There Was an Error Submitting the Page Restrictions. Please Try Again Later.
This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
Electronic mail not-commitment reports in Substitution Online
When at that place'south a problem delivering an email message that you sent, Microsoft 365 or Role 365 sends an email to let you know. The email you receive is a commitment status notification, too known as a DSN or bounce message. The most common blazon is chosen a not-commitment study (NDR) and they tell you that a message wasn't delivered. Non-delivery tin can exist acquired past something as elementary as a typo in an email address. NDRs include an error code that indicates why your electronic mail wasn't delivered, solutions to help you get your email delivered, a link to more aid on the web, and technical details for administrators. Find out What's included in an NDR?.
Find my NDR code and go assistance delivering my e-mail
The following table contains the NDR codes (besides called enhanced status codes) for the about common bounce letters and NDRs that yous might come across in Exchange Online.
| NDR code | Description | Possible crusade | Boosted information |
|---|---|---|---|
| 432 iv.3.2 | STOREDRV.Deliver; recipient thread limit exceeded | The recipient mailbox's power to accept messages is being throttled because it's receiving besides many messages too chop-chop. This is washed and so a single recipient'southward mail processing doesn't unfairly impact other recipients sharing the same mailbox database. | For more than information nigh this by-design throttling, encounter Store Driver Error Isolation Improvements in Substitution 2010 SP1. |
| four.4.316 | Connectedness refused [Message=Socket fault lawmaking 10061] | Microsoft 365 or Role 365 is trying to ship a bulletin to an e-mail server exterior of Microsoft 365 or Office 365, but attempts to connect to it are failing due to a network connection issue at the external server's location. | This error most always indicates an outcome with the receiving server or network exterior of Microsoft 365 or Office 365. The error should too include the IP address of the server or service that's generating the error, which you can utilise to identify the party responsible for fixing this. |
| 4.4.7 | Message expired | The bulletin in the queue has expired. The sending server tried to relay or evangelize the bulletin, merely the activity wasn't completed before the message expiration time occurred. This message can as well indicate that a bulletin header limit has been reached on a remote server, or some other protocol fourth dimension-out occurred while communicating with the remote server. | This message ordinarily indicates an upshot on the receiving server. Cheque the validity of the recipient address, and decide if the receiving server is configured correctly to receive messages. You lot might have to reduce the number of recipients in the bulletin header for the host about which y'all're receiving this error. If you send the message again, it'southward placed in the queue again. If the receiving server is available, the message is delivered. For more information, run across Fix e-mail delivery issues for fault code 4.4.7 in Exchange Online. |
| 4.5.iii | Too many recipients | The message has more than 200 SMTP envelope recipients from the same domain. | An envelope recipient is the original, unexpanded recipient that's used in the RCPT TO command to transmit the message between SMTP servers. When this error is returned by Microsoft 365 or Office 365, the sending server must suspension upward the number of envelope recipients into smaller chunks (chunking) and resend the message. |
| 4.7.26 | Access denied, a message sent over IPv6 [2a01:111:f200:2004::240] must pass either SPF or DKIM validation, this message is not signed | The sending bulletin sent over IPv6 must pass either SPF or DKIM. | For more than information, see Support for anonymous inbound electronic mail messages over IPv6. |
| 4.7.321 | starttls-not-supported: Destination mail server must support TLS to receive mail. | DNSSEC checks take passed, even so upon connectedness, destination mail service server doesn't respond to the STARTTLS command. | This message usually indicates an effect on the destination email server. Check the validity of the recipient address. Determine if the destination server is configured correctly to receive the messages. |
| iv.7.322 | document-expired: Destination post server'southward certificate is expired. | DNSSEC checks have passed, withal upon establishing the connection, the destination mail server provides a document that is expired. | A valid 10.509 document that isn't expired must exist presented. 10.509 certificates must be renewed after their expiration, ordinarily annually. |
| 4.7.323 | tlsa-invalid: The domain failed DANE validation. | Records are DNSSEC authentic, simply one or multiple of these scenarios occurred:
| This bulletin usually indicates an upshot on the destination e-mail server. Check the validity of recipient accost and determine if the destination server is configured correctly to receive messages. For more data, run into DANE protocol: updates and operational guidance |
| 4.seven.324 | dnssec-invalid: Destination domain returned invalid DNSSEC records | The destination domain indicated information technology was DNSSEC-authentic, but Exchange Online wasn't able to verify it every bit DNSSEC-authentic. | For more information, come across Overview of DNSSEC. |
| 4.vii.325 | certificate-host-mismatch: Remote certificate MUST accept a common name or subject alternative name matching the hostname (DANE) | This happens when the presented certificate identities (CN and SAN) of a destination SMTP target host don't match whatever of the domains or MX host. | This message unremarkably indicates an issue on the destination email server. Check the validity of recipient address and determine if the destination server is configured correctly to receive messages. For more information, run across How SMTP DNS-based Authentication of Named Entities (DANE) works to secure e-mail communications. |
| 4.7.500-699 | Access denied, please attempt once again afterwards | Suspicious action has been detected and sending has been temporarily restricted for further evaluation. | If this activity is valid, this restriction will be lifted presently. |
| 4.7.850-899 | Access denied, please try again later | Suspicious activity has been detected on the IP in question, and it has been temporarily restricted while it'due south existence further evaluated. | If this activity is valid, this restriction will be lifted shortly. |
| five.0.350 | Generic error, x-dg-ref header is too long, or Requested action not taken: policy violation detected (AS345) | 5.0.350 is a generic take hold of-all error lawmaking for a wide variety of non-specific errors from the recipient's email organization. The specific x-dg-ref header is also long message is related to Rich Text formatted messages. The specific Requested activeness not taken: policy violation detected (AS345) message is related to nested attachments. | For more information, see Gear up e-mail delivery problems for fault code 550 five.0.350 in Commutation Online. |
| five.1.0 | Sender denied | A common cause of this NDR is when you utilize Microsoft Outlook to save an email bulletin every bit a file, and then someone opened the message offline and replied to it. The message property only preserves the legacyExchangeDN attribute when Outlook delivers the message, and therefore the lookup could fail. | Either the recipient address is incorrectly formatted, or the recipient couldn't exist correctly resolved. The first pace in resolving this mistake is to check the recipient address, and transport the bulletin once more. For more than information, see Fix electronic mail delivery issues for fault code five.1.0 in Exchange Online. |
| 5.ane.1 | Bad destination mailbox accost | This failure might be caused by the post-obit conditions:
| This error typically occurs when the sender of the message incorrectly enters the electronic mail address of the recipient. The sender should check the recipient'southward email address and send again. This mistake can also occur if the recipient email address was correct in the past merely has inverse or has been removed from the destination email system. If the sender of the message is in the aforementioned system every bit the recipient, and the recipient's mailbox all the same exists, determine whether the recipient'southward mailbox has been relocated to a new email server. If this is the case, Outlook might non have updated the recipient cache correctly. Instruct the sender to remove the recipient's address from sender's Outlook recipient enshroud and so create a new message. Resending the original message will result in the same failure. For more than data, see Gear up email delivery issues for fault code five.1.1 through 5.i.20 in Substitution Online. |
| 5.1.8 | Access denied, bad outbound sender | The account has been blocked for sending besides much spam. Typically, this problem occurs because the account has been compromised (hacked) past phishing or malware. | For more information, come across Fix email delivery issues for fault code v.1.8 in Exchange Online. |
| 5.1.10 | Recipient non constitute | The recipient's <SMTP Accost> wasn't found by SMTP accost lookup. | For more information, see Fix email delivery bug for error code 550 5.1.10 in Exchange Online. |
| 5.one.xc | Your bulletin tin can't be sent because you've reached your daily limit for message recipients | The sender has exceeded the recipient rate limit every bit described in Sending limits. | This could indicate the account has been compromised and is existence used to send spam. For more information, run into How to make up one's mind whether your account has been compromised. |
| 5.two.two | Submission quota exceeded | The sender has exceeded the recipient rate limit or the message rate limit equally described in Sending limits. | This could bespeak the account has been compromised and is being used to send spam. For more information, see How to determine whether your business relationship has been compromised. |
| 5.ii.121 | Recipient'south per hour message receive limit from specific sender exceeded. | The sender has exceeded the maximum number of messages they're allowed to send per hour to a specific recipient in Exchange Online. | The automated mailer or sender should try again later, and reduce the number of messages they send per hour to a specific recipient. This limit helps protect Microsoft 365 or Part 365 users from chop-chop filling their inboxes with a large number of messages from errant automated notification systems or other single-sender mail storms. |
| v.two.122 | Recipient's per 60 minutes bulletin receive limit exceeded. | The Microsoft 365 or Role 365 recipient has exceeded the number of messages they can receive per hour from all senders. | The automated mailer or sender should try once more subsequently, and reduce the number of messages they ship per hour to a specific recipient. This limit helps protect Microsoft 365 and Function 365 users from chop-chop filling their inboxes with a large number of messages from errant automated notification systems or other mail storms. |
| v.3.190 | Journaling on-bounds messages to Microsoft 365 or Role 365 not supported when Journaling Archive is disabled. | Journaling on-bounds messages to Microsoft 365 or Office 365 isn't supported for this organization because they oasis't turned on Journaling Archive in their settings. | A journaling rule is configured in the system's on-bounds environment to periodical on-premises messages to Microsoft 365 or Office 365, merely Journaling Annal is disabled. For this scenario to work, the organization'south Office 365 administrator should either enable Journaling Archive or alter the journaling rule to periodical messages to a different location. |
| 5.four.one | Relay Access Denied | The mail server that'southward generating the error doesn't accept post for the recipient'due south domain. This error is caused by postal service server or DNS misconfiguration. | For more information, see Ready email delivery issues for error code v.four.1 in Exchange Online. |
| 5.four.1 | Recipient address rejected: Access denied | The recipient´due south address doesn't exist. | For more information, see Use Directory Based Edge Blocking to reject letters sent to invalid recipients. |
| 5.4.half dozen or 5.4.xiv | Routing loop detected | A configuration error has caused an e-mail loop. 5.4.vi is generated by on-premises Exchange server (you'll run into this code in hybrid environments). 5.iv.xiv is generated by Commutation Online. Past default, subsequently twenty iterations of an electronic mail loop, Exchange interrupts the loop and generates an NDR to the sender of the bulletin. | This error occurs when the delivery of a message generates some other message in response. That message then generates a tertiary message, and the procedure is repeated, creating a loop. To help protect against exhausting organisation resource, Exchange interrupts the postal service loop afterward 20 iterations. Mail loops are typically created because of a configuration error on the sending mail server, the receiving postal service server, or both. Bank check the sender's and the recipient's mailbox rules configuration to determine whether automatic message forwarding is enabled. For more than information, see Fix email delivery issues for error lawmaking v.4.6 or 5.iv.14 in Exchange Online. |
| five.4.300 | Message expired | The e-mail took also long to be successfully delivered, either because the destination server never responded or the sent message generated an NDR error and that NDR couldn't be delivered to the original sender. | |
| five.v.0 | 550 5.5.0 Requested action not taken: mailbox unavailable | The recipient's <SMTP Address> domain is @hotmail.com or @outlook.com and it wasn't constitute by SMTP address lookup. | Similar to 550 v.1.10. For more information, see Prepare email delivery issues for error code 550 5.1.x in Commutation Online. |
| five.6.11 | Invalid characters | Your electronic mail plan added invalid characters (blank line feed characters) into a bulletin y'all sent. | For more information, see Gear up email commitment problems for mistake lawmaking v.6.xi in Exchange Online. |
| 5.7.1 | Delivery not authorized | The sender of the message isn't immune to send messages to the recipient. | This mistake occurs when the sender tries to send a message to a recipient only the sender isn't authorized to do this. This frequently occurs when a sender tries to transport letters to a distribution grouping that has been configured to take letters only from members of that distribution group or other authorized senders. The sender must asking permission to ship messages to the recipient. This error can also occur if an Exchange transport rule rejects a bulletin because the message matched conditions that are configured on the send rule. For more data, see Gear up email delivery issues for error code 5.7.one in Exchange Online. |
| v.vii.1 | Unable to relay | The sending email system isn't immune to send a message to an email system where that email system isn't the terminal destination of the message. | This fault occurs when the sending e-mail system tries to send an anonymous message to a receiving email organization, and the receiving electronic mail arrangement doesn't accept messages for the domain or domains specified in one or more than of the recipients. The following are the most common reasons for this error:
For more data, run across Prepare email commitment issues for error lawmaking five.7.1 in Exchange Online. |
| 5.7.1 | Customer was not authenticated | The sending electronic mail system didn't authenticate with the receiving email organization. The receiving e-mail system requires authentication before message submission. | This fault occurs when the receiving server must be authenticated before bulletin submission, and the sending email system hasn't authenticated with the receiving email arrangement. The sending email organization administrator must configure the sending email organization to authenticate with the receiving email system for delivery to be successful. For more information, meet Set email delivery issues for fault code v.7.one in Commutation Online. |
| 5.seven.12 | Sender was non authenticated by organization | The sender's bulletin is rejected considering the recipient address is set to reject messages sent from outside of its organization. Only an electronic mail admin for the recipient'due south organization can alter this. | For more data, see Fix email commitment issues for error lawmaking 5.7.12 in Commutation Online. |
| 5.7.23 | The message was rejected because of Sender Policy Framework violation | The destination electronic mail system uses SPF to validate inbound post, and at that place's a problem with your SPF configuration. | For more information, see Fix electronic mail delivery issues for error lawmaking 5.seven.23 in Exchange Online. |
| 5.seven.57 | Customer was not authenticated to send bearding mail service during Post FROM | You configured an application or device to ship (relay) email messages in Microsoft 365 or Office 365 using the smtp.office365.com endpoint, and at that place's a problem with the configuration of the application or device. | For more information, meet Fix email delivery issues for error code 5.7.57 in Exchange Online. |
| v.7.64 | TenantAttribution; Relay Admission Denied | You lot use an entering connector to receive messages from your on-premises electronic mail environment, and something has changed in your on-premises environment that makes the inbound connector's configuration incorrect. | For more data, come across Fix email commitment issues for mistake code 5.7.64 in Commutation Online. |
| 5.7.124 | Sender not in allowed-senders list | The sender doesn't have permission to send to the distribution group because the sender isn't in the group'southward allowed-senders listing. Depending how the group is set up, even the grouping's owner might need to be added to the allowed sender list in club to transport letters to the group. | For more than information, see Set up email commitment issues for error lawmaking 5.7.124 in Exchange Online. |
| 5.7.133 | Sender non authenticated for group | The recipient address is a grouping distribution list that is set up to refuse letters sent from outside of its organization. Just an electronic mail admin for the recipient'southward organization or the group owner tin can change this. | For more data, come across Ready email delivery issues for error code five.seven.133 in Exchange Online. |
| five.7.134 | Sender was not authenticated for mailbox | The recipient address is a mailbox that is gear up to refuse messages sent from outside of its organization. But an email admin for the recipient's organization tin modify this. | For more information, see Fix email commitment issues for error code 5.7.134 in Substitution Online. |
| v.vii.13 or 135 | Sender was not authenticated for public binder | The recipient accost is a public folder that is set to reject messages sent from outside of its organization. Only an e-mail admin for the recipient's organisation can modify this. | For more information, see Fix email delivery issues for error code 5.vii.13 or v.vii.135 in Exchange Online. |
| 5.7.136 | Sender was not authenticated | The recipient address is a postal service user that is fix to reject messages sent from outside of its organization. Only an electronic mail admin for the recipient's organization tin can modify this. | For more than information, run into Fix email commitment issues for error lawmaking five.7.136 in Exchange Online. |
| 5.7.25 | Access denied, the sending IPv6 accost [2a01:111:f200:2004::240] must have a contrary DNS tape | The sending IPv6 address must have a opposite DNS record in order to ship email over IPv6. | For more data, see Support for anonymous entering e-mail letters over IPv6. |
| five.vii.321 | starttls-not-supported: Destination mail server must back up TLS to receive postal service. |
| This message usually indicates an event on the destination mail server. Bank check the validity of the recipient address and determine if the destination server is configured correctly to receive letters. |
| 5.7.322 | certificate-expired: Destination mail server'south certificate is expired. | DNSSEC checks have passed, nonetheless upon establishing the connection the destination post server provides a document that is expired. | A valid X.509 document that isn't expired must be presented. 10.509 certificates must exist renewed after their expiration, commonly annually. |
| v.7.323 | tlsa-invalid: The domain failed DANE validation. | Records are DNSSEC authentic simply one or multiple of these things occurred:
| This message ordinarily indicates an consequence on the destination mail server. Check the validity of the recipient accost and decide if the destination server is configured correctly to receive letters. For more information about DANE, run into: https://datatracker.ietf.org/doc/html/rfc7671.| |
| five.vii.324 | dnssec-invalid: Destination domain returned invalid DNSSEC records | The destination domain indicated it was DNSSEC-authentic but Commutation Online wasn't able to verify it as DNSSEC-authentic. | For more information most DNSSEC, encounter: Overview of DNSSEC. |
| 5.7.325 | certificate-host-mismatch: Remote certificate MUST take a common name or discipline culling name matching the hostname (DANE) | This happens when the presented certificate identities (CN and SAN) of a destination SMTP target host don't match any of the domains or MX host. | This message commonly indicates an event on the destination email server. Cheque the validity of recipient accost and determine if the destination server is configured correctly to receive messages. For more than data, come across How SMTP DNS-based Authentication of Named Entities (DANE) works to secure e-mail communications. |
| 5.7.501 | Admission denied, spam corruption detected | The sending account has been banned due to detected spam activity. | For details, see Gear up email commitment bug for error code 451 v.vii.500-699 (ASxxx) in Commutation Online. Verify that any account issues have been resolved, and reset its credentials. To restore this account'south ability to send mail, contact support through your regular channel. |
| v.7.502 | Admission denied, banned sender | The sending account has been banned due to detected spam action. | Verify that any account issues take been resolved, and reset its credentials. To restore this account's ability to send mail, please contact support through your regular channel. |
| 5.seven.503 | Access denied, banned sender | The sending account has been banned due to detected spam activity. | Verify that any account issues have been resolved, and reset its credentials. To restore this business relationship's ability to ship mail, please contact support through your regular aqueduct. |
| 5.7.504 | [email@contoso.com]: Recipient accost rejected: Access denied | The recipient address that you're attempting to contact isn't valid. | Verify the recipient's email accost, and attempt once more. |
| 5.7.505 | Access denied, banned recipient | The recipient that you're attempting to contact isn't valid. | If you feel this is in fault, contact support. |
| 5.vii.506 | Access Denied, Bad HELO | Your server is attempting to introduce itself (HELO co-ordinate to RFC 821) as the server it's trying to connect to, rather than its own fully qualified domain name. | This isn't allowed, and it's characteristic of typical spambot behavior. |
| 5.7.507 | Access denied, rejected by recipient | The IP that you're attempting to send from has been blocked by the recipient'southward organization. | Contact the recipient in order to resolve this issue. |
| 5.seven.508 | Access denied, [$SenderIPAddress] has exceeded permitted limits inside $range range | The sender's IPv6 range has attempted to send too many letters in too short a time period. | Non applicable |
| five.seven.509 | Access denied, sending domain [$SenderDomain] does not pass DMARC verification | The sender'due south domain in the 5322.From accost doesn't pass DMARC. | Non applicable |
| 5.7.510 | Access denied, [contoso.com] does not have email over IPv6 | The sender is attempting to transmit a message to the recipient over IPv6, but the recipient doesn't accept email messages over IPv6. | Not applicable |
| five.seven.511 | Access denied, banned sender | The IP that you're attempting to send from has been banned. | To delist the accost, email delist@messaging.microsoft.com and provide the total NDR code and IP accost to delist. For more than information, come across Use the delist portal to remove yourself from the blocked senders list. |
| 5.7.512 | Access denied, bulletin must be RFC 5322 department 3.half dozen.2 compliant | Message was sent without a valid "From" email accost. | Office 365 only. Each message must incorporate a valid email address in the "From" header field. Proper formatting of this address includes angle brackets effectually the email accost, for case, <security@contoso.com>. Without this address Microsoft 365 or Office 365 will turn down the message. |
| 5.vii.513 | Service unavailable, Client host [$ConnectingIP] blocked by $recipientDomain using Customer Cake list (AS16012607) | The recipient domain has added your sending IP accost to its custom blocklist. | The domain that received the email has blocked your sender'due south IP address. If yous think your IP accost has been added to the recipient domain'southward custom blocklist in fault, you need to contact them straight and inquire them to remove it from the blocklist. |
| v.7.606-649 | Access denied, banned sending IP [IP1.IP2.IP3.IP4] | The IP that yous're attempting to ship from has been banned. | Verify that yous're following the best practices for e-mail deliverability, and ensure your IPs' reputations oasis't been degraded as a result of compromise or malicious traffic. If yous believe you're receiving this message in fault, you can use the self-service portal to request to be removed from this list. For more information, encounter Utilise the delist portal to remove yourself from the blocked senders list. |
| 5.7.700-749 | 5.seven.705 Access denied, tenant has exceeded threshold, five.vii.708 Access denied, traffic not accepted from this IP | The bulk of traffic from this tenant has been detected equally suspicious and has resulted in a ban on sending ability for the tenant. | Ensure that any compromises or open relays have been resolved, and then contact back up through your regular channel. For more information, see Fix email commitment issues for error codes v.vii.700 through 5.7.750 in Commutation Online. |
| five.7.750 | Service unavailable. Client blocked from sending from unregistered domains | A suspicious number of messages from unprovisioned domains is coming from this tenant. | Add and validate any and all domains that you utilize to ship e-mail from Microsoft 365 or Office 365. For more information, come across Gear up e-mail delivery issues for error codes 5.7.700 through v.7.750 in Exchange Online. |
| n/a | The bulletin can't exist submitted because the sender's submission quota was exceeded | The user account has exceeded the recipient charge per unit limit (ten,000 recipients per 24-hour interval). | The account has likely been compromised. For more information, see Fix email commitment issues for error 'the sender'southward submission quota was exceeded' in Substitution Online. |
Run not-delivery report diagnostics
Note
This feature requires a Microsoft 365 administrator account. This characteristic isn't available for Microsoft 365 Government, Microsoft 365 operated by 21Vianet, or Microsoft 365 Germany.
To learn more well-nigh the description of the non-delivery study (NDR), possible cause, and solution by running the following NDR diagnostic, you can run an automated diagnostic. Make certain you lot get the NDR code or condition lawmaking from the undeliverable/non-commitment report.
To run the diagnostic check, select the following button:
A flyout page opens in the Microsoft 365 admin center. Paste the NDR code or error message, then select Run Tests.
What's included in an NDR?
Exchange NDRs are designed to be piece of cake to read and empathise by email users and administrators. There are a couple of different formats for NDRs. The newest style NDR contains a problem clarification in everyday language, along with steps to set it. The post-obit effigy shows the format for this type of NDR.
Information provided in the newest style NDRs is designed to help the typical e-mail user solve their problem immediately. When that isn't possible, the NDR provides details for administrators and also a link to more aid on the spider web. The following fields appear in the newest Part 365 NDRs.
| Field | Description |
|---|---|
| Office 365 logo | This indicates that Microsoft 365 or Office 365 generated the NDR. The logo doesn't mean that Microsoft 365 or Office 365 was responsible for the error. This tells which messaging endpoints or services are involved in the electronic mail transaction, which isn't ever clear in older style NDRs. |
| Cause | This section provides the reason that the bulletin wasn't delivered. |
| Set-information technology owner indicator | This section provides an at-a-glance view of the result and who needs to fix it. The image shows the iii bones parties in a Microsoft 365 or Office 365 electronic mail transaction: the sender, Microsoft 365 or Office 365, and the recipient. The area marked in ruby is where the trouble commonly must be fixed. |
| How to ready it | This department is designed for the stop-user or the email sender who receives the NDR. It explains how to fix the issue. |
| More info for email admins | This department provides a detailed explanation of the trouble and solution along with technical details and a link to a web-based article that has detailed reference information. |
| Bulletin hops | This section contains times and system references for the message, which allows an admin to follow the bulletin's hops or server-to-server path. With this info, an admin might quickly spot problems between message hops. |
For NDRs that don't have the latest format, the information might be separated into 2 sections: User information, and Diagnostic data for administrators. The following figure shows the format for one type of Exchange Online NDR.
User data
The user information section appears first in some NDRs, and the main purpose is to provide a summary nearly what went incorrect. The text is designed to help the message sender determine why the message was rejected and, if possible, how to resend the message successfully. The e-mail address of each recipient is listed, and the reason for the failure is included in the space below the recipient's email address. The proper noun of the mail server that rejected the message might likewise exist included in this section.
Diagnostic data for administrators
The Diagnostic information for administrators section provides deeper technical data to assist administrators troubleshoot the message commitment trouble. It contains detailed data about the specific error that occurred during delivery of the message, the server that generated the NDR, and the server that rejected the bulletin. This section uses the post-obit format:
Diagnostic data for administrators Generating server: <server name> <rejected recipient> <remote server> <enhanced condition lawmaking> <SMTP response> Original message headers <message header fields> | Field | Description |
|---|---|
| Generating server | This field indicates the name of the SMTP mail server that created the NDR. If no remote server is listed below the sender's e-mail address, the generating server is also the server that rejected the original e-mail bulletin. When the remote mail server acknowledges and accepts the message, but later on rejects the message, for instance, because of content restrictions, the remote server generates the NDR. If the remote mail server never acknowledges and never accepts the message, the sending server in Exchange Online generates the NDR. |
| <Rejected recipient> | This value is the email accost of the recipient. If delivery failed to more than ane recipient, the electronic mail address for each recipient is listed. The post-obit data is too included for each failed recipient:
|
| <Remote server> | This value is the name of the post server that rejected the message. If the original message is successfully acknowledged by the receiving server, only is later rejected, the remote server value isn't populated. |
| <Enhanced condition lawmaking> | This value is assigned by the mail server that rejected the original message and indicates why the message was rejected. These codes are divers in RFC 3463, and use the format abc x.y.z, where the placeholder values are integers. For case, a 5.x.10 code indicates a permanent error, and a iv.10.ten code indicates a temporary error. Although the enhanced status code is oftentimes generated past an external mail server, Exchange Online uses the enhanced status code value to determine the text to brandish in the user information department. |
| <SMTP response> | This value is returned by the mail server that rejected the original bulletin. This text provides an explanation for the enhanced status lawmaking value. The text is e'er presented in US-ASCII format. |
| Original message headers | This section contains the message header fields of the rejected message. These header fields tin provide useful diagnostic information, such every bit the path that the message took earlier it was rejected, or whether the To field value matches the rejected recipient value. |
How to interpret an Exchange NDR
Hither's an example. Suppose you receive an Exchange NDR that contains the following information:
Delivery has failed to these recipients or groups: ronald@contoso.com Your message wasn't delivered due to a permission or security issue. It might have been rejected by a moderator, the accost might only accept email from certain senders, or some other restriction might be preventing delivery. The following organization rejected your message: mail.contoso.com. Diagnostic data for administrators: Generating server: alpineskihouse.com ronald@contoso.com post.contoso.com #<exchange.contoso.com #5.7.ane smtp;530 5.7.1 Client was not authenticated> #SMTP# Original bulletin headers: ... From the user information section, y'all can determine that the recipient is Ronald Slattery, and that the bulletin was rejected past the mail server mail.contoso.com, which isn't an Exchange Online or Exchange Online Protection postal service server.
From the Diagnostic information for administrators section, you tin meet that alpineskihouse.com attempted to connect to the server mail.contoso.com to deliver the message to the recipient ronald@contoso.com. However, mail.contoso.com responded with the error 530 5.7.1 Client was not authenticated. Even though bigfish.com generated the NDR, mail service.contoso.com actually rejected the bulletin, so the administrators at contoso.com are responsible for understanding and fixing the problem. This particular error indicates that the server mail.contoso.com is configured non to have anonymous email from the Cyberspace.
Although the Original message headers are omitted from this case due to their length and complexity, y'all tin typically extract useful data from the following header fields:
-
To: This field might exist helpful if the email address was mistyped.
-
Received: These fields can tell you what the path was for the message, and the terminal hop that generated the delivery status notification if it isn't like shooting fish in a barrel to tell from the
Generating servervalue in the NDR. -
Received-SPF: If this value is annihilation other than
pass, check the Sender Policy Framework (SPF) DNS record for your domain. For more information, come across Add together or edit custom DNS records.
Notwithstanding need help with NDRs or other status notifications?
Feedback
Submit and view feedback for
Source: https://docs.microsoft.com/en-us/exchange/mail-flow-best-practices/non-delivery-reports-in-exchange-online/non-delivery-reports-in-exchange-online
Post a Comment for "There Was an Error Submitting the Page Restrictions. Please Try Again Later."