from a TWC/Spectrum recipient email and from the County Government offices .gov emails.  All other emails seem to go through just fine.  Hope this helps.  

..............

This message was created automatically by mail delivery software.

A message that you sent could not be delivered to one or more of its
recipients. This is a permanent error. The following address(es) failed:

   bzimmer@scottfire.org
    host d171127a.ess.barracudanetworks.com [209.222.82.253]
    SMTP error from remote mail server after end of data:
    550 permanent failure for one or more recipients (bzimmer@scottfire.org:blocked)
Reporting-MTA: dns; bosmailout08.eigbox.net

Action: failed
Final-Recipient: rfc822; BZimmer@scottfire.org
Status: 5.0.0
Remote-MTA: dns; d171127a.ess.barracudanetworks.com
Remote-MTA: X-ip; [209.222.82.253]
X-Remote-MTA-smtp-greeting: X-str; 220 mail.ess.barracuda.com ESMTP (mx-inbound22-180.us-east-2b.ess.aws)
X-Remote-MTA-helo-response: X-str; 250-mx-inbound22-180.us-east-2b.ess.aws.cudaops.com Hello bosmailout08.eigbox.net [66.96.188.8], pleased to meet you
X-Exim-Diagnostic: X-str; SMTP error from remote mail server after end of data: 550 permanent failure for one or more recipients (bzimmer@scottfire.org:blocked)
Diagnostic-Code: smtp; 550 permanent failure for one or more recipients (bzimmer@scottfire.org:blocked)
Return-path: < clerk@darmstadt-indiana.org>
Received: from bosmailscan07.eigbox.net ([10.20.15.7])
    by bosmailout08.eigbox.net with esmtp (Exim)
    id 1o1FGS-0000Mo-4I
    for  BZimmer@scottfire.org; Tue, 14 Jun 2022 18:44:00 -0400
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
    d=darmstadt-indiana.org; s=dkim; h=Sender:Content-Type:Message-ID:References:
    In-Reply-To:Subject:To:From:Date:MIME-Version:Reply-To:Cc:
    Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:
    Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id:
    List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive;
     bh=Y8nWLswaLdyOj8ieA+6Tyh3GxnWyXlH+T8LKqy7K/44=; b=oC0VDrRx8KQur4guiykNSQRnl
    juYmhRD1I6MzECtDpIi9LM69BAuF27Ygs5G9cYhv1BVnW82maghZw1x0ADlmXTtzhWQVc07BHGt8g
    GgPYo2IA5Me5lvKd0Qyk4utkBjMeu0MED0LOBEpiM/oOP+4whazqnhInh9hdpxwZNiEvdCSAqE78x
    /FfHhPeqluaDEbTSwxqMRZ+fg7SFkkd4/AK1WY+XI84BWisYY0mXhBryK/q5PRvgtvo2Nb1VEsgG5
    iuxy9Llxct2NUHvG64/ZWuZYmsLh/TfRnG4mdlPHOPFVrphHSmiP+uS5xdDs9BkZqYUEVXSqmtcNs
    sBIRBdHFA==;
Received: from [10.115.3.32] (helo=bosimpout12)
    by bosmailscan07.eigbox.net with esmtp (Exim)
    id 1o1FGR-00025W-Pt
    for  BZimmer@scottfire.org; Tue, 14 Jun 2022 18:43:59 -0400
Received: from boswebmail05.eigbox.net ([10.20.16.5])
    by bosimpout12 with
    id jAjM2700306ZEP601AjzJx; Tue, 14 Jun 2022 18:43:59 -0400
X-Authority-Analysis: v=2.3 cv=d4VuNSrE c=1 sm=1 tr=0
 a=ugAwYMi5Ce8m9tm4hY6jtQ==:117 a=bw9DDkw1OyCzgQiYJQoUcA==:17
 a=JPEYwPQDsx4A:10 a=FPuOb2FbAAAA:8 a=zugzXYXqcCQybYCr2UQA:9 a=CjuIK1q_8ugA:10
 a=cB-9DkB4XJkA:10 a=VHya1VxeE-jhBXSpLisA:9 a=nD8LdhYh-BUB8Q9H:21
 a=_W_S_7VecoQA:10 a=QEXdDO2ut3YA:10 a=nkBYjHvL4W1C-9W6yDEA:9
 a=vI6at3MDbqTmqeDe:18 a=KQqxNPgzF0kA:10 a=-UKdljo_p_GS8oFOVpjs:22
Received: from [127.0.0.1] (helo=ipage)
    by boswebmail05.eigbox.net with esmtp (Exim)
    id 1o1FGC-0004fy-4c
    for  BZimmer@scottfire.org; Tue, 14 Jun 2022 18:43:44 -0400
Received: from 174-101-3-213.res.spectrum.com ([174.101.3.213])
 by emailmg.ipage.com
 with HTTP (HTTP/1.1 POST); Tue, 14 Jun 2022 18:43:44 -0400
MIME-Version: 1.0
Date: Tue, 14 Jun 2022 17:43:44 -0500
From: Mallory Lowe -Town of Darmstadt < clerk@darmstadt-indiana.org>
To: "Zimmer, Brandon" < BZimmer@scottfire.org>
Subject: Re: May 2022 Report
In-Reply-To: < ebfadda5145b409ea64b963658e5b0f9@scottfire.org>
References: < ebfadda5145b409ea64b963658e5b0f9@scottfire.org>
Message-ID: < d27c2d5691adb260bc609bb11539d020@darmstadt-indiana.org>
X-Sender:  clerk@darmstadt-indiana.org
User-Agent: Roundcube Webmail/1.3.14
Content-Type: multipart/alternative;
 boundary="=_c5b6fd89123cc7b8439dc351472e9a48"
X-EN-AuthUser:  clerk@darmstadt-indiana.org
Sender:  Mallory Lowe -Town of Darmstadt < clerk@darmstadt-indiana.org>
X-EN-Class: impinc

Like

Reply

15 d ago

0

Brand User
elyzabethv

5.2K Messages

 • 

94.7K Points

Ok, thank you. We can get that bounceback reported. If you receive any more recent bouncebacks, please send that as well. 

Like

Reply

14 d ago

0

mallory6540

16 Messages

 • 

374 Points

This message was created automatically by mail delivery software.

A message that you sent could not be delivered to one or more of its
recipients. This is a permanent error. The following address(es) failed:

   CPOAG@twc.com
    host pkvw-mx.msg.pkvw.co.charter.net [47.43.26.7]
    SMTP error from remote mail server after MAIL FROM:< clerk@darmstadt-indiana.org> SIZE=15164:
    550 5.1.0 < clerk@darmstadt-indiana.org> sender rejected. Please see  https://www.spectrum.net/support/internet/understanding-email-error-codes for more information. AUP#In-1310
Reporting-MTA: dns; bosmailout04.eigbox.net

Action: failed
Final-Recipient: rfc822; CPOAG@twc.com
Status: 5.0.0
Remote-MTA: dns; pkvw-mx.msg.pkvw.co.charter.net
Remote-MTA: X-ip; [47.43.26.7]
X-Remote-MTA-smtp-greeting: X-str; 220 p-impin018.msg.pkvw.co.charter.net cmsmtp ESMTP server ready
X-Remote-MTA-helo-response: X-str; 250-p-impin018.msg.pkvw.co.charter.net hello [66.96.184.4], pleased to meet you
X-Exim-Diagnostic: X-str; SMTP error from remote mail server after MAIL FROM:< clerk@darmstadt-indiana.org> SIZE=15164: 550 5.1.0 < clerk@darmstadt-indiana.org> sender rejected. Please see  https://www.spectrum.net/support/internet/understanding-email-error-codes for more information. AUP#In-1310
Diagnostic-Code: smtp; 550 5.1.0 < clerk@darmstadt-indiana.org> sender rejected. Please see  https://www.spectrum.net/support/internet/understanding-email-error-codes for more information. AUP#In-1310
Return-path: < clerk@darmstadt-indiana.org>
Received: from bosmailscan04.eigbox.net ([10.20.15.4])
    by bosmailout04.eigbox.net with esmtp (Exim)
    id 1o1BP4-0003RM-T8
    for  CPOAG@twc.com; Tue, 14 Jun 2022 14:36:38 -0400
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
    d=darmstadt-indiana.org; s=dkim; h=Sender:Content-Type:Message-ID:References:
    In-Reply-To:Subject:To:From:Date:MIME-Version:Reply-To:Cc:
    Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:
    Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id:
    List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive;
     bh=XqGySqLaNdr2OQoT2/SM3BSHZ0xilqLAGYxzhCfgXg0=; b=fnr4QmMRH67ESHZBlKwPIS7Ae
    cFGTIWTbCdetxbcawupmjjMIgOTm7C8YP85lFHvTSNlhvVcZ6TDN/YqN2f7XtbCUep9qGNHacaH+s
    IxdXsSGK3OI80a04b44HKQVdeaN91zPHZEsbDgsOpyfW98hkMkWInQWX/eQ70Mzkf5+tgeSuDFWeJ
    Eb7GYecfZwBVsMQqVEBA1Atm/fOIABADqsWbDxRSOFaYOVZV+J5dLF4YEFh/rSPKDRwIu9orT5gQj
    ZVxTku0Vp+q/gXUrPtTp73kCiBKW5CokaKLqUk2ZkPPwjgwSr4GKPfmyCHwwA5sshgQfrI9uoUgOy
    J/P0IC1aQ==;
Received: from [10.115.3.33] (helo=bosimpout13)
    by bosmailscan04.eigbox.net with esmtp (Exim)
    id 1o1BP2-0005MG-L7
    for  CPOAG@twc.com; Tue, 14 Jun 2022 14:36:36 -0400
Received: from boswebmail05.eigbox.net ([10.20.16.5])
    by bosimpout13 with
    id j6b32700T06ZEP6016ccHq; Tue, 14 Jun 2022 14:36:36 -0400
X-Authority-Analysis: v=2.3 cv=A7b3w5eG c=1 sm=1 tr=0
 a=ugAwYMi5Ce8m9tm4hY6jtQ==:117 a=bw9DDkw1OyCzgQiYJQoUcA==:17
 a=8A7brI4kjU8C6ETGAX3PRdgeao0=:19 a=JPEYwPQDsx4A:10 a=QPcu4mC3AAAA:8
 a=FPuOb2FbAAAA:8 a=UNWf5WQ7AAAA:8 a=zKMG0jkmAAAA:8 a=WrAZHrirAAAA:8
 a=DW2srAcpAbBXr8EqOMwA:9 a=JOWeiY5itpwPQvuQ8dm/GawRuwE=:19 a=CjuIK1q_8ugA:10
 a=Rjok5cVjVWjTkIO8Sc8A:9 a=Gkncbnv7zCp--_Ns:21 a=_W_S_7VecoQA:10
 a=QEXdDO2ut3YA:10 a=ukbQiCzosBaFin3YAlW-:22 a=-UKdljo_p_GS8oFOVpjs:22
 a=TmY6P1tBX-PGzTCW-pm6:22 a=nsiO5I1EQONTXo74ARH8:22 a=8YAjOY6DEN-3FF_LWws_:22
Received: from [127.0.0.1] (helo=ipage)
    by boswebmail05.eigbox.net with esmtp (Exim)
    id 1o1BAH-0000Gn-PB
    for  CPOAG@TWC.COM; Tue, 14 Jun 2022 14:21:21 -0400
Received: from 174-101-3-213.res.spectrum.com ([174.101.3.213])
 by emailmg.ipage.com
 with HTTP (HTTP/1.1 POST); Tue, 14 Jun 2022 14:21:21 -0400
MIME-Version: 1.0
Date: Tue, 14 Jun 2022 13:21:21 -0500
From: Mallory Lowe -Town of Darmstadt < clerk@darmstadt-indiana.org>
To: CPOAG < CPOAG@TWC.COM>
Subject: Fwd: Warning: message 1o179M-0006V5-Ld delayed 4 hours
In-Reply-To: < E1o1B8f-00067B-Jb@bosmailout06.eigbox.net>
References: <000601d87ff3$b61639c0$2242ad40$@com>
 < 7d2cc563de4c1aac528bc43bf70a1c8e@darmstadt-indiana.org>
 < E1o1B8f-00067B-Jb@bosmailout06.eigbox.net>
Message-ID: < bd4768cde89541cf67e5e0bb400f5de5@darmstadt-indiana.org>
X-Sender:  clerk@darmstadt-indiana.org
User-Agent: Roundcube Webmail/1.3.14
Content-Type: multipart/alternative;
 boundary="=_54274d8baae8738431d8936a34d0f569"
X-EN-AuthUser:  clerk@darmstadt-indiana.org
Sender:  Mallory Lowe -Town of Darmstadt < clerk@darmstadt-indiana.org>
X-EN-Class: impinc

Like

Reply

14 d ago

Related Conversations