ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Outbound message delivery fails with "550-5.7.26 unauthenticated email" response


Article ID: 221490


Updated On:


Messaging Gateway


When attempting to deliver mail to a downstream / external mail server, the messages are rejected and the Message Audit Log indicates that the message has failed DMARC authentication:

550-5.7.26 unauthenticated email from is not accepted due to\r\n550-5.7.26 domain's dmarc policy. please contact the administrator of\r\n550-5.7.26 domain if this was a legitimate mail. please visit\r\n550-5.7.26 to learn about the\r\n550 5.7.26 dmarc initiative. y129si4332442ybf.273 - gsmtp


The destination mail server is rejecting the message due to DMARC authentication failure.


Ensure that SMG is properly configured to support DMARC authentication for the sending domain / envelope sender.

  • Ensure that the sending IP used by SMG or the internet facing network address translation (NAT) address in included in any SPF records for the sending domain
  • Ensure that SMG is configured to do DKIM signing of outbound mail for the sending domain

If relaying mail for another domain by using the "Add bcc recipient" or "Route to" policy actions, the SMG internet facing IP addresses will likely need to be whitelisted by the destination mail service as SMG's IP addresses will not be listed by the SPF records as an allowed sender.