On Windows machines with Digital Guardian Agent installed, emails sent using Outlook can have numerous x-dg-ref headers added containing email and attachment classification information.
This can cause emails with large numbers of attachments to exceed the header size limit of Exchange.
When sending using server-side injection, Microsoft apply differing header size limitations to inbound and outbound connectors. This can cause emails to be correctly delivered to the Signature 365 servers from Exchange online, but cause Exchange to fail receipt when returned from the service with the following error:
ERROR: Failed to send the email: The mail message data has been rejected by the server. The server responded: 552 5.3.4 Header size exceeds fixed maximum size [DX1PEPF000003EF.AREP273.PROD.OUTLOOK.COM]
As a result the Signature 365 service is unable to relay emails back to Exchange, and an NDR is delivered to the sender detailing this fact.
Solution
Fortra detail how to update the configuration settings within Digital Guardian to prevent these x-dg headers from being added to emails in the article below. Due to the hard size limit on email headers within Exchange, this must be completed in order to guarantee delivery of email when using server-side injection.
Digital Guardian Agent X Headers on Emails Causes Mail Server Rejection