Skip to content

Fix: 554 5.7.5 permanent error evaluating Dmarc policy

  • by
  • 3 min read

Email has evolved a lot and is now quite advanced as compared to its beginnings. However, while it’s easy to log into your email account and send messages to whoever you want, there are still a few more hurdles to jump through and settings to configure for those managing the backend. 

In this article, we’re talking about the “554 5.7.5 permanent error evaluating DMARC policy” issue, its causes and how you can fix the problem. 

What causes the 554 5.7.5 permanent error evaluating DMARC policy issue?

The error code 554 is used for common SMTP codes, meaning the transaction has failed. Since the error message also says “permanent error”, the server will not try to send the message again. This is usually caused by a number of reasons, including:

  • Incomplete or incorrect DMARC settings
  • Incorrect SPF records
  • Incorrect DKIM email authentication records
  • Wrong policy evaluation on the recipient’s end

Also read: Fix: Can’t send message with T-Mobile: error 0

How to fix 554 5.7.5 permanent error evaluating DMARC policy issue?

Here are three fixes you can try out. 

Check your DMARC settings

Things like incorrect quotation marks, extra characters or missing semicolons at the end can all affect how your DMARC records and by extension settings are read. If the DMARC record isn’t correct, the server will likely throw this error before proceeding any further. 

You should also check other records such as SPF and DKIM to ensure consistency and correct syntax. Keep in mind that all these things need to work together for an email to be authenticated and registered on the server so it’s important for these records to be correct. 

Change your SPF record from Neutral

Having a neutral SPF record means the receiving server cannot determine whether or not the email you sent is legitimate. SPF or Sender Policy Framework records are used here to signify an email’s legitimacy. However, is your SPF record is set to neutral, it acts as if it doesn’t exist. You should be setting it to at least softfail ~all or hardfail ~all to avoid this error. 

Set up DKIM authentication

CC vs BCC in emails: What's the difference? Which is used when?

If you haven’t already, now’s the time to set up DKIM authentication. In order to pass DMARC, your DKIM needs to be set up properly, otherwise, your emails will run into similar errors. The best way to do this is to use teh TXT record name and value provided by your DNS provider to ensure DKIM authentication works properly. 

Also read: How to fix ATT error: Email not found on accelerator?


Yadullah Abidi

Yadullah is a Computer Science graduate who writes/edits/shoots/codes all things cybersecurity, gaming, and tech hardware. When he's not, he streams himself racing virtual cars. He's been writing and reporting on tech and cybersecurity with websites like Candid.Technology and MakeUseOf since 2018. You can contact him here: [email protected].