SMTP Failure Responses
Created by Daniel Beckett, Modified on Thu, 18 May, 2023 at 4:00 PM by Daniel Beckett
If you have email tracking turned on in FLG then occasionally you may see an email marked as “Failed” as shown below.
A “Failed” email is where we either couldn't connect to the recipient's mail server, the mail server rejected our message (sometimes after many retries), or we had “Dropped” the email. A “Dropped” email occurs when a previous attempt to deliver to the same email address has failed with a permanent failure error code
You may see more information about the reason for the failure if you view the email and look at the “Status” field. It will either show the email status code or “Dropped”.
MTP status codes can be classified as either a basic code or an enhanced code. A basic SMTP server response message will always be in the format of a 3 digit code (e.g. 550). An enhanced SMTP server status code will be in the format of 3 digits separated by decimal places (e.g. 5.1.7). You may see either or both of these formats as the status code after a failure depending on the information the receiving server returns to us. Below are some of the most common examples you will encounter.
Basic SMTP Server Status Codes
Basic status codes are defined in RFC 5321 as follows:
Code | Meaning |
421 | The service is unavailable, try again later |
450 | The requested action was not taken because the user’s mailbox was unavailable |
451 | The message was not sent due to a server error |
452 | The command was aborted because there isn’t enough server storage |
455 | The server cannot deal with the command at this time |
500 | The server could not recognise the command due to a syntax error |
501 | A syntax error was encountered in command parameters or arguments |
502 | This command is not implemented |
503 | The server has encountered a bad sequence of commands |
504 | A command parameter is not implemented |
550 | User’s mailbox address is invalid |
551 | The recipient is not local to the server |
552 | The action was aborted due to exceeded storage allocation |
553 | The command was aborted because the mailbox name is invalid |
554 | The transaction failed for some unstated reason |
555 | MAIL FROM/RCPT TO parameters not recognized or not implemented |
Enhanced SMTP Server Status Codes
Enhanced status codes are defined in RFC 3463, and use the syntax <class> . <subject> . <detail>:
<class>:
2 indicates a success
4 indicates a temporary delivery error.
5 indicates a permanent delivery error.
<subject>:
1: Addressing
2: Mailbox (the recipient)
3: Mail system (the destination mail system)
4: Network and routing
5: Mail delivery protocol
7: Security or policyOV
<detail>: A 1 to 3 digit number that further classifies the error.
The following table contains the enhanced status codes that are returned for the most common message delivery failures.
Code | Description | Further information |
X.0.0 | Other undefined Status | Other undefined status is the only undefined error code. It should be used for all errors for which only the class of the error is known. |
X.1.0 | Other address status | Something about the address specified in the message caused this DSN. |
X.1.1 | Bad destination mailbox address | The mailbox specified in the address does not exist. For Internet mail names, this means the address portion to the left of the "@" sign is invalid. |
X.1.2 | Bad destination system address | The destination system specified in the address does not exist or is incapable of accepting mail. For Internet mail names, this means the address portion to the right of the "@" is invalid for mail. |
X.1.3 | Bad destination mailbox address syntax | The destination address was syntactically invalid. This can apply to any field in the address. |
X.1.4 | Destination mailbox address ambiguous | The mailbox address as specified matches one or more recipients on the destination system. This may result if a heuristic address mapping algorithm is used to map the specified address to a local mailbox name. |
X.1.6 | Destination mailbox had moved, no forwarding address | The mailbox address provided was at one time valid, but mail is no longer being accepted for that address. |
X.1.7 | Bad sender’s mailbox address syntax | The sender's address was syntactically invalid. This can apply to any field in the address. |
X1.8 | Bad sender’s system address | The sender's system specified in the address does not exist or is incapable of accepting return mail. For domain names, this means the address portion to the right of the "@" is invalid for mail. |
X.1.9 | Message relayed to non-compliant mailer | The mailbox address specified was valid, but the message has been relayed to a system that does not speak this protocol; no further information can be provided. |
X.1.10 | Recipient address has null MX | This status code is returned when the associated address is marked as invalid using a null MX. |
X.2.0 | Other or undefined mailbox status | The mailbox exists, but something about the destination mailbox has caused the sending of this DSN. |
X.2.1 | Mailbox disabled, not accepting messages | The mailbox exists, but is not accepting messages. This may be a permanent error if the mailbox will never be re-enabled or a transient error if the mailbox is only temporarily disabled. |
X.2.2 | Mailbox full | The mailbox is full because the user has exceeded a per-mailbox administrative quota or physical capacity. The general semantics implies that the recipient can delete messages to make more space available. |
X.2.3 | Message length exceeds administrative limit | A per-mailbox administrative message length limit has been exceeded. This status code should be used when the per-mailbox message length limit is less than the general system limit. |
X.2.4 | Mailing list expansion problem | The mailbox is a mailing list address and the mailing list was unable to be expanded. |
X.3.0 | Other or undefined mail system status | The destination system exists and normally accepts mail, but something about the system has caused the generation of this DSN. |
X.3.1 | Mail system full | Mail system storage has been exceeded. The general semantics imply that the individual recipient may not be able to delete material to make room for additional messages. |
X.3.2 | System not accepting network messages | The host on which the mailbox is resident is not accepting messages. Examples of such conditions include an immanent shutdown, excessive load, or system maintenance. |
X.3.3 | System not capable of selected features | Selected features specified for the message are not supported by the destination system. This can occur in gateways when features from one domain cannot be mapped onto the supported feature in another. |
X.3.4 | Message too big for system | The message is larger than per-message size limit. This limit may either be for physical or administrative reasons. |
X.3.5 | System incorrectly configured | The system is not configured in a manner that will permit it to accept this message. |
X.4.0 | Other or undefined network or routing status | Something went wrong with the networking, but it is not clear what the problem is, or the problem cannot be well expressed with any of the other provided detail codes. |
X.4.1 | No answer from host | The outbound connection attempt was not answered, because either the remote system was busy, or was unable to take a call. |
X.4.2 | Bad connection | The outbound connection was established, but was unable to complete the message transaction, either because of time-out, or inadequate connection quality. |
X.4.3 | Directory server failure | The network system was unable to forward the message, because a directory server was unavailable. This is useful only as a persistent transient error. The inability to connect to an Internet DNS server is one example of the directory server failure error. |
X.4.4 | Unable to route | The mail system was unable to determine the next hop for the message because the necessary routing information was unavailable from the directory server. |
X.4.5 | Mail system congestion | The mail system was unable to deliver the message because the mail system was congested. |
X.4.6 | Routing loop detected | A routing loop caused the message to be forwarded too many times, either because of incorrect routing tables or a user- forwarding loop |
X.4.7 | Delivery time expired | The message was considered too old by the rejecting system, either because it remained on that host too long or because the time-to-live value specified by the sender of the message was exceeded. |
X.5.0 | Other or undefined protocol status | Something was wrong with the protocol necessary to deliver the message to the next hop and the problem cannot be well expressed with any of the other provided detail codes. |
X.5.1 | Invalid command | A mail transaction protocol command was issued which was either out of sequence or unsupported. |
X.5.2 | Syntax error | A mail transaction protocol command was issued which could not be interpreted, either because the syntax was wrong or the command is unrecognized. |
X.5.3 | Too many recipients | More recipients were specified for the message than could have been delivered by the protocol. This error should normally result in the segmentation of the message into two, the remainder of the recipients to be delivered on a subsequent delivery attempt. It is included in this list in the event that such segmentation is not possible. |
X.5.4 | Invalid command arguments | A valid mail transaction protocol command was issued with invalid arguments, either because the arguments were out of range or represented unrecognized features. |
X.5.5 | Wrong protocol version | A protocol version mis-match existed which could not be automatically resolved by the communicating parties. |
X.5.6 | Authentication Exchange line is too long | This enhanced status code SHOULD be returned when the server fails the AUTH command due to the client sending a [BASE64] response which is longer than the maximum buffer size available for the currently selected SASL mechanism. |
X.6.0 | Other or undefined media error | Something about the content of a message caused it to be considered undeliverable and the problem cannot be well expressed with any of the other provided detail codes. |
X.6.1 | Media not supported | The media of the message is not supported by either the delivery protocol or the next system in the forwarding path. |
X.6.2 | Conversion required and prohibited | The content of the message must be converted before it can be delivered and such conversion is not permitted. Such prohibitions may be the expression of the sender in the message itself or the policy of the sending host. |
X.6.3 | Conversion required but not supported | The message content must be converted in order to be forwarded but such conversion is not possible or is not practical by a host in the forwarding path. |
X.6.5 | Conversion failed | A conversion was required but was unsuccessful. |
X.6.6 | Message content not available | The message content could not be fetched from a remote system. |
X.6.7 | Non-ASCII addresses not permitted for that sender/recipient | This indicates the reception of a MAIL or RCPT command that non-ASCII addresses are not permitted. |
X.6.8 | UTF-8 string reply is required, but not permitted by the SMTP client | This indicates that a reply containing a UTF-8 string is required to show the mailbox name, but that form of response is not permitted by the SMTP client. |
X.6.9 | UTF-8 header message cannot be transferred to one or more recipients, so the message must be rejected | This indicates that the transaction failed after the final "." of the DATA command. |
X.7.0 | Other or undefined security status | Something related to security caused the message to be returned, and the problem cannot be well expressed with any of the other provided detail codes. This status code may also be used when the condition cannot be further described because of security policies in force. |
X.7.1 | Delivery not authorised, message refused | The sender is not authorized to send to the destination. This can be the result of per-host or per-recipient filtering. |
X.7.2 | Mailing list expansion prohibited | The sender is not authorized to send a message to the intended mailing list. |
X.7.3 | Security conversion required but not possible | A conversion from one secure messaging protocol to another was required for delivery and such conversion was not possible |
X.7.4 | Security features not supported | A message contained security features such as secure authentication that could not be supported on the delivery protocol. |
X.7.5 | Cryptographic failure | A transport system otherwise authorized to validate or decrypt a message in transport was unable to do so because necessary information such as key was not available or such information was invalid. |
X.7.6 | Cryptographic algorithm not supported | A transport system otherwise authorized to validate or decrypt a message was unable to do so because the necessary algorithm was not supported. |
X.7.7 | Message integrity failure | A transport system otherwise authorized to validate a message was unable to do so because the message was corrupted or altered. |
X.7.8 | Authentication credentials invalid | This response to the AUTH command indicates that the authentication failed due to invalid or insufficient authentication credentials. In this case, the client SHOULD ask the user to supply new credentials (such as by presenting a password dialog box). |
X.7.9 | Authentication mechanism is too weak | This response to the AUTH command indicates that the selected authentication mechanism is weaker than server policy permits for that user. The client SHOULD retry with a new authentication mechanism. |
X.7.10 | Encryption needed | This indicates that the external strong privacy layer is needed in order to use the requested authentication mechanism. This is primarily intended for use with clear text authentication mechanisms. A client which receives this may activate a security layer such as TLS prior to authenticating, or attempt to use a stronger mechanism. |
X.7.12 | A password transition is needed | This response to the AUTH command indicates that the user needs to transition to the selected authentication mechanism. This is typically done by authenticating once using the [PLAIN] authentication mechanism. The selected mechanism SHOULD then work for authentications in subsequent sessions. |
X.7.13 | User account disabled | Sometimes a system administrator will have to disable a user's account (e.g., due to lack of payment, abuse, evidence of a break-in attempt, etc). This error code occurs after a successful authentication to a disabled account. This informs the client that the failure is permanent until the user contacts their system administrator to get the account re-enabled. It differs from a generic authentication failure where the client's best option is to present the passphrase entry dialog in case the user simply mistyped their passphrase. |
X.7.14 | Trust relationship required | The submission server requires a configured trust relationship with a third-party server in order to access the message content. |
X.7.15 | Priority level is too low | The specified priority level is below the lowest priority acceptable for the receiving SMTP server. This condition might be temporary, for example the server is operating in a mode where only higher priority messages are accepted for transfer and delivery, while lower priority messages are rejected. |
X.7.16 | Message is too big for the specified priority | The message is too big for the specified priority. This condition might be temporary, for example the server is operating in a mode where only higher priority messages below a certain size are accepted for transfer and delivery. |
X.7.17 | Mailbox owner has changed | This status code is returned when a message is received with a Require-Recipient-Valid-Since field or RRVS extension and the receiving system is able to determine that the intended recipient mailbox has not been under continuous ownership since the specified date-time. |
X.7.18 | Domain owner has changed | This status code is returned when a message is received with a Require-Recipient-Valid-Since field or RRVS extension and the receiving system wishes to disclose that the owner of the domain name of the recipient has changed since the specified date-time. |
X.7.19 | RRVS test cannot be completed | This status code is returned when a message is received with a Require-Recipient-Valid-Since field or RRVS extension and the receiving system cannot complete the requested evaluation because the required timestamp was not recorded. The message originator needs to decide whether to reissue the message without RRVS protection. |
X.7.20 | No passing DKIM signature found | This status code is returned when a message did not contain any passing DKIM signatures. |
X.7.21 | No acceptable DKIM signature found | This status code is returned when a message contains one or more passing DKIM signatures, but none are acceptable. |
X.7.22 | No valid author-matched DKIM signature found | This status code is returned when a message contains one or more passing DKIM signatures, but none are acceptable because none have an identifier(s) that matches the author address(es) found in the From header field. This is a special case of X.7.21. |
X.7.23 | SPF validation failed | This status code is returned when a message completed an SPF check that produced a "fail" result, contrary to local policy requirements. |
X.7.24 | SPF validation error | This status code is returned when evaluation of SPF relative to an arriving message resulted in an error. |
X.7.25 | Reverse DNS validation failed | This status code is returned when an SMTP client's IP address failed a reverse DNS validation check, contrary to local policy requirements. |
X.7.26 | Multiple authentication checks failed | This status code is returned when a message failed more than one message authentication check, contrary to local policy requirements. The particular mechanisms that failed are not specified. |
X.7.27 | Sender address has null MX | This status code is returned when the associated sender address has a null MX, and the SMTP receiver is configured to reject mail from such sender (e.g. because it could not return a DSN). |
Need more help?
We always aim to provide great support to everyone. Contact our support team for help and advice or let us know how we can improve FLG on our feedback site.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article