Knowledge Base

Emails are not sent (550 5.1.8 Access denied, bad outbound sender)

Problem:

When a user sends an email, it does not reach the recipient, and this user gets a non-delivery report with the following error:

550 5.1.8 Access denied, bad outbound sender AS(41000001)
Your message couldn't be delivered because you weren't recognized as a valid sender. The most common reason for this is that your email address is suspected of sending spam and it's no longer allowed to send messages outside of your organization. Contact your email admin for assistance.

Solution:

This error means that Office 365 (Microsoft 365) has added the user to the blocked senders' list because this person's emails have been recognized as spam. This might happen, for example, if the user has sent an email to a large number of recipients, exceeding the limits of the Office 365 plan (you can check the Office 365 sending limits for individual recipients and distribution groups in this Microsoft's article).

To solve this problem, the admin of the Office 365 tenant needs to:

  • Make sure that the user account has not been hacked or compromised in any way. See this MS article to learn more, or check these guidelines for admins.
  • If the tenant admin is certain that the account is safe, they need to follow these steps to remove the account from the block list and resume its mail flow:
  1. Log in to the Microsoft 365 Defender portal.
  2. Go to Email & collaboration > Review > Restricted Users, as shown in Fig. 1.

Accessing the list of blocked users in the Microsoft 365 Defender portal.
Fig. 1. Accessing the list of blocked users in the Microsoft 365 Defender portal.

  1. Select the entry related to the user you want to whitelist by clicking it and next click Unblock (Fig. 2.).

Choosing the entry with the user’s account you want to remove from the block list.
Fig. 2. Choosing the entry with the user’s account you want to remove from the block list.

  1. The Unblock User wizard that opens contains detailed information on the reason for blocking the account as well as recommendations for actions and improving the protection level. Since you’re certain that the user’s account is safe, you can proceed by clicking Next > Submit.
  2. Finally, click Yes to confirm that you want to remove restrictions from the user (Fig. 3.). Keep in mind that removing the restrictions may take up to 1 hour.

Confirming the removal of restrictions.
Fig. 3. Confirming the removal of restrictions.

Tip

Office 365 can notify you when your users get blocked. It can also forward all suspicious emails to your mailbox. To configure these options, go to Email & collaboration > Policies & rules > Threat policies > Anti-spam and click the policy of your choice. Next, scroll down and click Edit protection options. Now, you can enable the options (Fig. 4., items 1) and provide your email address in both the fields (Fig. 4., items 2) to receive notifications as well as suspicious emails.

Configuring Office 365 to notify you of blocked users and forward all suspicious emails to your mailbox.
Fig. 4. Configuring Office 365 to notify you of blocked users and forward all suspicious emails to your mailbox.

Was this information useful?