cancel
Showing results for 
Search instead for 
Did you mean: 

connect to ***.com.inbound15.mxlogic.net:25: Connection refused

Jump to solution

Hello!  We have inherited a small block of IPs that were previously dynamic IP addresses and, understandably, may have attained a less-than-stellar reputation in the past.

That is, however, in the past.  Now the IPs are static, rDNS is set up properly for each, and secured servers are in place.  Our primary mail server is assigned the address 72.47.16.55, which already appears to have a clean reputation according to McAfee:

http://www.mcafee.com/threat-intelligence/ip/default.aspx?ip=72.47.16.55

However, all connections from our IP are completely refused.  There are no exceptions in the log for the past few months.

We do business with a fairly substantial proportion of customers and vendors whose emails are processed by McAfee, and regrettably, few of them really understand why we can't email them back.  Even fewer seem to realize that McAfee is providing a service for them.  And the efforts of a knowledgable few to add our senders' domains to a whitelist, while appreciated, will never have an effect because connections from this IP are refused altogether.  So we end up relying on Yahoo! Mail, Gmail, Hotmail, and other '90s workarounds... not very professional at all.  It is worth mentioning that we only contact customers and clients who have asked us to or inquired and left their contact email address; we have never attempted to send UBE from this IP, and never will.

Originally, we believed this was a reputation issue.  After emailing McAfee a total of approximately one dozen false positives (which were all we bothered to collect at that time), we got this response:

Thank you for contacting McAfee Messaging Security.

The error that you have reported is not one that can be resolved by the Messaging Security team. If you are a McAfee SaaS customer, please contact the group that provides the Technical Support for your Email Protection service.  If you are not a customer, please contact the recipient for further assistance with resolving the mail flow issue.  In some cases, the problem can be resolved by having the intended recipient add your sending domain to their Sender Allow list within our service.

Technical Support can be reached at either https://support.mcafeesaas.com or 877/695-6442.

Thank you,

McAfee Labs

Messaging Security

Nice.  So basically, call the guy who has no idea what rDNS is, what an IP address is, or what an MX record is -- and let him report it to McAfee.  I'm sure that will do wonders.  After about three months of grappling with this, I'm starting to wonder if maybe this is somehow the goal?  Can anyone appease the monolith?  Why should I believe that registering and posting in this forum -- another hour wasted -- will resolve it?

Let's hope there's still hope.

0 Kudos
1 Solution

Accepted Solutions
cascadia
Level 12

Re: connect to ***.com.inbound15.mxlogic.net:25: Connection refused

Jump to solution

Hi CR,

The NDRs likely did not provide Messaging Security with the information needed to isolate the issue. The IP you provided does appear on our Firewall Block List due to previously being listed in the Spamhaus PBL, as a result of being a Dynamic IP. Emailing saas_falsepositives@mcafeesubmissions.com for an IP Research Request, with a list of your IPs that are being blocked is likely to return a more positive result.

If you get a different response though, please let me know

0 Kudos
3 Replies
cascadia
Level 12

Re: connect to ***.com.inbound15.mxlogic.net:25: Connection refused

Jump to solution

Hi CR,

The NDRs likely did not provide Messaging Security with the information needed to isolate the issue. The IP you provided does appear on our Firewall Block List due to previously being listed in the Spamhaus PBL, as a result of being a Dynamic IP. Emailing saas_falsepositives@mcafeesubmissions.com for an IP Research Request, with a list of your IPs that are being blocked is likely to return a more positive result.

If you get a different response though, please let me know

0 Kudos

Re: connect to ***.com.inbound15.mxlogic.net:25: Connection refused

Jump to solution

Brad's assessment of the situation was absolutely correct.  Eleven prior false positive submissions to the same email address did not resolve this issue.  However, quoting Brad's helpful reply above, along with mentioning an IP Research Request in the subject line, resulted in a confirmation email that the IP restriction had been lifted within an hour.

After three long months of grief, it appears we can finally send email like it's 1999!  Many thanks for your assistance resolving this, Brad & McAfee staff.

0 Kudos
cascadia
Level 12

Re: connect to ***.com.inbound15.mxlogic.net:25: Connection refused

Jump to solution

Glad I could help.

0 Kudos