Email errors are difficult to deal with, especially when they show unclear error codes like “SMTP 554 transaction failed”.
The error shows that the email transaction between the sender and the receiver has failed.
But, why did it fail? How can we fix this?
At Bobcares, we help website owners to fix such email errors as part of our Outsourced Technical Support services for web hosts.
Today, we’ll discuss the top 3 reasons for this error and how we fix them.
SMTP error “554 transaction failed” – What is this?
In normal email delivery, mail goes from the sender, to the sending MX, and to the recipient’s MX and finally to the recipient.
How email works?
Sometimes, not all emails reach the destination server. The recipient server carries out a series of checks to verify the sender’s authenticity.
And, if any issues are noted, it rejects the mails.
For example, a sample bounce back message that users see in this case is given below.
SMTP error “554 transaction failed” – Causes and Fixes
Now, let’s see the main reasons for this error and how our Support Engineers fix it.
1) Recipient errors
One of the common reasons for the mail delivery error “SMTP 554 transaction failed” is the problems at the recipient’s mail server.
This includes a typo in the recipient address, incorrect MX entry for the recipient domain, disabled/suspended recipient account, blacklists or custom filters configured at the recipient end.
Solution
Our Support Engineers verify the recipient domain name, and it’s MX records are set correctly using the below command.
dig domain.com MX
Further, we check the connection to the recipient mail server with the following command.
telnet domain.com 25
If we notice missing MX entries or connection problems at the recipient end, this must be corrected at the recipient end.
On the other hand, if there are custom blacklists or filters, the sender domain must be whitelisted at the recipient end to allow mail flow.
The connection errors can also happen when the sender is behind a VPN connection. We typically verify the VPN settings and confirm that it allows sending of mails.
2) Poor IP reputation
Likewise, another common reason for this error is the bad reputation of the sender’s IP address.
The reputation of the IP address can go bad when there is repeated spam instances, open relays, or unacceptable behavior of the mail server.
Eventually, the mail server IP will be blacklisted in spam monitoring systems like SORBS, DNSSBL, etc.
Solution
In such causes, our Support Engineers check and ensure that the sender’s IP address is clean. Tools like https://mxtoolbox.com/blacklists.aspx comes handy here.
If the IP is blacklisted, we identify the source of the spam, fix it and take corrective actions to prevent such problems in future.
After that, we submit delist request to the spam monitoring systems.
Delisting usually takes about 2 to 3 days.
3) Bad DNS records
Similarly, the recipient server rejects emails due to the problems in the DNS records of the sender domain.
In other words, the recipient server checks DNS records like PTR, SPF, DKIM, etc. to verify the validity of the sender. If any mismatch is noted, it will reject the emails.
Now, let’s discuss about these 3 records in detail.
a) SPF record
Email providers use the security feature SPF(Sender Policy Framework) to verify the sender’s authenticity.
It decides which servers can send emails on behalf of a domain.
In other words, the SPF records contain the IP address of servers that can send emails on behalf of the domain. And, if the email originates from the IP listed in the record, the recipient server accepts the mail.
But, we’ve seen cases where the mail server IP has changed, but the SPF record doesn’t contain this new IP address.
So, for the recipient domain, the mail originates from a server that is not added in the SPF record.
Therefore, it rejects the email, and users see the error SMTP 554 transaction failed.
b) PTR record
PTR records aka Reverse DNS maps IP address to its domain name.
That is, consider the server “xyz.domain.com” points to the IP address “195.16x.111.10x“, then the reverse DNS of the IP should point to “xyz.domain.com“.
Most spam mails originates from poorly maintained servers, and most of these servers have a sloppy hostname and an IP without a PTR record.
Large emails providers like Hotmail, Yahoo, etc. use this as an important indicator for the source of spam and reject the emails from such senders.
c) DKIM record
DKIM record associates the domain name with an email message by attaching a digital signature.
Therefore, the recipient server can determine whether emails originate from a valid domain and thus prevent email spoofing.
If there are no DKIM records, some mail servers reject that emails considering the sender as fake.
Solution
Our Support Engineers first verify the DNS records like PTR, DKIM, SPF, etc. of the sender domain. When there is a mismatch found, we correct it by making the required changes in these records.
For PTR records, we always choose a Fully Qualified Domain Name other than the generic name like “xxx-xxx-xxx-xxx-static.provider.tld“.
For example xyz.domain.com.
At Bobcares, we always make sure to configure critical records like SPF, PTR, DKIM, etc. to ensure reliable email deliveries.
Conclusion
In short, SMTP error “554 transaction failed” can happen mainly due to IP blacklists, improper DNS settings of the sender domain, and more. Today, we’ve discussed the top 3 reasons for this error and how our Support Engineers fix it.
Another very common issue is a wrongly set clock, esp. when using MS Outlook.
Had this on a client – his PCs clock was set like 5 hours in the future. The receiving mail server (same timezone I guess) didn’t like that.
Synced his clock with ntp.org’s timeserver and viola – it worked.