There could be several reasons for this and the exact reason is best given by the team supporting that security service or appliance. However, generally the following points can be considered
- If only mail from specific senders of your domain is being rejected, most likely those email ids are blacklisted on the appliance or these email ids are sending spam due to which the appliance is rejecting these mail.
- Due to continuous spamming activity from your domain or IP address, the reputation of your source (IP and email domain) becomes poor (possibly on a rating scale), due to which the mail are rejected by the appliance.
- The IP address of your outgoing relay server is blacklisted on the spam cop sites, which reduces its reputation and may cause the appliance to reject mail.
If you notice, the common thread essentially (root cause) is that there is a lot of spam generated from the domain users (internal spam). The way to protect against this happening is to ensure that email originating from your domain is always as clean as possible.