Error: 554 returned to sender by a Symantec Mail Security Appliance or Symantec Mail Security for SMTP 5.0.x

Article:TECH85976  |  Created: 2007-01-10  |  Updated: 2011-05-12  |  Article URL
Article Type
Technical Solution


Users are claiming that some messages are not being delivered correctly and they also report that non-delivery reports are being sent back to senders.


The maillog has to be at information level to see these messages which are similar to:

2007 Aug 01 10:21:05 PST (info) delivery-mta/smtp[8522]: C11B4464002: to=IP[IP], delay=1, status=bounced (host IP[IP] said: 554 Transaction failed (in reply to end of DATA command))

Usually the IP will be your Symantec Mail Security server.


The quarantine will not accept messages larger than 1MB.


Symantec Mail Security quarantine is designed to hold only SPAM and SUSPECTED SPAM messages. Other rules that might have attachments larger than 1MB being detected will not be quarantined and a bounce will be generated for these messages when sent to quarantine.

Please revise your antispam, antivirus and compliance rules to make sure there are no rules other than SPAM or SUSPECTED SPAM using the quarantine as the desired action.

For Symantec Mail Security Appliances versions 7.5/7.6 and Symantec Mail Security 8200/8300 series it is recommended that compliance folders are used to handle rules that might have large attachments.

For Symantec Mail Security for SMTP 5.0.x it is advised to use other actions to forward these messages to an internal e-mail account for later review.

Legacy ID


Article URL

Terms of use for this information are found in Legal Notices