+49 (0) 7245 919 581 info@eunetic.com
[EN]
Login
  1. Home
  2. europeanMX Knowledge Base
  3. EuropeanMX General
  4. What are the SMTP responses and what do they mean?
europeanMX
Knowledge Base

What are the SMTP responses and what do they mean?

When a message is received, it receives a three digit SMTP response code that is used by mail servers to communicate. There are several types of SMTP response codes:

  • Positive SMTP response
    2xx = normal response to the successful delivery of the message (Accepted).
  • Negative SMTP response
    4xx = Temporary failure to deliver the message, but the action can be completed if the message is retried (Temporarily rejected)
    5xx = Permanent failure to deliver the message (Rejected).

SMTP response codes can be found in the message headers. Below are some examples of SMTP response codes and their meaning:


Accepted (2xx SMTP response)

Messages classified as "Accepted" have not necessarily been delivered. It only means that the message has been accepted for delivery by the filter. If the immediate delivery fails, the filter will try again at a later time. If the message is rejected by the destination server, the sender will receive a corresponding bounce message.

220 - The SMTP server is ready
250 - The requested e-mail action has been completed successfully.


Temporarily Rejected (4xx SMTP response)

Temporarily rejected messages are stored on the sending mail server. In this case, legitimate mail servers always attempt to resend a message automatically. Depending on the reason for the temporary refusal, the message may be accepted at a later delivery attempt. To disable all checks and ensure that the message is accepted, you can add the sender to a whitelist.

421 - The SMTP service was unavailable, try again later
450 - The requested action was not taken because the users mailbox was not available
451 - The requested action was aborted due to a local error in processing. Message was not sent.
452 - The command was aborted because of a lack of storage on the server
454 - TLS not available due to a temporary reason. Encryption is required for requested authentication mechanism
455 - The server cannot deal with the command at this time for an unspecified reason


  • Greylisted: The greylisting procedure is only applied to new IP addresses that are not (well) known to our global system. We do not use "classic" greylisting, so there is no delay in your legitimate traffic.  You can read more in our FAQ article "What does "Greylisting" mean and how does EuropeanMX handle it?" experienced.
  • You have been denied authentication: This error means that you have used incorrect authentication details for your outgoing messages too often in a short period of time. Please use the correct authentication data, wait a few moments and try again. This function protects your SMTP credentials from brute force attacks.
  • Unable to verify destination address: This error means that the target server is not reachable or temporarily rejects e-mail traffic. Please check the destination route to ensure that delivery to the correct destination server is attempted. The logs on the target server should show why they are unsuccessful.
  • Unable to verify sender address: The system could not verify the sender using a null sender callout. You must check the sending mail server to find out why these callouts are not being performed. If the "Sender Verification" option is used in the outgoing user settings, each sender address must be verified in this way.
  • Internal error: An internal error has occurred that should be corrected automatically. If not, please contact our support.
  • Per-minute connection limit exceeded: The sender has exceeded the number of connections per minute limit.
  • Too Many Connections: Too many connections were built up by the sending mail server.
  • Too Many Concurrent SMTP Connections: To protect the systems against attacks, there is a fixed limit of 10 simultaneous SMTP connections per IP. Please make sure that the sending mail server only opens a maximum of 10 simultaneous connections in order not to exceed this limit.
  • Too many messages. Please wait for a while and try again: This error message means that the outgoing user has exceeded the maximum number of messages defined for this user. The EuropeanMX Admin Panel allows you to increase or decrease this limit. You can also deactivate the restriction completely.
  • Mail for this domain cannot be accepted right now; please retry (Unable to handle in active connection.): A message can be sent to multiple recipients within a single SMTP connection. A distinction between the different recipients is not allowed under the SMTP protocol. The message may only be accepted or rejected. If the recipients use different filter settings, we cannot accept or reject the message because the classification may vary depending on the recipient. In this case, we send a temporary rejection of the message to the sending mail server, so that it can try to deliver again for the recipient and each message can be classified separately.

Most mail servers try to resend immediately, so there is no delay in delivery. As long as all recipients use the same filter settings, the message is accepted/rejected immediately without using this procedure. If there is a delay, the sender can configure his server to either immediately try again or open a separate connection for each recipient.


Rejected (5xx SMTP response)

Messages rejected with the following errors are blocked by the system and moved to the quarantine. If the message is not spam, you can release it from the quarantine and have it trained. You can always add the sender to the allow list and thus disable all checks. This way you can ensure that messages from this sender will be accepted by the filter in the future.

500 - A syntax error was encountered and the command could not be recognized
501 - A syntax error was encountered in the command parameters or arguments
502 - The supplied command is not implemented
503 - The server has encountered a bad sequence of commands
510 - The message could not be delivered, check the recipient address
512 - The recipient domain cannot be found
515 - destination mailbox address is invalid
521 - The recipient domain does not accept mail
523 - Server limit exceeded. The message was too large
541 - No response from host
542 - Bad connection
550 - The requested command failed because the user's mailbox was unavailable or the recipient server rejected the message due to high 
probability of spam
551 - The intended recipient mailbox was not available on the recipient server
552 - The message was not sent because the recipient mailbox does not have adequate storage space
554 - The transaction failed. No other information given.


  • Suggested filename is longer than most filesystems support: In this error message, the message contains an attachment whose file name is more than 255 characters. To prevent the error from occurring again, we ask you to choose a file name that contains less than 255 characters. Most operating systems cannot handle more than 255 characters in the file name, which is why the limit has been set accordingly.
  • Lines in message were longer than user maximum: This error message means that a line within the message is longer than the set maximum. According to RFC 5322 (SMTP 5321), a line must not be longer than 998 characters. Normally, the limitation of a line is done automatically by the e-mail clients (such as Thunderbird or Outlook) to avoid later delivery problems. This problem must be resolved by the sender. Alternatively, you can also deactivate the check.
  • Message had more parts than the user maximum (Too many MIME parts): This error message refers to the number of MIME parts within a message. A limit of 100 parts is set by default. This can be exceeded and triggered by a large number of attachments or other MIME parts.
  • Sending server used an invalid greeting: If you receive this message, the sender has used an invalid HELO/EHLO. This may be due to the fact that an IP address is used for the HELO or because the HELO contains an invalid character, e. g. an underscore (_). RFC means that an FDQN (Full Qualified Domain Name) MUST be used.
  • SPF failure: This error message means that the SPF (Sender Policy Framework) specifications have been violated. If it is a legitimate message, this could be related to the forwarding function. Please note that releasing and training large amounts of failed SPF messages can result in the sending hostname being excluded from further SPF checks.
  • Sending server is missing DNS records: The sending server is missing MX records or A records for delivery. Please note that DNS changes only take effect after the initial TTL has expired.
  • Destination address does not exist: The connection is rejected by the destination server with a 5xx error (permanent). To ensure that the message is accepted, the problem must be investigated and resolved on the target server. The reason for the problem should be listed in the log files of the target server.
  • Recipient address rejected by destination: The recipient callout is rejected by the target server with a 5xx error (permanent). To ensure that the message is accepted, the problem must be investigated and resolved on the destination server. The reason for the problem should be listed in the log files of the destination server. For more information, see our FAQ article "What is a Recipient Callout?".
  • Date header far in the past or future: You receive this classification if a date within the header of a message is more than the default 7 days in the future or in the past. When the message is released, it is only forwarded to the recipient. This problem must be investigated and solved by the sender.
  • Bad header count (Message incorrectly formed): Messages containing duplicate header information such as "Subject" or "To" will be rejected until the underlying bug in the sender's software has been fixed. E-mails should never have duplicate header information!
  • Subject contains invalid characters: Messages rejected with the error message "550 Subject contains invalid characters" use characters in the subject that are not allowed according to RFC. In order to include non-ASCII characters in a subject line, the subject line must be correctly encoded, e. g. with UTF-8. By default, every common email client handles this automatically, so the error is probably due to a user-defined script that created the invalid subject. In this case, the header shows the classification "badly formed subject line" under "Evidence".
  • Tokens / Global Tokens: Tokens means statistical content controls based on the data collected from all clusters and customers worldwide. Releasing the message from quarantine corrects the classification in our system.
  • Heuristics.LinkChecks: In cases where your message was rejected with Heuristics.LinkChecks.ProbableMalware and Heuristics.LinkChecks.ProbablePhish in the rejection message, it means that you were (recently) listed by Google as a host for malicious files.
  • Header is too long: Since this is a common indicator for non-legitimate messages, e-mails with excessively high header values are rejected.
  • Restricted characters in address: If a message with the error message "550 restricted charactes in adress" is rejected, the recipient's address contains a character that is not accepted by our system (e. g."&"). In the domain settings, you can specify which characters are allowed for your domain.
  • Relay not permitted: If a message is rejected with the error message "550 Relay not permittet!", then the delivery of the e-mail was attempted via port 25 for a domain that is not added to our system. To solve the problem, please create the domain in the incoming filter.
    If you receive an error message when using the outgoing filter, please make sure that you transfer your messages to our system via port 587.
  • Message submission is for authorised users only: This means that you are trying to start the delivery of your outgoing message via our filter on port 465/587 (standard). Please make sure that you are using valid user credentials for outgoing filter authentication.
    If you receive the error message when you try to send mail inbound, your mail server is configured incorrectly (probably a misconfigured version of Lotus Domino).
  • Legitimate bounces are never sent to more than one recipient: In case your message has been rejected with "Legitimate bounces arenever sent to more than one recipient" in the rejection message, it means that the mail server was trying to deliver an email to multiple recipients with an empty "MAIL FROM:<>" (return-path). The SMTP RFC5.3.2.1 indicates that null sender emails (bounces) can never be sent to multiple recipients.
  • We do not accept message/partial messages here: Before everyone had a permanent internet connection, sending large e-mails was time-consuming and often failed. For this reason, older email clients split up larger messages for delivery into several parts. This old function is no longer used today. It carries a high risk, as it makes the detection of viruses almost impossible (viruses are also broken down into several parts like the e-mail and are only reassembled by the recipient's client). Please make sure that this setting is not used in your mail client.


Messages rejected without being quarantined

Some messages are rejected immediately without being quarantined. This happens at SMTP level and the rejection is permanent. For example, this happens to incoming messages in the following scenarios:

  • No valid recipient or an invalid domain is specified in the message.
  • It does not use TLS during transmission, although this is enforced by the incoming domain.
  • RFC specifications are not followed when sending and publishing records (invalid HELO).
  • The bounce message was not signed (if BATV is enforced).
  • The incoming message contains malware or viruses.
  • Characters are restricted in the local part of the address.
  • The incoming message is not compliant with DMARC of the domain (DMARC record of the sender specifies "REJECT").
  • The IP address of the sending mail server has been blacklisted by the superadmin.
  • The IP address of the sending mail server has been entered in an internal blacklist and the "pre_data_dnsbl" function is active (not displayed in the spam panel). Please contact our support if necessary.
  • The address in "Mail From:" (envelope sender) is entered on a blacklist.
  • The maximum number of local parts has been reached (not displayed in the Spampanel). Please contact our support if necessary.
  • An invalid HELO/EHLO occurs during the handshake between the mail servers.
  • The maximum number of bounces was exceeded within one hour.
  • The SPF record of the sending domain indicates that it never sends emails (spf1 -all).
  • The message header contains illegal BOM.
  • The bounce message was sent to multiple recipients.
  • The message was sent to too many failed recipients.
  • The message is oversized.
  • The message contains too many unrecognized commands.


Outgoing messages are rejected in this way in the following scenarios

  • The messages do not contain authentication.
  • There are too many failed authentication attempts (brute force protection).
  • No TLS is used when establishing the connection (if this is enforced by the outgoing domain).
  • The IP address of the sender has been blocked.
  • The sender address in "Mail From:" has been blocked (envelope sender).
  • If an invalid sender is used when sending.
  • If the recipient could not be verified (the check was performed only for bounce messages).
  • If the rate limit was reached (if the behavior is set to abort if too many messages are sent per connection).
  • The bounce message was sent to more than one recipient.
  • The message header contains illegal BOM.
  • The outgoing message contains malware / viruses.
  • The local part of the address contains restricted characters.
  • The message is oversized.
  • The message contains too many unrecognized commands.
Was this article helpful?

No Yes