OK so this error message and article may seem particular granular when it comes to the overall nature, however this particular error is a lot more common than you think. When do you see it? Pretty much every time you set up a new tenant, whether it be a new trial tenant, a developer tenant, or even after purchasing licenses and getting started with a brand new one.
The error text you get is….
Remote Server returned ‘550 5.7.708 Service unavailable. Access denied, traffic not accepted from this IP.’
Before you bang your head against a brick wall trying to figure out the routing issue I can tell you that the fix is actually quite simple. Firstly let me show you the error I am talking about. You send an email from any user in the new tenant to the outside world and you get this.
At first you look and think OK the issue may be on the receivers side. It does say that the recipients email provider rejected it. Well that would be WRONG, it’s got nothing to do with the final recipient. It is in fact with the email transport recipient which is still the host system you are sending from.
It is being blocked by M365 itself and it is not allowing the message to transit out of the M365 tenant you have. Here is the trace report, from the mha.azuresites.net website. By the way, that is handy site to know about and in another article I will talk about how to use it effectively.
From this trace you can see that it never in fact left the premises! It was blocked by M365 itself.
Well you could now spend hours going through all the various transport rules, M365 settings etc. etc. to try and figure it out but you won’t. It’s not a setting or any changes that you can make. The only way around this is to get Microsoft to unblock your tenant from sending email. Easy right?
You just need to go into the Admin portion of your tenant and into the help sections on the right hand side. From there type in something like ‘Email Send Issue’ and let it come up with a few useless articles until you see the ‘Contact Support’ at the bottom.
Using that, complete the form like this.
Depending on who you get to pickup the ticket, they may enable it straight away, or they may ask you to send a more detailed report about what is happening. If that occurs, then just send them the MHA report from the site above and tell them that you are being blocked for outbound email at the M365 tenant level and you would like them to unblock you please. If you get somebody that has seen it before then they will just do it without asking more questions.
It all happens pretty quick and you should get a response like this.
Sorry guys if you were looking for a magic PowerShell line or setting change, because there just isn’t one. It’s a support request, but a very simple one that is resolved quickly.
Thanks for reading and remember to visit and subscribe to my YouTube channel.
https://youtube.com/thecloudgeezer
Mark – The Cloud Geezer