Message expired, cannot connect to remote server

Hi forum! I have an issue with one of my users where I cannot receive or send mail from and to him. He uses TLS1.2 and I do not. Is there a way to bypass this roadblock? Here’s the message we both get:

PROD.OUTLOOK.COM returned '550 5.4.317 Message expired, cannot connect to remote server(451 5.7.3 STARTTLS is required to send mail)”

1 Like

Try to check incoming and outgoing ports.
use this links to check ports, and change them and check if problem fix



Please follow the link below

Hi @Thompson Check any of the below instructions help you solve your problem:

  1. Check to be sure the device is actually connected to the internet.

  2. check the DNS for exchange.****.com, see if that record exists and where it points. Perhaps its value is incorrect. Be sure to check both the internal DNS servers and the public DNS servers, as they might not be the same.

  3. Check the sending device, and make sure it has the proper TLS settings. If the device may be a copier/scanner, I feel sad for you. Microsoft recently started requiring the STARTTLS, and a few of the old copy machines are running firmware that doesn’t support this. If it is a copy machine, contact the manufacturer or support people and have them update the firmware. If they can not update the firmware, you will have to seek out a special thanks to saving the scans. maybe scan to a file share instead?

  4. Check your mail transport rules on O365 to be sure your new tenant is allowing inbound traffic from the external IP of your device. These rules would be easy to overlook when moving from one tenant to another.


Hi @Thompson,

Below are the few solutions recommended by Microsoft these solutions, were taken from the Microsoft Doc site. For your issue any of the below solutions will help you:

Here are some steps for you to try:

Solution 1: The MX record for your domain might be missing or incorrect. Get more information about how MX records work at DNS basics.

Solution 2: Test your MX record and your organization’s ability to send mail by using the Outbound SMTP Email test in the Microsoft Remote Connectivity Analyzer.

Solution 3: The Sender Policy Framework (SPF) record for your domain might be incomplete, and might not include all email sources for your domain. For more information, see Set up SPF to help prevent spoofing.

Solution 4: Your domain might have expired due to non-payment. Verify with your domain registrar that your domain is active and not expired.

Solution 5: If the recipient is in your on-premises Exchange organization in a hybrid deployment, there might be a problem with your hybrid configuration. Give the information in the NDR to your on-premises Exchange administrators. They might need to rerun the Hybrid Configuration Wizard due to changes in their on-premises IP addresses or firewall rules.