Microsoft Exchange Server,  Windows Server

What Exchange NDR Codes Mean

One of the things that hasn’t changed in all these years with Exchange is Non-Delivery Reports. An NDR is an email that is sent when a message you send fails to go out. Exchange has had a consistent set of NDR status codes since version 5, just adding some here or there with changing technology (e.g. routing connectors, smarthosts, etc).

Exchange has a lot of NDR codes at this point. I keep a little list running in my collection of files I spotlight to find the answer to recurring questions (which happens to always be 42). When an email bounces in Exchange, these codes explain why without having to be overly verbose (usually the text is actually in the NDR but not in the error logs in Exchange). Anyway, my list:

  • 2.0.x: Codes that start with 2 are success codes. The message got to where it was supposed to go.
  • 4.0.x: Persistent failure codes, including the following:
  • 4.2.2: The percent receiving the message is over their quota.
  • 4.3.1: The server is out of memory or hard drive space in the queue or Information Store directories (or out of file IIS handlers).
  • 4.3.2: Message was deleted by an administrator.
  • 4.4.1: Target server isn’t responding or there’s no network connectivity.
  • 4.4.2: Connection dropped. Often due to switching or intermittent routing failures if there are a lot of these.
  • 4.4.6: Hop count exceeded. Check for loops, check your virtual server, DNS, etc.
  • 4.4.7: Message sat in a queue too long.
  • 4.4.9: DNS failure.
  • 4.6.5: Language problems. Might need to install additional language packs.
  • 5.x: Permanent error codes (usually) including the following:
  • 5.0.0: This is usually the most annoying as it’s the generic, catch all error for when Exchange can’t decide on another error to give. Check your routing groups, check the email address, check that an SMTP communication can flow between your server and the target, etc. Prepare to get no satisfaction from your testing.
  • 5.1.0: Destination address might be wonky; otherwise rebuild the Recipient Update Service.
  • 5.1.1: Server can’t resolve the recipient. See this a lot when I delete accounts.
  • 5.1.2: Results from a host unknown (550) SMTP code.
  • 5.1.3: Malformed email address (e.g. charles@cedge@318.com). The previoius is usually a bad domain, this is usually something bad in front of the @.
  • 5.1.4: Hash tables detect duplicate SMTP addresses.
  • 5.1.5: Invalid mailbox. This happens when the SMTP address exists but the mailbox doesn’t.
  • 5.1.6: I’ve found this means there’s a message store problem. If more than one person is impacted, check mdb integrity.
  • 5.1.7: Senders mail attribute is bad. Check the sender’s mailbox info.
  • 5.1.8: Senders mailbox is bad. Every time I’ve seen this I’ve had to delete/readd the sender from Exchange or their mailbox.
  • 5.2.x: Size matters. Includes the following:
  • 5.2.1: Message is too large. Often a policy issue on the sender’s end.
  • 5.2.2: Recipient is over their quota.
  • 5.2.3: Message is too large. Often a policy issue on the receiver’s end.
  • 5.2.4: Distribution group is trying to send a message and can’t.
  • 5.3.x: MTA Errors, including:
  • 5.3.1: Mail system is full. Check free space for mdb directory.
  • 5.3.2: System not accepting mail. Usually something like a port or relay not working. Especially if you have smarthosts.
  • 5.3.3: The server the message is being sent to is out of space but SMTP is still running. I usually see this if the boot volume on the target/recipient server is not full but the queue directory is.
  • 5.3.4: Message is too large but can decide if policy issue is on sender’s or receiver’s end.
  • 5.3.5: The message is looping back (e.g. the server has an alias pointing back to your server, which tries to send again).
  • 5.4.0: DNS problem (can’t find MX or there are too many MX records listed). I’ve also seen this when users try to send to email addresses but forget the tld. I’ve never forgotten a tld. At least not sober…
  • 5.4.1: Receiving server isn’t responding.
  • 5.4.2: Bad connection to the other server in the SMTP communication.
  • 5.4.3: Routing error.
  • 5.4.4: Routing group error.
  • 5.4.6: The address is usually yourself with a weird reply-to situation (e.g. you’re sending to an alias of yourself and the message can’t deliver).
  • 5.4.7: Exceeded time limit to transfer message.
  • 5.4.8: You’re loopy. By default, SMTP should have a maximum of 20 hops for mail delivery. If Exchange detects a loop like this it’s usually been with an SMTP connector or a smarthost config. It’s usually my fault so I’ve seen this one many times.
  • 5.5.0: Generic. I usually find that if I get this error, I probably need to restart the SMTP service on both hosts. One of the two will fix the issue.
  • 5.5.1: Invalid smtp command. One of the servers is speaking some wonky kinda something. Shouldn’t be possible, but happens every now and then. Especially when there are people out there running weird mail servers.
  • 5.5.2: The target mail server sucks. An SMTP error due to a broken sequence of SMTP commands is all kinds of 1980s. But it happens sometimes. If you can send to others then check the amount of memory and space as a communication stream can die if either of the two hosts craps out due to hardware and comes back online.
  • 5.5.3: You have too many friends. Yes, there is a maximum number of people that can be in the sender field. Remove some and your message should go through.
  • 5.5.4: Invalid character in a domain name (e.g. &).
  • 5.5.5: Wrong protocol. This happens when you call a fax machine from an iPhone too. But in the computer world, http, even when encapsulated and running on port 25 simply can’t speak smtp.
  • 5.5.6: Your message content sucks. Yes, I get plenty of these. Regrettably my server doesn’t discern between intelligent emails and unintelligible emails, but it does notice when there’s invalid strings in the content/body of a message!
  • 5.6.0: Corrupt message content. Similar to above, but with attachments/MIME.
  • 5.6.1: Unsupported attachment (e.g. happened when the .ipa standard was first released by Apple).
  • 5.6.3: Anyone who tries to put more than 250 attachments in an email should be beaten. That’s the only way you’ll see this. Yes, I’ve seen it. No, I did not beat him. Yes, I regret that.
  • 5.7.1: Sender sucks (aka, doesn’t have permissions to send to recipient) or client was not properly authenticated.
  • 5.7.2: The array that comprises a distribution list can’t expand and so the server can’t send to the members in that list.
  • 5.7.3: Security problem. Check auth types on servers and proxy settings. Alternative recipient can cause this as well.
  • 5.7.4: Target server security problem. Check delivery settings.
  • 5.7.5: Try again with plaintext as this usually means there isn’t a handshake between cryptographic algorithms/hashes.
  • 5.7.6: Bad certificate.
  • 5.7.7: Message integrity issues, likely due to encrypted email.

If you’ve seen one that isn’t in my list, let me know and I’ll add it!

Finally, keep in mind: friends don’t let friends run their own mail servers.