RBL rejection behavior (in the logs) in Exchange 2007
One of my pet peeves (and apparently many others) is that in E2K3, Exchange rejects connections from RBLs, but only logs this rejection as a 550 error. You cannot tell the difference between one type of 550 rejection and another.
An attendee at the Get Ready event in Stockholm asked me about this behavior in E2K7, but I was not sure if it has changed. I tested this and sure enough, it has been improved. This information is found in the Receive logs (Send and Receive logs are now seperate log files!). The receive log format has been completed changed. When a connection is rejected because it is on an RBL, the line in the Receive log includes the custom message you configured in the RBL configuration.
220 ctahnl5.cta.net Microsoft ESMTP MAIL Service ready at Sat, 19 May 2007 17:58:17 -1000"
250 ctahnl5.cta.net Hello [188.8.131.52]
MAIL FROM: <*,08C963DD6F372639">
firstname.lastname@example.org>*,08C963DD6F372639 ;2007-05-20T03:58:17.796Z;1,receiving message
250 2.1.0 Sender OK
RCPT TO: <email@example.com>
550 5.7.1 Your mail system is on the Spamhaus PBL list. Tell your admin to check www.spamhaus.org
Note that the error includes the text 'Your mail system is on the Spamhaus PBL list. Tell your admin to check http://www.spamhaus.org. This was the message that was customized in the RBL configuration.