If you send too many failed emails from your domain you may see this message:
Domain <<yourdomain>> has exceeded the max defers and failures per hour
This occurs when an account on your domain has sent too many failed email addresses within an hour.
When a domain sends too many emails to undeliverable addresses it is a possible indicator of a compromised account. Our mail server will block any emails from being sent from that domain for an hour as a security measure.
This protects both your domain and our mail servers from becoming black-listed.
What caused this?
You can track which failed emails have been sent using the Track Delivery option in cPanel.
Full details on how to use this tool can be found here:
Track Delivery | cPanel & WHM Documentation
How to avoid this from happening
The best practice is only to send emails from your account that you know are current and active.
This can occur when an account is used to send bulk emails such as a newsletter to a mail list. If the mail list contains old email addresses that are no longer active, you will trigger the security system. Using a third-party mail list system such as MailChimp is a much better way to send newsletters and bulk emails without directly affecting your mail server reputation.
This can also occur if you use your account to send 'Test' emails to undeliverable email addresses.
How to fix
You will need to wait an hour since your last failed email send. Once the hour has passed you can continue to use your mail service as normal.
Repeatedly sending failed deliveries will block your domain again and you will need to wait another hour.
If you believe your account is compromised and continues to be blocked please log a help desk ticket.
