This article applies to:
- MailMarshal/SEG Cloud
Symptoms:
- Sending a message through MailMarshal Cloud
- Message refused with SMTP response: 550 Mail refused by local domain enforcement policy
Causes:
- The sender (MAIL FROM) and recipient (RCPT TO) of the message are both external.
- "External" means "not in domains managed through MailMarshal Cloud."
- Relaying of messages through MailMarshal Cloud between external addresses is not allowed.
Resolution:
For messages outbound from your servers, be sure the sender address is within your domains managed through MailMarshal Cloud.
Notes:
- One common reason for this issue is a Microsoft Exchange distribution list that has external contacts as members. With some Exchange versions, when a message is sent to the list by an external sender, Exchange attempts to deliver it to external recipients with the external user as the From address.
- To ensure delivery to distribution lists with external members:
- For Exchange environments including Exchange Online, you can configure the main outbound connector so that it only sends messages through MailMarshal Cloud if it is "from" a local domain address.
- Make sure there is an additional delivery option that sends the mail "from" external addresses directly, bypassing MailMarshal Cloud.
- Any mailing list messages would have been scanned inbound, so the threat/security risk from lack of outbound scanning is low.
- Another option that works with any mailbox solution is to use mailing list management software. This type of software re-sends the messages with a valid local sender address. Many free solutions are available.
- For Exchange environments including Exchange Online, you can configure the main outbound connector so that it only sends messages through MailMarshal Cloud if it is "from" a local domain address.
Trustwave MailMarshal Cloud KB article Q21050
Last Modified: August 19, 2018