My OUTgoing email is being blocked: GoDaddy/Outlook/Inkyphish

GoDaddy is our host, and they fairly recently? moved to Outlook. They apparently use something called Inkyphish for security. I think this is a GD thing not an MS thing … but I’m not sure.

At any rate, any time I try to send an an email, even if I’m replying to someone directly, I get some version of this:

This is the mail system at host obx-inbound.inkyphishfence.com.

I’m sorry to have to inform you that your message could not

be delivered to one or more recipients. It’s attached below.

For further assistance, please send mail to postmaster.

If you do so, please include this problem report. You can

delete your own text from the attached returned message.

The mail system

<rsa623@gmail.com>: host jenk-org.mail.protection.outlook.com[104.47.59.138]

said: 550 5.7.64 TenantAttribution; Relay Access Denied

[DM6NAM12FT110.eop-nam12.prod.protection.outlook.com

2024-02-06T12:03:25.939Z 08DC2482E65A731F] (in reply to end of DATA

command)

This isn’t the account I’m sending to blocking me, this is my email not being allowed out. This happens even when I’m emailing people I’ve contacted for years, like my sister, or even sending to my own ‘junk’ Gmail account.

I’ve been trying off and on for 9 months to figure out why and how to fix it, and I’m getting nowhere fast. I think it has to do with the fact that my husband’s base account is seen as the Admin, and this was originally a business account. We’ve contacted GoDaddy and they said they’d look into it, but nothing has changed.

I’d ditch this personal account and go to Gmail, but I’ve had this address for almost 20 years now and there is A LOT tied to it. I can’t imagine trying to update everything.

I guess I could keep it and use it like my throwaway email, and swap to my current throwaway Gmail as my regular address. But I’d rather not if I can figure out what the hell is going on here!

Any of you wise people have a clue how I can fix this?

Maybe this should have gone in Factual Questions … ?

Do they not have tech support personnel that you’re contractually allowed to call up and get help with this? Or if they do, are they incompetent when you do?

You might need to add some records to your DNS records. This is definitely something GoDaddy needs to help you fix. There’s a lot of layers here that would be too hard to troubleshoot via messageboard.

Get them on the phone and don’t let them go until it’s fixed.

The explanation above is that the system jenk-org.mail.protection.outlook.com is not willing to relay email for the system that connected to it and asked it to relay mail. Your messages are never leaving Microsoft, so it is not an issue of being blocked by gmail, or anything like that.

I do not know why that system refuses to relay messages for you.

I have no advice on how to directly fix this. I recommend going through the GoDaddy documentation on configuring your email and make sure that all of the settings in your hosting and dns panels are set correctly. If that all looks correct, or doesn’t make sense, then keep contacting their tech support.

Ugh, SMTP relay restrictions are something I’ve had to deal with many times over the years as an IT guy. :frowning:

It’s extremely common. Generally this happens when you’re sending mail and something makes it look like the sender is not who they say they are. Relay restrictions are a good thing generally, and if you are being blocked by your own mail server then I’m guessing this is a CYA policy on their part. They don’t want a client sending email pretending to be someone they’re not, because it might make them complicit in something shady which can potentially land them in legal trouble or at least be bad PR.

My guess, and this is only a WAG since I can’t look at your system, but my guess is that since your host changed you need to change something in your mail settings and/or records to match. That mismatch likely makes things look suspicious. Hence the blocking.

It sucks that GoDaddy hasn’t been helpful, because they are the ones that changed things, and they should be the ones who can tell you what to change it to (or make the changes themselves).

By the by, I looked up your error in Google and it brought me to this:

This looks very much like your situation. As you say, they are using Outlook (probably a Microsoft 365 hosted service). Here is what they say is the cause for the error:

  • You use an inbound connector in Microsoft 365 that’s configured to use a certificate from on-premises to verify the identity of the submitting server. (This is the recommended method. The alternative is by IP address). However, the certificate on-premises no longer matches the certificate that is specified in Microsoft 365. This may be due to a configuration change on-premises or a new/renewed certificate that uses a different name.
  • The IP address that’s configured in the Microsoft 365 connector no longer matches the IP address that’s being used by the submitting server.

You’ll notice that in both cases, there is a mismatch, either an IP mismatch or a certificate mismatch. And the fact that this problem coincided with a change from GoDaddy reinforces the idea that the change they made was responsible.

They offer a couple of solutions, but I assume you aren’t an administrator for your email, you’re allowing GoDaddy to handle that role. So, I don’t think you can implement those changes. You’ll probably need GoDaddy to do this.

The bottom line is that any solution will almost certainly require GoDaddy’s cooperation. You are their customer and their changes have killed a service that you are presumably paying for. (I own a domain through GoDaddy and I remember that there was an option to get email which I declined because I didn’t need it.) If they are not giving you what you paid for, especially if it has been 9 months, there has to be a way to escalate this with them.

Thanks all.

Technically my husband is the Admin, I think, But the pathways and permissions are so convoluted that it’s really hard to determine where to go to change whatever setting it is, and he’s over it.

I gather from my periodic Google-fests that I am not an authorized user or something, because he has no problem sending mail from his jenk.org mail.

I guess I need to get his login info and spend a total rabbit-hole day.

Another vote that GoDaddy needs to solve this. It’s their security software that’s not making outlook.com happy.

Best thing to do would be to talk to GoDaddy and say “I can’t deliver email to (specific email address). Here is the error message. Help please.” If you can give them a specific reproducible example any halfway competent support person should be able to fix it. Or you might need to escalate it to a higher tier or manager if they can’t/won’t fix it.