Some emails going to Gmail Business or Personal mailboxes are not received. In the log it shows the message is bounced with the error message below,
to=<EMAIL>, relay=LOADBALANCE-|aspmx.l.google.com,|alt1.aspmx.l.google.com[172.17.0.6]:25, delay=11, delays=1.5/0.02/0.69/8.4, dsn=5.7.0, status=bounced (host LOADBALANCE-|aspmx.l.google.com,|alt1.aspmx.l.google.com[172.17.0.6] said: 552-5.7.0 This message was blocked because its content presents a potential 552-5.7.0 security issue. Please visit 552-5.7.0 https://support.google.com/mail/?p=BlockedMessage to review our 552 5.7.0 message content and attachment content guidelines. lp14-20020a17090b4a8e00b00232dd9ab146si136673860pjb.13 - gsmtp (in reply to end of DATA command)
Root Cause Analysis
Gmail takes an aggressive approach to reject any attachments matching these conditions,
- Certain types of files, including their compressed form (like .gz or .bz2 files) or when found within archives (like .zip or .tgz files)
- Documents with malicious macros
- Password-protected archives with archived content
File types blocked by Gmail are:
.ade, .adp, .apk, .appx, .appxbundle, .bat, .cab, .chm, .cmd, .com, .cpl, .diagcab, .diagcfg, .diagpack, .dll, .dmg, .ex, .ex_, .exe, .hta, .img, .ins, .iso, .isp, .jar, .jnlp, .js, .jse, .lib, .lnk, .mde, .msc, .msi, .msix, .msixbundle, .msp, .mst, .nsh, .pif, .ps1, .scr, .sct, .shb, .sys, .vb, .vbe, .vbs, .vhd, .vxd, .wsc, .wsf, .wsh, .xll
The details are documented by Gmail at here, File types blocked in Gmail.
- Open SCES Admin Portal
- Go to Message Trace -> Mail Query, find your email by putting the filter. Seeing if the status shows Bounced.
- If so, hover the mouse over 3-lines icon and click Lifecyle
- Scroll down to the bottom to get the details of the bounce reason from Gmail
Screenshots for the reference,
- As what Gmail asks, upload the attachment to somewhere else and email the recipients the location
- Contact firstname.lastname@example.org to activate the attachment protection feature.
High level of the attachment protection feature,
SCES will replace the attachment with a HTML wrapper in the email which will comply to the Gmail regulation.