Troubleshoot 550, 553, and relay-prohibited errors

Important notice for users of Office 2003    To continue receiving security updates for Office, make sure you're running Office 2003 Service Pack 3 (SP3). The support for Office 2003 ends April 8, 2014. If you’re running Office 2003 after support ends, to receive all important security updates for Office, you need to upgrade to a later version such as Office 365 or Office 2013. For more information, see Support is ending for Office 2003.

Applies to
Microsoft Office Outlook® 2003

Relaying occurs when an e-mail message is sent to an e-mail address whose domain (the name after the @ symbol, such as adatum.com) is not processed by the Simple Mail Transfer Protocol (SMTP) (Simple Mail Transfer Protocol (SMTP): A common protocol that is used to send email messages across the Internet.)or outgoing server that the sender is requesting to deliver the message. The SMTP server must connect to another SMTP server to relay the message.

When you send an e-mail message that encounters a relay error, your SMTP (outgoing) e-mail server might return your e-mail message with an error message such as one of the following:

  • The message could not be sent because one of the recipients was rejected by the server. The rejected e-mail address was '<someone@example.com>'. Subject: '<Test>', Account: '<Test>', Server: '<smtp.example.com>', Protocol: SMTP, Server Response: '550 <someone@example.com>... Relaying Denied', Port: 25, Secure (SSL): No, Server Error: 550, Error Number: 0x800CCC79.
  • "The message could not be sent because one of the recipients was rejected by the server. The rejected e-mail address was '<email address>'. Subject '<Test>', Account: '<Test>', Server: '<smtp.example.com>', Protocol: SMTP, Server Response: '553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1)', Port: 25, Secure(SSL): No, Server Error: 553, Error Number: 0x800CCC79.

The exact error message might vary, depending on your Internet service provider (ISP) (ISP: A business that provides access to the Internet for such things as electronic mail, chat rooms, or use of the World Wide Web. Some ISPs are multinational, offering access in many locations, while others are limited to a specific region.). Some ISPs might not return an error message when they detect outgoing messages as unsolicited commercial e-mail. In such cases, your message might appear to be sent normally — it leaves the Outlook Outbox and appears in Sent Items — but it is never actually delivered to the recipient.

Your message was rejected because the SMTP (outgoing) e-mail server did not recognize you as an authorized user.

SMTP is the protocol — standards that computers use to communicate with each other — that most e-mail servers use to send e-mail messages across the Internet. When you use an e-mail program, such as Outlook, that lets you store your e-mail messages on your computer, you need access to an SMTP server to send e-mail messages.

 Note   Web e-mail systems are used differently, and this article does not apply to those e-mail accounts.

Junk e-mail and open relays

Unsolicited commercial e-mail is sometimes called junk mail or spam. The main reason that junk e-mail continues to increase in volume is that it costs the person who sends it virtually nothing to send — in fact the senders don't even have to send the junk e-mail through the SMTP (outgoing) e-mail server of their own ISP.

The basic structure of the Internet was designed before anyone considered the implications of providing the ability to send millions of pieces of junk e-mail for little cost. Spammers use the relaying ability of SMTP servers to mask the true origin of the junk e-mail by relaying it through third-party servers that permit such open relays. This makes the junk e-mail appear to come from the site that relays the message and conceals the identity of the real sender.

Until recently, most SMTP e-mail servers worked on an open trust system. Under this system, anyone, anywhere could submit an e-mail message to an SMTP server, and the server would accept it and forward to a recipient or to another e-mail server where the recipient's mailbox was located. Under a so-called open relay server, there were no restrictions on who was allowed to send via the SMTP server.

Your ISP to the rescue

As junk e-mail volumes increased, network administrators  — the people responsible for managing your ISP servers — began placing restrictions on their SMTP e-mail servers. These restrictions help prevent just anyone from using, or abusing, an e-mail server. Think of it like this — a telephone in the lobby of your organization was available for anyone to use whether they worked at your organization or not. Now only the employees are permitted to use that phone.

There are several types of restrictions in use today:

  • Require SMTP authentication     Just as you must use a password to access your POP3 (incoming) server for your e-mail messages, this option requires that you provide a user name and password to send e-mail messages through the SMTP server. Usually, these are the same user name and password used for the POP3 server; however, they can be unique.
  • Require that you connect to the ISP POP3 (incoming) e-mail server first     When you connect to retrieve your new e-mail messages, you typically connect to a POP3 (incoming) e-mail server. You are required to provide a user name and password to access your mailbox. A network administrator can configure the server so that if you first connect and authenticate with the POP3 e-mail server, it will approve any request that you make to send an e-mail message through the normally restricted SMTP outbound server.
  • Require that you connect from an authorized network location     When you are at home and you dial your ISP or if you have a cable or DSL modem, you are directly connecting to the ISP network. You are trusted in that you have an account with the ISP with a user name and password. You are authorized to use the SMTP server to send e-mail messages because you are a customer.
  • Require that you connect from a specific IP address or range of IP addresses Your ISP might authorize access to the SMTP server to people who are not connected directly to the network. A remote user at an office can use this option. However, a major problem is that many places have what are called dynamic IP addresses. Each time that you connect, you are not assured of having the same IP address. Some companies might have a reserved block or range of IP addresses. Your ISP can authorize connections from those IP addresses as approved users. Your ISP can provide you with additional information.

There are many possible scenarios for relaying. The following are the most common situations. See if one matches your situation.

Scenario Is this relaying?
You are at home and have an ISP account that ends with @proseware.com that you dial or connect to with a cable or DSL modem. You send an e-mail message to another person whose e-mail address also ends with @proseware.com. No. Your mail should be processed normally.
Same as the first scenario, except that you send an e-mail message to a person whose e-mail address ends with @adatum.com. Yes, but it is not blocked. You are directly connected to your ISP and thus are authorized to send mail through the ISP's SMTP (outgoing) server to any e-mail address, regardless of where the recipient's mailbox is.
You are at work. Your work e-mail address ends with @thephone-company.com, and you have a home ISP account that ends with @proseware.com that you dial or connect to with a cable or DSL modem. In Outlook, you have the same SMTP server settings that you use at home. You send an e-mail message to a person whose e-mail address also ends with @proseware.com. No. Your mail should be processed normally.
Same as the preceding scenario, except that you send an e-mail message to a person whose e-mail address ends in @adatum.com. Yes, and this message could be blocked as relay mail. You are attempting to use your home ISP's SMTP (outgoing) server while not connected to the ISP network. The SMTP server can't validate you as an authorized subscriber of the ISP. In addition, you're asking that SMTP server to take your message and then connect to another SMTP server for delivery to the recipient's mailbox.
You are staying at a hotel or using an airport Internet kiosk that provides Internet access. You have a home ISP account that ends with @proseware.com that you dial or connect to with a cable or DSL modem. In Outlook, you have the same SMTP server settings that you use at home. You send an e-mail message to another person whose e-mail address also ends with @proseware.com. No. Your mail should be processed normally.
Same as the preceding scenario, except that you send an e-mail message to a person whose e-mail address ends in @adatum.com. Yes, and this message could be blocked as relay mail. You are attempting to use your home ISP's SMTP (outgoing) server while not connected to the ISP network. The SMTP server can't validate you as an authorized subscriber of the ISP. In addition, you're asking the SMTP server to take your message and then connect to another SMTP server for delivery to the recipient's mailbox.

What should I do?

If you are using a scenario that is considered relay, you must send the message through your current connection's server. This means if you are at work or away from home and not using your ISP to connect to the Internet, and you want to send a message from your home ISP e-mail account, you must change your e-mail account settings to specify the SMTP server used at your location, for example, your work SMTP server.

If this solution doesn't work for you, or you prefer to use your home ISP account, your next step is to contact your ISP and ask if any of the options described earlier are available to you. For the first two restrictions — require SMTP authentication or require that you connect to the ISP POP3 (incoming) mail server first — you can make the changes in Outlook in the E-mail Account Wizard.

So why can't I send mail?

You changed your SMTP settings in Outlook or found an option that should allow you to send your e-mail message. However, you still can't send mail and you receive an error message.

It's possible you did everything right but encountered another safety feature that network administrators use to prevent identity spoofing. Identity spoofing is simply a way of sending an e-mail message and disguising who you really are.

Outlook, like most e-mail programs, allows you to specify the "display name" and the return e-mail address that appear if someone clicks Reply to your message. Junk e-mail nearly always contains false information in these fields. Do you really think that those messages you received about a get-rich-quick scheme came from a supermodel or a world leader.

To prevent identity spoofing, some ISPs restrict the insertion of false information in the reply e-mail address field. For example, if your ISP domain name ends in proseware.com, the ISP might not permit you to set your e-mail return address as terri@contoso.com. This restriction is not as commonly used as the restrictions described earlier, but it can be applied to all users, regardless of their location and connection. There is no alternative. If your server administrator is using this method, you must specify a return e-mail address domain that matches your current connection.

 
 
Applies to:
Outlook 2003