Response From Remote Server: Error 550: <IP Address> No Allowed to Send Mail

I’m not sure how to fix the below error; hopefully I’ve provided enough information:

550 <IP Address> is not allowed to send mail from [domainname.com](http://domainname.com). Please see the SPF record, with scope mfrom, identity [info@domainname.com](mailto:info@domainname.com), and ip <IP Address>

I don’t know anything about SPF records (this stuff was migrated from a different host to Amazon by someone else). The way I THINK this works is that the email is sent to a filter and it’s the filter that’s denying the email from passing/forwarding to the email receiver. The site is hosted on Amazon AWS with the SPF record:
v=spf1 include:spf.protection.outlook.com -all

The site is set up to send security reports to an email address hosted elsewhere .

I don’t know where to begin to ‘fix’ the problem. I’ve read many solutions that were anywhere from completely rewriting the SPF record to just changing the ‘-all’ to ‘~all’.

I would appreciate ANY clarification and an explanation on a possible solution.

Thank you.

This is not some filter denying the email, this is the destination server denying the email.

What SPF is for is a record in the DNS that confirms that the sender of the email is actually allowed to send the email. The SPF record you have now tells email servers that outlook is allowed to send email on behalf of your domain (as stated by the include:spf.protection.outlook.com bit) and no one else is (the -all part).

When you change -all to ~all you’re basically saying “I think the list before is complete, but I might have forgotten something”. Some email servers are lenient to this, but it’s not ideal.

Where is the sent email actually coming from? If it’s coming from AWS servers you should include their IP in the SPF record. Suppose the IP is 1.2.3.4 then the SPF record would become

v=spf1 include:spf.protection.outlook.com a:1.2.3.4 -all
2 Likes

Thank you for the clarification, rpkamp. Considering I’m not familiar with the way SPF’s work, the above info helps!

I’ll give that a go and let you know what happens.

1 Like

Hey, rpkamp. I tried what you recommended and still get the error (“v=spf1 include:spf.protection.outlook.com a:209.85.208.196 ~all”).

Let me see if I can expand on the error:
550 (Google IP) is not allowed to send mail from [domainname.com](http://domainname.com). Please see the SPF record, with scope mfrom, identity [info@donmainname.com](mailto:info@domainname.com), and ip (Google IP).

The original domain registar is with Network Solutions. We have the site hosted on AWS. The emails are with Google. I was recommended by AWS to duplicate all of the DNS records (MX, TXT, A, etc.) and create Hosted Zones for those and point the DNS to AWS.

The website has contact forms and THAT data comes in just fine via email. But if I need a security report auto emailed from the website, that’s when we get the error message.

I even REMOVED the SPF line in the TXT record from the AWS Hosted Zone record and we still got the same error message after running a test, if that helps.

It’s been awhile since I’ve had any commentary regarding this issue and thought I would post it again.

A little background:

  • The website is hosted on Amazon AWS EC2
  • All records were copied from Network Solutions to Amazon’s Hosted Zones
  • The client uses Google Mail (but they use their website domain for them–websitedomain1.com)
  • The site doesn’t any problems with the site sending emails except to one particular email address.

Error 550 (message sent by mailer-daemon@googlemail.com):

Message not delivered
There was a problem delivering your message to thisuniqueemail@domain.com . See the technical details below, or try resending in a few minutes.

550 209.85.167.66 is not allowed to send mail from websitedomain1.com. Please see the SPF record, with scope mfrom, identity `info@websitedomain1.com, and ip 209.85.167.66

While rpkamp did his best to explain to me what causes it and made a suggestion to a possible solution, I’m still not closer to solving the problem for that ONE particular email address–no matter what I change in the SPF record to in Amazon’s AWS Hosted Zone record.

I’m open to suggestions.

Thank you.

This topic was automatically closed 91 days after the last reply. New replies are no longer allowed.