Cold email infrastructure starting at $1/mailbox. Volume discounts down to $0.55.Calculate your cost
ColdRelay
← All SMTP Errors
SMTP Error Reference

554 5.7.1

Sender not authorized — recipient requires pre-approval

The recipient's mail policy requires sender pre-approval (whitelist), and your sender isn't approved. Common with high-security organizations. Authorization must come from the recipient's side.

Last updated: May 23, 2026

Overview

What 554 5.7.1 Means

What it means

Some recipient organizations require all external senders to be pre-approved (whitelisted) before mail can be delivered. 554 5.7.1 with text like 'sender not authorized', 'not on approved sender list', or 'recipient policy requires approval' means your domain or address isn't on that organization's allow list. The 554 indicates a definitive transaction rejection — the receiver isn't going to relay your message regardless of content.

Who you'll see it from

High-security organizations (financial services, defense contractors, healthcare with strict HIPAA requirements, government), some regulated industries, and organizations using closed-recipient inbound policies via ProofPoint or Mimecast.

Why it happens

Recipient organization requires whitelist approval for all external senders; you're a new sender to a long-time customer; the recipient's IT team changed inbound policy after your last successful send; your domain was previously approved but the approval expired.

Resolution

How to Fix 554 5.7.1

  1. 1

    Confirm this isn't a different 5.7.1 variant

    5.7.1 has many causes. Read the descriptive text carefully. 'Not yet authorized' or 'sender not on approved list' is specifically about pre-approval; 'spam policy' or 'IP reputation' is something different. Misreading sends you down the wrong remediation path.

  2. 2

    Reach the recipient via an alternate channel

    Pre-approval requires the recipient's IT or compliance team to act. You can't fix this from your side. Reach the recipient via LinkedIn, phone, or their existing CRM contact. Ask them to forward your contact info to IT and request whitelist approval.

  3. 3

    Provide what their IT team needs

    When the recipient asks their IT team to whitelist you, IT will need: your sending domain (and any subdomains), your sending IPs (for IP-based whitelists), your authentication setup (SPF, DKIM, DMARC). Have all of this ready to send when the recipient comes back. ColdRelay's Domains and Servers pages surface all of this in one view for export.

  4. 4

    Test after whitelist approval

    Once the recipient confirms whitelist approval, send a low-stakes test message before resuming normal cadence. Whitelist propagation in some organizations takes 24-48 hours. If the test delivers, you're cleared.

  5. 5

    Don't keep sending until whitelisted

    Continued sends to a recipient who requires whitelist approval just generate more 554 bounces. Some sending platforms count these against your reputation; ColdRelay's Sends log categorizes them as recipient-policy bounces so they don't false-alarm your dashboards. Suppress until approval is in place.

Authority

References

Cold email infrastructure

554 5.7.1 in the Cold Email Context

Whitelist-required rejections are a structural cold email challenge — you can't out-fix the recipient's policy by improving your infrastructure. The cleanest cold email tactic is: don't push past 554 5.7.1 for the same recipient repeatedly. Add the recipient to your CRM's 'requires-warm-intro' segment and route them through a referral channel instead of direct cold outreach. ColdRelay's outbound layer doesn't try to bypass these rejections — they're policy, not deliverability. The infrastructure-side win is correctly categorizing them in the Sends log (recipient-policy vs. sender-issue) so your reputation dashboards don't get confused by what is properly a recipient routing decision.

FAQ

Frequently Asked Questions

Can I bypass a whitelist requirement?

No — that's the entire point of the whitelist. Continuing to send to a whitelist-protected recipient generates more bounces without changing the outcome. The only path is recipient-side approval.

Why do organizations use sender whitelists?

High-security organizations face targeted phishing and need stronger controls than spam filters alone. Whitelisting external senders means each new external contact is reviewed before mail can flow. Common in financial services (regulatory requirements), defense contractors (classified information protection), and high-value targets in any industry.

Will my domain need re-approval over time?

Sometimes. Some organizations auto-expire whitelist approvals after a year; some require periodic re-attestation. If a previously-working recipient suddenly returns 554 5.7.1, the approval may have expired — reach out and request renewal.

Should I add these recipients to a suppression list?

Yes, with a 'requires-whitelist' tag rather than permanent suppression. If you later get the recipient to whitelist your domain, you can remove from suppression and resume. Permanent suppression loses the lead; tagged suppression preserves the option.

Keep reading

Related SMTP Errors and Guides

SMTP Error
550 5.7.1
Spam policy violation — receiver rejected the message on policy grounds
SMTP Error
550 5.7.1
Outlook / Microsoft 365: unable to relay
SMTP Error
550 5.1.0
Office 365: sender address rejected — sender policy violation
Integration
Use Instantly with ColdRelay
Integration
Use Smartlead with ColdRelay
Use Case
Cold Email Infrastructure For Financial Services
Use Case
Cold Email Infrastructure For Cybersecurity Vendors

Stop Seeing 554 5.7.1 For Cold Email

ColdRelay ships clean, dedicated infrastructure with SPF, DKIM, DMARC, and reverse DNS configured automatically — the same fixes that resolve most 554 5.7.1 bounces. Starting at $50/month.

Start for $50/month →