This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
Original KB number: 3013740
An external email server can't connect to Microsoft Exchange Online Protection because its IP address was added to a blocklist. When a sender tries to send mail through that server, the sender receives a non-delivery report (NDR) that contains the following error message. (The message doesn't include the name of the specific blocklist.)
5.7.1. Unable To Relay: Blocked by Customer Allow list
This issue occurs if the IP address is added to both the incoming connector and the IP Allow list on the Connection Filtering page of the Exchange admin center. In this scenario, the NDR doesn't include the name of the specific blocklist if the IP address is added to a real-time blocklist (RBL) that's used in Exchange Online Protection.
To determine the name of the specific blocklist that's preventing the IP address from connecting to Exchange Online Protection, remove the IP address of the external email server from the IP Allow list. After you do it, the NDR will include the name of the specific blocklist.
Ideally, only on-premises IP addresses should be added to connector settings.
For more information about 5.7.1 NDR errors, see Fix email delivery issues for error code 550 5.7.1 in Exchange Online.
Training
Module
Examine email protection in Microsoft 365 - Training
This module examines how Exchange Online Protection (EOP) protects organizations from phishing and spoofing. It also explores how EOP blocks spam, bulk email, and malware before they arrive in users’ mailboxes.
Documentation
Fix NDR error 550 5.7.1 in Exchange Online - Exchange
Learn how to fix email issues for error code 5.7.1 (and also 5.7.0 to 5.7.999) in Exchange Online (the recipient is configured to reject email from the sender).
Fix NDR error 5.7.12 in Exchange Online - Exchange
Learn how to fix email issues for error code 5.7.12 in Exchange Online (the recipient rejects messages from external or unauthenticated senders).
5.7.1 smtp;550 5.7.1 RESOLVER.RST.AuthRequired NDR in Microsoft 365 - Exchange
Describes an issue that triggers a 5.7.1 smtp;550 5.7.1 RESOLVER.RST.AuthRequired nondelivery report when external users try to send mail to mail-enabled public folders in Microsoft 365.