Tag Archives: office 365

Fix: 550 5.1.8 Access denied, bad outbound sender

I have been having problems with one particular user in Office 365 who could not send or receive emails and he was always getting the error that the email was not delivered due to the below error.

Your message couldn't be delivered because you weren't recognized as a valid sender. The most common reason for this is that your email address is suspected of sending spam and it's no longer allowed to send messages outside of your organization. Contact your email admin for assistance.

Diagnostic information for administrators:
Generating server: --------------.eurprd02.prod.outlook.com
Remote Server returned '550 5.1.8 Access denied, bad outbound sender'

The problem is that the email was being blocked by Microsoft due that 5000 emails have been sent by the mailbox. The problem is not that your mailbox was hacked, but that the email header was spoofed by someone. To check that the mailbox is being blocked, open the Exchange Admin Center in your Office 365 portal, click on Protection and on Action Center.

You will see the user listed there with an unblock. Do not unblock the user for now.

In the Protection screen, click on dkim and highlight your external domain. Click on Enable. You will get an error message that CNAME records required are not found.


Open your domain DNS management portal on your hosting company and add the following CNAME entries

Host name: selector1._domainkey.<domain>
Points to : selector1-<domainGUID>._domainkey.<initialDomain>
TTL: 3600

Host name: selector2._domainkey.<domain>
Points to : selector2-<domainGUID>._domainkey.<initialDomain>
TTL: 3600

Once your DNS records have propagated, click on the Enable button on the dkim section.

Once enabled you can go under the Action Center and unblock the user. The process may take up to 2 hours to be cleared.

This will protect you from email message header spoofing. On another note to know immediately if a user has been blocked, you need to setup a notification as below.

Under the Exchange Admin Center open the Protection/ Outbound Spam section. Double click on default. Click on Outbound Spam preferences and tick send a notification when a sender is blocked as below and enter the admin email address. Click Save.



How To: Disable AD Autodiscover for Office 365 migration

When having a local setup of Exchange and you want to migrate to Office 365 while leaving the local Exchange in place, you will have problems with autodiscover still pointing users to the local Exchange setup. If you don’t do the below, Outlook will still try to connect to the old Exchange server.

To stop the Autodiscover, open ADSIEDIT.MSC from the Active Directory server and delete the below entry so that the local SCP entry is skipped.

Select the “Configuration” naming context
CN=Microsoft Exchange\
CN=Administrative Groups\
CN=Exchange Administrative Groups\
And delete the CN= of class serviceConnectionPoint

Since Outlook uses SCP as well, you might want to run this registry update on the local machines.

(The version number varies depending on your Office application version)
– Navigate to HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\AutoDiscover
– Create new DWord ExcludeScpLookup
– Set the DWord as 1

After this, try to ping autodiscover.mydomain.com to ensure that it’s pointing to the Office 365


You can also do the following maybe it will help more. These should be created under the AutoDiscover Key



How to: Setup Import Export role in Office 365

I went to upload the PST files on a tenant to use the Office 365 Import service by uploading the PST files using the AzCopy.exe. After I was done, I started the import and after 60 minutes I get a failed error. I made some research and then restarted the import, but now I noticed a message saying “Please add Mailbox Import Export role for use running import and check back in 60 minutes“.

To do this,

– Login in Office 365 portal
– Click on Exchange
– Click on Permissions
– Click on Admin Roles
– Add a new role with Mailbox Import Export Role
– Add the user you are using to import as part of the group

Screenshot below



Fix: AzCopy.exe Could not finish the operation within specified timeout

When uploading files or PST files to Office 365 using AzCopy.exe, during the upload using Microsoft’s PST Import service you might have the frustrating error saying “The client could not finish the operation within specified timeout“. On the command prompt it will be seen as stuck on saying 0 files uploaded with a transfer speed of 0 KB/s. I literally spent hours trying to find out why my PST files do not upload to Office 365.

This can be fixed by lowering the concurrent operations with the import services. After looking at the option which is /NC option to either 2 or 1 depending on the internet connection upload speed. To be safe, in my case I have setup the NC as 1.

Here’s an example of how the command prompt will look like.

AzCopy.exe /source:\\My-Server\PST /dest:https://12345ab67cd89e0fg123h45.blob.core.windows.net/ingestiondata/Company/PST /destkey:jhdfasdfnasdnflasjkdfnjklsdanflasdfn/nfasdjkfnasdjklfnsjkladnfasjkldfnsdjklf== /S /V:d:\PST_Upload\upload.log /NC:1


Fix: Office 365 This user’s on-premises mailbox has not been migrated to Exchange Online when using dirsync

“This user’s on-premises mailbox has not been migrated to Exchange Online. The Exchange Online mailbox will be available once migration is completed”

This only happens for users that have been synced using DirSync as they are mail enabled with on premises exchange. I do not however want to migrate mailboxes and would like to start a fresh.

To fix this, one should exclude the attribute ‘msExchMailboxGuid‘ on the Azure Active Directory Connect Tool (DirSync).

-Disable Synchronization from the Office 365 Portal
-Delete all synched users (marked as cloud now)
-Remove these mailboxes from the Office 365 Recycle Bin
-Edit the MIIS so the MSExchangeMailboxGUID does not sync
-Enable Sync again