Symantec Messaging Gateway does not deliver to an external domain, and the Message Audit Log (MAL) shows a final delivery status with the "554 5.7.1" code.

SMTP code "554 5.7.1" is a rejection from the receiving mail server and means email delivery is 'Not allowed' and that redelivery should not be attempted. A 5xx level status code indicates a "terminal" status and SMG will not attempt to redeliver the message. 

The "554 5.7.1" SMTP status code generally includes information on the cause of the rejection:

• 554 5.7.1 You are not allowed to connect
• 554 5.7.1 Rejected message by MTA, EHLO domain does not exist in DNS
• 554 5.7.1 This message has been blocked because it contains a banned word
• 554 5.7.1 Rejected message by MTA, RDNS record for connecting IP has no matching 'A' or 'MX' records
• 554 5.7.1 Delivery not authorized
• 554 5.7.1 <sender address>: Relay access denied
• 554 5.7.1 Bad senders system address

• See Deployment best practices for Messaging Gateway for configuring both inbound and outbound traffic.
• Ensure that Messaging Gateway is scanning outbound messages for spam, and that spam filters are updated.
• Follow the standard recommendations for SMTP validation on your DNS records: implement Reverse DNS and Sender Policy Framework.
• Ensure that your internal network is not compromised by making sure that local antivirus is installed and updated.
• Ensure that the firewall only allows connections on port 25 to your antispam or mail servers. Also, ensure that outbound connections to port 25 are limited to SMG or other trusted mail sources.
• Confirm that your externally facing IP address or network is not listed as a spam source. See  Symantec IP Reputation Investigation.