none
Email bouncing back “Denied by policy TLS conversation required Diagnostic Code SMTP 550 denied by policy”

    Question

  • Dear Team,

    One of the domain is not able to send us email they are receiving the below message in the NDR.

    “Denied by policy TLS conversation required Diagnostic Code SMTP 550 denied by policy”

    is anything wrong from my end i need to change something?i am using exchange server 2013

    Regards

    Jack


    TechGUy,System Administrator.


    • Edited by ITSysGuy Thursday, April 14, 2016 6:29 AM more info
    Thursday, April 14, 2016 6:28 AM

Answers

  • It looks like they are requiring TLS but your server doesn't support it.  Is there a mail hygiene server, appliance or cloud service, or an SMTP mail relay between the Internet and your Exchange server, and if so, is it configured to use TLS?


    Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."
    Celebrating 20 years of providing Exchange peer support!

    Thursday, April 14, 2016 6:43 PM
    Moderator
  • Hi Jack,

    The error code '550 Denied by Policy' can be caused by multiple reasons and may has a complicated root cause. Therefore, I want to confirm:
    1. Whether all external domain experience this issue?
    2. How about mail flow to other domain with problematic domain address?
    3. Do you deploy McAfee filtering in your environment?

    If so, please try steps in below link for troubleshooting. For your reference:
    https://kc.mcafee.com/corporate/index?page=content&id=KB60616

    Note: Since the web site is not hosted by Microsoft, the link may change without notice. Microsoft does not guarantee the accuracy of this information.


    Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact tnmff@microsoft.com.

    Allen Wang
    TechNet Community Support

    Friday, April 15, 2016 8:07 AM
    Moderator

All replies

  • It looks like they are requiring TLS but your server doesn't support it.  Is there a mail hygiene server, appliance or cloud service, or an SMTP mail relay between the Internet and your Exchange server, and if so, is it configured to use TLS?


    Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."
    Celebrating 20 years of providing Exchange peer support!

    Thursday, April 14, 2016 6:43 PM
    Moderator
  • Hi Jack,

    The error code '550 Denied by Policy' can be caused by multiple reasons and may has a complicated root cause. Therefore, I want to confirm:
    1. Whether all external domain experience this issue?
    2. How about mail flow to other domain with problematic domain address?
    3. Do you deploy McAfee filtering in your environment?

    If so, please try steps in below link for troubleshooting. For your reference:
    https://kc.mcafee.com/corporate/index?page=content&id=KB60616

    Note: Since the web site is not hosted by Microsoft, the link may change without notice. Microsoft does not guarantee the accuracy of this information.


    Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact tnmff@microsoft.com.

    Allen Wang
    TechNet Community Support

    Friday, April 15, 2016 8:07 AM
    Moderator