An Azure communication platform for deploying applications across devices and platforms.
554 5.7.1 rejections at iCloud with SPF/DKIM/DMARC passing are consistent with recipient-side reputation or policy checks, including reverse DNS (PTR) and shared IP reputation. For Azure Communication Services (ACS) Email, PTR and outbound IP reputation are controlled by the service and not configurable per tenant.
From the available information:
- Reverse DNS / PTR and reputation
- Reverse DNS (PTR) is a common additional anti-spam check. If the sending IP’s PTR doesn’t align with the HELO/EHLO or visible domain, or if the IP has poor reputation, some providers return 5.7.x policy errors.
- ACS documents 5.7.25 “Reverse DNS Validation Failed” as a bounce reason when a recipient rejects based on reverse DNS: the guidance is to verify reverse DNS settings, but in ACS these are managed by the platform, not by the customer.
- Similarly, 5.7.26 “Multiple Authentication Checks Failed” and the “reputation-issues” bounce category indicate that even with correct SPF/DKIM/DMARC, recipient systems can still block based on IP/domain reputation or local policy.
- There is no documented mechanism in ACS for customers to view or change PTR records or directly remediate shared-pool IP reputation with specific providers such as Apple.
- What can be done from the tenant side
- Ensure all DNS authentication is correct and stable (which is already the case in this scenario):
- SPF record present and passing.
- DKIM selectors configured and verified.
- DMARC record present; even with p=none, it signals policy and alignment.
- Avoid repeated sends to invalid or bouncing addresses, as ACS notes that repeated bounces and poor list hygiene negatively affect sender reputation.
- Monitor bounce codes from ACS for affected iCloud recipients to see whether they map to ACS-documented categories like 5.7.25 (reverse DNS), 5.7.26 (multiple checks), or “reputation-issues.” This helps support triage.
- Ensure all DNS authentication is correct and stable (which is already the case in this scenario):
- Required next step: support escalation
- Because ACS uses Microsoft-controlled shared outbound IPs and manages PTR records centrally, investigation of:
- Actual sending IPs used for this tenant’s traffic to iCloud.
- PTR alignment for those IPs.
- Their reputation status with Apple and any delisting or remediation.
- must be performed by the ACS service team via a support case.
- The documented guidance for reputation-related and DMARC/SPF/DKIM-related issues in Microsoft SaaS email products is to open a support ticket when configuration is correct but bounces persist, so that engineering can review logs, IPs, and provider-specific blocks.
- Because ACS uses Microsoft-controlled shared outbound IPs and manages PTR records centrally, investigation of:
- Dedicated IP / dedicated sending option
- The provided material for ACS Email focuses on shared-pool reputation management and bounce handling; it does not document a dedicated IP or dedicated-sending feature for ACS Email, nor any customer-facing control over outbound IP selection.
- As a result, improving iCloud deliverability in this case depends on shared-pool remediation by the ACS team rather than tenant-side PTR or IP changes.
Actionable path:
- Collect recent bounce samples from ACS for icloud.com recipients, including full SMTP response and timestamps.
- Open an Azure support ticket for Azure Communication Services Email, attach the samples, and explicitly request:
- Review of sending IPs used for mail.martialapps.com to iCloud.
- Verification of PTR / reverse DNS alignment for those IPs.
- Reputation and block status with Apple and any required delisting/remediation.
- Ask support to confirm whether any ACS feature for dedicated IPs exists for the subscription; if not, rely on shared-pool remediation.
This aligns with ACS guidance that reputation, reverse DNS failures (5.7.25), and broader “reputation-issues” bounces require additional investigation and support involvement once DNS authentication is correctly configured.
References: