User receive the following NDR trying to send email from Exchange Online: 550 5.1.8 Access denied, bad outbound sender.
If you receive the following error, then it means that your account has been sending out too much spam and has been blocked from sending emails. Typically, this problem occurs because the users account has been compromised (hacked) by phishing or malware.
How can you resolve this?
The process to resolve this would be to reset the user’s credentials and enable MFA just as an extra measure of security to try and prevent this from happening again. Also, Office 365 provides you with a portal where you can unblock the user account, so they are allowed to send outbound emails again.
To unblock the user, Navigate to Office 365 Security and Compliance Centre.
The click on Alerts and on the right hand-side click on Security Alerts.
From the Security alerts view page, you will be able to see all the accounts that has been blocked for sending outbound emails.
Once you click on the blocked user account you will be able to see the same reason why the account was blocked.
To unblock the account, you can simply just click in the right-hand side under action “unblock”.
The user account will be unblocked and allowed to send outbound emails again.