It's really frustrating when important emails bounce, especially when they shouldn't. That 550 5.7.350 error is a sign that we need to pay more attention to our email security. By making a few simple changes, you can help ensure that your messages are delivered and maintain your reputation.
When you encounter this error, we recommend updating your DMARC record from p=none to p=reject.
It means when emails do not come from your email infrastructure, this designation has the receiver outright reject those messages that fail DMARC authentication.
This would help to improve your email reputation by preventing unauthorized senders from spoofing your domain and sending fraudulent emails. With `p=reject`, receiving mail servers will discard emails that fail DMARC authentication checks, reducing the chances of your domain being associated with spam or phishing attacks. This strong enforcement signals to ISPs that you take email security seriously, potentially enhancing your domain's reputation over time.
In addition, you can try to modify the SPF record and add the IPv4 so that it checks with the IPv6 (edit it to include your IPv4 and IPv6 addresses).
For example:
v=spf1 ip4:192.0.2.1 ip6:2001:db8::1 include:spf.protection.outlook.com -all
But you need to replace the IPv4 and IPv6 with your actual IP address.
You can check your IPv4 and IPv6 addresses using any of these tools:
Some online forums also recommend removing IPv6 from SPF, so your SPF record would include only IPv4.
When this bounce is coming from Gmail
If this email bounce is coming from Gmail, follow the initial instructions in this article. On top of it, you can try to create a connector that forces Office365 to use IPv4 when sending emails to Gmail accounts.
In this article, you can find detailed instructions (explained by Michael B. Morell CISSP CCSK) about how to create it: