• vCenter Server alarm email notifications are not sent.
• Upstream mail servers may reject the connection with malformed command errors or IP bans, and logs indicate failure during the SMTP handshake.
• SMTP logs show 550 5.7.606 Access denied, banned sending IP.
• SMTP logs show 503 5.5.2 Need rcpt command.
• Error messages reference PIPELINED communication failures or ruleset tls_rcpt failures.
• Test emails from vCenter fail to send despite correct SMTP server settings.

• VMware vCenter Server Version: 6.x, 7.x, 8.x

• The password for the mail account contains special characters (e.g., &, ;, ", ', ^, \, %) that the vCenter Server mail relay or underlying service cannot correctly parse.
• This results in malformed metadata being sent to the upstream SMTP server, which may interpret the malformed requests as malicious activity, leading to a temporary IP ban or transaction failure.

• Log in to the account management portal for the mailbox used by vCenter (e.g., Microsoft 365, Gmail, or Internal Exchange).

•  

  Change the password for the SMTP account to a string that excludes the following characters:

  • & (ampersand)

  • ; (semicolon)

  • " (double quotation mark)

  • ' (single quotation mark)

  • ^ (circumflex)

  • \ (backslash)

  • % (percentage)

• Log in to the vSphere Client.

• Select the vCenter Server object in the inventory.

• Navigate to Configure > Settings > General.

• Click Edit and select the Mail section.

• Update the Password field with the new credential.

• Click Save.

• Generate Test Email to verify the fix.
  
  

For further details on restricted characters in vCenter services, refer to Broadcom KB 319348.