Domain has exceeded the max defers and failures per hour

If you see the error "Domain has exceeded the max defers and failures per hour," it means your hosting account has triggered the outgoing email rate limit. This is a server-side protection that prevents compromised accounts from sending spam.

01. What This Error Means

A deferred email is one that could not be delivered on the first attempt. Common reasons include invalid recipient addresses, full mailboxes, and receiving servers rejecting the message. A failure is a permanent delivery failure (bounce).

Our servers limit the number of defers and failures per domain per hour. When this limit is reached, outgoing email from your domain is temporarily suspended to prevent your domain and our server IPs from being blacklisted.

02. Common Causes

• Compromised email account - someone has your email password and is using it to send spam. This is the most common cause. Change all email passwords immediately
• Compromised PHP script - a hacked WordPress plugin or outdated contact form is sending spam through PHP's mail() function. Check for unfamiliar files in your public_html directory
• Mailing list to bad addresses - sending newsletters or bulk email to a list with many invalid addresses generates defers and bounces
• Forwarding loops - email forwarders sending to addresses that bounce back, creating a cycle of defers
• Autoresponder misconfiguration - an autoresponder replying to bounce messages or spam, generating more outgoing messages

03. How to Fix It

1. Change all email passwords - in cPanel > Email Accounts, update the password for every email account on the domain. Use strong, unique passwords
2. Check your sent folder - log into webmail and look at the Sent folder. If you see messages you did not send, your account is compromised
3. Check for malicious scripts - look for recently modified PHP files that should not be there. Run a malware scan from cPanel > Security > Virus Scanner
4. Review mail queue - if you have SSH access, check /var/spool/exim/input/ or contact support to review what is in the mail queue for your domain
5. Disable forwarders - in cPanel > Email > Forwarders, review all active forwarders. Remove any that forward to addresses that might bounce
6. Wait for the limit to reset - the defer limit resets hourly. Once the underlying issue is fixed, email will resume sending normally

04. Preventing Future Occurrences

• Use strong passwords - at least 12 characters with mixed case, numbers, and symbols. Never reuse passwords across accounts
• Keep software updated - outdated WordPress plugins and themes are the most common attack vector. Enable automatic updates where possible
• Use SPF, DKIM, and DMARC - proper email authentication helps prevent spoofing and improves deliverability
• Clean your mailing lists - remove bounced addresses promptly. Use double opt-in for new subscribers
• Use a transactional email service - for high-volume email (newsletters, notifications), use a service like Mailchimp, SendGrid, or Amazon SES rather than sending from your hosting account

Quick Recap: Max Defers Fix

1. Change all email passwords for the affected domain immediately
2. Check for spam in your Sent folder via webmail
3. Scan for malware if you run WordPress or other CMS software
4. Review and remove any suspicious email forwarders
5. Contact support if you need help identifying the source

1,950 users found this article useful · Last updated March 2026 · Browse all Email articles