Troubleshooting - Email Sending

In this article:

MS Office 365 threat management

Sometimes transactional messages from Mailtrap (such as email confirmations, invitations to join an inbox, invoices, etc.) can be sent to Threat management >> Quarantine by MS Office 365.

If you have faced this issue, follow these steps to resolve it:

  1. Go to https://protection.office.com/#/quarantine.
  2. Select the emails sent from Mailtrap.
  3. Click the Release messages button.
  4. Check the "Add sender to your organization’s allow list" checkbox.

When signing up for Mailtrap, you have an option to use Office 365 account authorization "oAuth" for smooth integration. In this case, email confirmation won't be required.

Sending from domain is not allowed 

Error: Mail command failed: 550 5.7.1 Sending from domain is not allowed

In case you get this error, you tried to send an email using SMTP with Mailtrap Email Sending.

The possible reasons for getting it are:

  • You send an email with FROM: {anything}@mydomain.com, but in Mailtrap your verified anotherdomain.com. The verified domain and FROM: domain in your emails should match.
  • You added some DNS records for your domain, and now it's not verified. Go to Sending Domains and check the status of the domain you're trying to send emails with. If you don't see the Verified badge, click on the domain and check if all DNS records are found by Mailtrap (all should be green).

I'm getting an "Unauthorised" error (401 code)

There are several reasons why you might be getting the "Unauthorised" error. Here's what to check:
  • Make sure you're sending from the domain that you've set up and verified for Mailtrap Email Sending. Using any other domain will result in the given error.
  • Check whether you're using Testing or Sending credentials. It isn't possible to send production emails with Testing credentials.
  • If you've configured a custom token for your domain - make sure it has proper permissions to send emails.
  • Make sure you're using the correct SMTP/API credentials provided in the SMTP/API settings tab of your domain.

  • Use cURL code example to see if you can replicate the error. Here's the path to the exemplary code:

    Sending Domains > SMTP/API Settings > Code Samples > Select cURL from the drop-down

SSL_ERROR_NO_CYPHER_OVERLAP or Error 1001

When using a custom domain for click tracking, you may encounter SSL_ERROR_NO_CYPHER_OVERLAP or Error 1001 error.

Custom Domain for Click Tracking

Mailtrap allows you to use your own domain for click tracking. To achieve this, you need to add a mt-link CNAME record during the domain setup process. Mailtrap also facilitates issuing a security certificate for the mt-link subdomain to ensure a secure connection. Certificates from Let's Encrypt and Google Trust Services are used.

The Cause of the Error

Some domains have a list of trusted Certificate Authorities (CAs) specified in CAA records. If this list doesn't include Google Trust Services and Let's Encrypt, Mailtrap won't be able to request certificates from them. Consequently, click tracking won’t work because the browser won't be able to establish a secure connection.

Checking Your CAA Records:

You can check the CAA records for your domain using the following command:

dig CAA example.com

The output might look similar to this:

;; ANSWER SECTION:
example.com.   13990    IN    CAA    0 issue "globalsign.com"
example.com.   13990    IN    CAA    0 issuewild "globalsign.com"

Resolving the Error

If you want to keep your existing CAA records, you need to modify them to include Google Trust Services and Let's Encrypt:

# Google Trust Services
0 issue "pki.goog; cansignhttpexchanges=yes"

# Let's Encrypt
0 issue "letsencrypt.org"

Type Value Description
Name blank or @ depending on your provider
TTL 1 hour or any other appropriate TTL It controls how long the record is valid.
Flag 0 `0` means that no flags have been set. Please read the documentation if you need more specific behavior.
Tag issue It allows the CA to issue certificates for this domain and its subdomains (e.g. mt-link subdomain).
Domain
  • pki.goog; cansignhttpexchanges=yes
  • letsencrypt.org
Google Trust Services needs additional parameter cansignhttpexchanges=yes .

Additional Information

It can take several hours for the changes to your CAA records to propagate after creating them. Eventually, you should be able to resolve the error and ensure your mt-link subdomain functions correctly:

How to fix the "From: Header does not match the sender's domain" error?

This fix is typically tied to Laravel context. And you should first check if you have your domain added to your account. If not, please add it, and verify the domain.

Next, check if your mail message has a From: header; and that the From: header also contains an address on your domain.

Most likely, the MAIL_FROM_NAME is only variable using for the envelope from address and it's not the same as the header. Please, make sure it’s the same as the header.

Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.

Still need help? Contact Us Contact Us