Recently we have faced an issue in Office 365 test account where we cannot send email from our Office 365 test account to our On-Premises Exchange Server.
Note: Our On-Premises Exchange Server is a Hybrid Exchange Server.

We also have receive connector for the Barracuda.
Message trace in Exchange Online Admin:
Reason: [{LED=450 4.4.317 Cannot connect to remote server [Message=421 4.3.2 Service not available] [LastAttemptedServerName=mail.domain.org] [LastAttemptedIP=216.x.x.x:25] [CO1NAM11FT015.eop-nam11.prod.protection.outlook.com]};{MSG=421 4.3.2 Service not available};{FQDN=mail.domain.org};{IP=216.x.x.x};{LRT=10/9/2020 1. OutboundProxyTargetIP: 216.x.x.x. OutboundProxyTargetHostName: mail.domain.org
When we see 450 4.4.317 is a certificate error, I attached the relevant certificate on the receive connector and send connector Office 365.
Then I re-run the Hybrid Configuration Wizard.
But no luck; still, I am getting 421 4.3.2 error.
How to fix [Message=421 4.3.2 Service not available] error?
To fix this issue, you can be done in 2 steps.
Step 1: Add a custom receive connector to Office 365 IP for Port 25.
Step 2: Bind the SSL Certificate to three receive connectors: default, default frontend, above-mentioned custom receive connector.
I hope from above solution you can easily fix [Message=421 4.3.2 Service not available] error.