File Coverage

lib/Sisimai/Rhost/Microsoft.pm

Criterion	Covered	Total	%
statement	31	32	96.8
branch	17	20	85.0
condition	2	2	100.0
subroutine	5	5	100.0
pod	0	1	0.0
total	55	60	91.6

line	stmt	bran	cond	sub	pod	time	code
1							package Sisimai::Rhost::Microsoft;
2	10			10		2464	use v5.26;
	10					66
3	10			10		76	use strict;
	10					24
	10					310
4	10			10		45	use warnings;
	10					45
	10					737
5	10			10		61	use Sisimai::SMTP::Status;
	10					14
	10					15115
6
7							# https://technet.microsoft.com/en-us/library/bb232118
8							# https://learn.microsoft.com/en-us/Exchange/mail-flow-best-practices/non-delivery-reports-in-exchange-online/non-delivery-reports-in-exchange-online
9							# https://learn.microsoft.com/en-us/Exchange/mail-flow/non-delivery-reports-and-bounce-messages/non-delivery-reports-and-bounce-messages
10							sub find {
11							# Detect bounce reason from Exchange Server 2019 or older and Exchange Online
12							# @param [Sisimai::Fact] argvs Decoded email object
13							# @return [String] The bounce reason for Exchange Online
14							# @see https://technet.microsoft.com/en-us/library/bb232118
15							# @since v4.17.2
16	122			122	0	1126	my $class = shift;
17	122		100			396	my $argvs = shift // return "";
18	121	100				518	return '' unless $argvs->{'deliverystatus'};
19	119	100				673	return '' unless Sisimai::SMTP::Status->test($argvs->{'deliverystatus'});
20
21	118					1428	state $messagesof = {
22							'authfailure' => [
23							# - Access denied, a message sent over IPv6 [2a01:111:f200:2004::240] must pass either
24							# SPF or DKIM validation, this message is not signed
25							# - The sending message sent over IPv6 must pass either SPF or DKIM.
26							['4.7.26', 0, 0, 'must pass either spf or dkim validation, this message is not signed'],
27
28							# - The destination email system uses SPF to validate inbound mail, and there's a prob-
29							# lem with your SPF configuration.
30							['5.7.23', 0, 0, 'the message was rejected because of sender policy framework violation'],
31
32							# - Access denied, sending domain [$SenderDomain] does not pass DMARC verification
33							# - The sender's domain in the 5322.From address doesn't pass DMARC.
34							['5.7.509', 0, 0, 'does not pass dmarc verification'],
35
36							# - 550 5.7.515 Access denied, sending domain EXAMPLE.JP doesn't meet the required
37							# authentication level. The sender's domain in the 5322.From address doesn't meet
38							# the authentication requirements defined for the sender. To learn how to fix this
39							# see: https://go.microsoft.com/fwlink/p/?linkid=2319303
40							# Spf= Fail , Dkim= Pass , DMARC= Pass ...
41							["5.7.515", 0, 0, "doesn't meet the required authentication level"],
42							],
43							'badreputation' => [
44							# Undocumented error messages ---------------------------------------------------------
45							# - status=deferred (host outlook-com.olc.protection.outlook.com[192.0.2.255] said:
46							# 451 4.7.650 The mail server [192.0.2.5] has been temporarily rate limited due to IP
47							# reputation. For e-mail delivery information, see https://postmaster.live.com (S775)
48							# [***.prod.protection.outlook.com] (in reply to MAIL FROM command))
49							['4.7.650', 0, 0, 'has been temporarily rate limited due to ip reputation'],
50							],
51							'blocked' => [
52							# Exchange Server 2019 ----------------------------------------------------------------
53							# - Transient network issues or server problems that might eventually correct them-
54							# selves. The sending server will retry delivery of the message, and will generate
55							# further status reports. The message size limit for the connection has been reached,
56							# or the message submission rate for the source IP address has exceeded the configur-
57							# ed limit. For more information, see Message rate limits and throttling. Antispam,
58							# SMTP proxy, or firewall configuration issues are blocking email from the Exchange
59							# server.
60							['4.4.2', 0, 0, 'connection dropped'],
61
62							# Exchange Online ---------------------------------------------------------------------
63							# - Suspicious activity has been detected on the IP in question, and it has been tempo-
64							# rarily restricted while it's being further evaluated.
65							# - If this activity is valid, this restriction will be lifted shortly.
66							['4.7.', 850, 899, 'access denied, please try again later'],
67
68							# - Access denied, the sending IPv6 address [2a01:111:f200:2004::240] must have a re-
69							# verse DNS record
70							# - The sending IPv6 address must have a reverse DNS record in order to send email over
71							# IPv6.
72							['5.7.25', 0, 0, 'must have a reverse dns record'],
73
74							# - Your server is attempting to introduce itself (HELO according to RFC 821) as the
75							# server it's trying to connect to, rather than its own fully qualified domain name.
76							# - This isn't allowed, and it's characteristic of typical spambot behavior.
77							['5.7.506', 0, 0, 'access denied, bad helo'],
78
79							# - The IP that you're attempting to send from has been blocked by the recipient's or-
80							# ganization.
81							# - Contact the recipient in order to resolve this issue.
82							['5.7.507', 0, 0, 'access denied, rejected by recipient'],
83
84							# - Access denied, [contoso.com] does not accept email over IPv6
85							# - The sender is attempting to transmit a message to the recipient over IPv6, but the
86							# recipient doesn't accept email messages over IPv6.
87							['5.7.510', 0, 0, 'does not accept email over ipv6'],
88
89							# - The IP that you're attempting to send from has been banned.
90							# - To delist the address, email delist@messaging.microsoft.com and provide the full
91							# NDR code and IP address to delist. For more information, see Use the delist portal
92							# to remove yourself from the blocked senders list.
93							['5.7.511', 0, 0, 'access denied, banned sender'],
94
95							# - Service unavailable, Client host [$ConnectingIP] blocked by $recipientDomain using
96							# Customer Block list (AS16012607)
97							# - The recipient domain has added your sending IP address to its custom blocklist.
98							# - The domain that received the email has blocked your sender's IP address. If you
99							# think your IP address has been added to the recipient domain's custom blocklist in
100							# error, you need to contact them directly and ask them to remove it from the block-
101							# list.
102							['5.7.513', 0, 0, 'using customer block list'],
103
104							# - 5.7.606-649 Access denied, banned sending IP [IP1.IP2.IP3.IP4]
105							# - The IP that you're attempting to send from has been banned.
106							# - Verify that you're following the best practices for email deliverability, and en-
107							# sure your IPs' reputations haven't been degraded as a result of compromise or mali-
108							# cious traffic. If you believe you're receiving this message in error, you can use
109							# the self-service portal to request to be removed from this list.
110							# - For more information, see Use the delist portal to remove yourself from the blocked
111							# senders list.
112							['5.7.', 606, 649, 'access denied, banned sending ip '],
113
114							# Previous versions of Exchange Server ------------------------------------------------
115							# - Suspicious activity has been detected and sending has been temporarily restricted
116							# for further evaluation.
117							# - If this activity is valid, this restriction will be lifted shortly.
118							['4.7.', 500, 699, 'access denied, please try again later'],
119
120							# Previous versions of Exchange Server ------------------------------------------------
121							['5.5.4', 0, 0, 'invalid domain name'],
122
123							# Undocumented error messages ---------------------------------------------------------
124							# - 550 5.7.1 Unfortunately, messages from [10.0.2.5] weren't sent. Please contact your
125							# Internet service provider since part of their network is on our block list (S3150).
126							['5.7.1', 0, 0, 'part of their network is on our block list (s3150)'],
127							],
128							'contenterror' => [
129							# Exchange Server 2019 ----------------------------------------------------------------
130							# - The message was determined to be malformed, and was moved to the poison message
131							# queue. For more information, see Types of queues.
132							['5.3.0', 0, 0, 'too many related errors'],
133
134							# Exchange Online ---------------------------------------------------------------------
135							# - Your email program added invalid characters (bare line feed characters) into a mes-
136							# sage you sent.
137							['5.6.11', 0, 0, 'invalid characters'],
138
139							# Previous versions of Exchange Server ------------------------------------------------
140							['5.4.11', 0, 0, 'agent generated message depth exceeded'],
141							['5.5.6', 0, 0, 'invalid message content'],
142							],
143							'emailtoolarge' => [
144							# Exchange Server 2019 ----------------------------------------------------------------
145							# - The message is too large. Send the message again without any attachments, or confi-
146							# gure a larger message size limit for the recipient. For more information, see Re-
147							# cipient limits.
148							['5.2.3', 0, 0, 'resolver.rst.recipsizelimit; message too large for this recipient'],
149
150							# - The message is too large. This error can be generated by the source or destination
151							# messaging system. Send the message again without any attachments, or configure a
152							# larger message size limit. For more information, see Message size and recipient
153							# limits in Exchange Server.
154							['5.3.4', 0, 0, 'message size exceeds fixed maximum message size'],
155
156							# Previous versions of Exchange Server ------------------------------------------------
157							['5.3.4', 0, 0, 'message too big for system'],
158							],
159							'expired' => [
160							# Exchange Server 2019 ----------------------------------------------------------------
161							# - Transient network issues that might eventually correct themselves. The Exchange
162							# server periodically tries to connect to the destination server to deliver the mes-
163							# sage. After multiple failures, the message is returned to the sender in an NDR with
164							# a permanent failure code.
165							# For more information about configuring the queue retry and failure intervals, see
166							# Configure message retry, resubmit, and expiration intervals. To manually retry a
167							# queue, see Retry queues. Firewall or Internet service provider (ISP) restrictions
168							# on TCP port 25.
169							['4.4.1', 0, 0, 'connection timed out'],
170
171							# - Send connector configuration issues. For example:
172							# - The Send connector is configured to use DNS routing when it should be using smart
173							# host routing, or vice-versa. Use nslookup to verify that the destination domain
174							# is reachable from the Exchange server.
175							# - The FQDN that the Send connector provides to HELO or EHLO requests doesn't match
176							# the host name in your MX record (for example, mail.contoso.com). Some messaging
177							# systems are configured to compare these values in an effort to reduce spam. The
178							# default value on a Send connector is blank, which means the FQDN of the Exchange
179							# server is used (for example, exchange01.contoso.com).
180							# - The Mailbox Transport Delivery service isn't started on the destination server
181							# (which prevents the delivery of the message to the mailbox).
182							# - The destination messaging system has issues with Transport Neutral Encryption For-
183							# mat (TNEF) messages (also known as rich text format or RTF in Outlook). For exam-
184							# ple, meeting requests or messages with images embedded in the message body.
185							# - If the destination domain uses the Sender Policy Framework (SPF) to check message
186							# sources, there may be SPF issues with your domain (for example, your SPF record
187							# doesn't include all email sources for your domain).
188							['4.4.7', 0, 0, 'message delayed'],
189							['4.4.7', 0, 0, 'queue expired; message expired'],
190
191							# Exchange Online ---------------------------------------------------------------------
192							# - The message in the queue has expired. The sending server tried to relay or deliver
193							# the message, but the action wasn't completed before the message expiration time oc-
194							# curred. This message can also indicate that a message header limit has been reached
195							# on a remote server, or some other protocol time-out occurred while communicating
196							# with the remote server.
197							# - This message usually indicates an issue on the receiving server. Check the validity
198							# of the recipient address, and determine if the receiving server is configured cor-
199							# rectly to receive messages. You might have to reduce the number of recipients in
200							# the message header for the host about which you're receiving this error. If you
201							# send the message again, it's placed in the queue again. If the receiving server is
202							# available, the message is delivered.
203							['4.4.7', 0, 0, 'message expired'],
204
205							# - The email took too long to be successfully delivered, either because the destina-
206							# tion server never responded or the sent message generated an NDR error and that NDR
207							# couldn't be delivered to the original sender.
208							['5.4.300', 0, 0, 'message expired'],
209							],
210							'failedstarttls' => [
211							# Exchange Online ---------------------------------------------------------------------
212							# - MX hosts of failed MTA-STS validation The destination MX host is not the
213							# expected host per the domain's STS policy
214							["4.4.8", 0, 0, " failed mta-sts validation"],
215							["5.4.8", 0, 0, " failed mta-sts validation"],
216
217							# - DNSSEC checks have passed, yet upon connection, destination mail server doesn't re-
218							# spond to the STARTTLS command. The destination server responds to the STARTTLS com-
219							# mand, but the TLS handshake fails.
220							# - This message usually indicates an issue on the destination email server. Check the
221							# validity of the recipient address. Determine if the destination server is configur-
222							# ed correctly to receive the messages.
223							['4.4.317', 0, 0, 'starttls is required to send mail'],
224							['5.4.317', 0, 0, 'starttls is required to send mail'],
225
226							# - Remote certificate failed MTA-STS validation. Reason: The destina-
227							# tion mail server's certificate must chain to a trusted root Certificate Authority
228							# and the Common Name or Subject Alternative Name must contain an entry for the host
229							# name in the STS policy.
230							["4.7.5", 0, 0, "remote certificate failed mta-sts validation"],
231							["5.7.5", 0, 0, "remote certificate failed mta-sts validation"],
232
233							# - DNSSEC checks have passed, yet upon establishing the connection the destination
234							# mail server provides a certificate that is expired.
235							# - A valid X.509 certificate that isn't expired must be presented. X.509 certificates
236							# must be renewed after their expiration, commonly annually.
237							['5.7.51', 0, 0, 'restrictdomainstoipaddresses or restrictdomainstocertificate'],
238							['4.7.321', 0, 0, 'starttls-not-supported:'],
239							['5.7.321', 0, 0, 'starttls-not-supported:'],
240							['5.7.322', 0, 0, "certificate-expired:"],
241
242							# - Records are DNSSEC authentic, but one or multiple of these scenarios occurred:
243							# - The destination mail server's certificate doesn't match with what is expected per
244							# the authentic TLSA record.
245							# - Authentic TLSA record is misconfigured.
246							# - Destination domain is being attacked.
247							# - Any other DANE failure.
248							# - This message usually indicates an issue on the destination email server. Check the
249							# validity of recipient address and determine if the destination server is configured
250							# correctly to receive messages.
251							# - For more information about DANE, see: https://datatracker.ietf.org/doc/html/rfc7671
252							['4.7.323', 0, 0, 'tlsa-invalid:'],
253							['5.7.323', 0, 0, 'tlsa-invalid:'],
254
255							# - The destination domain indicated it was DNSSEC-authentic, but Exchange Online was
256							# not able to verify it as DNSSEC-authentic.
257							['4.7.324', 0, 0, 'dnssec-invalid:'],
258							['5.7.324', 0, 0, 'dnssec-invalid:'],
259
260							# - This happens when the presented certificate identities (CN and SAN) of a destina-
261							# tion SMTP target host don't match any of the domains or MX host.
262							# - This message usually indicates an issue on the destination email server. Check the
263							# validity of recipient address and determine if the destination server is configured
264							# correctly to receive messages. For more information, see How SMTP DNS-based Authen-
265							# tication of Named Entities (DANE) works to secure email communications.
266							['4.7.325', 0, 0, 'certificate-host-mismatch:'],
267							['5.7.325', 0, 0, 'certificate-host-mismatch:'],
268							],
269							'mailboxfull' => [
270							# Exchange Server 2019 ----------------------------------------------------------------
271							# - The recipient's mailbox has exceeded its storage quota and is no longer able to ac-
272							# cept new messages. For more information about configuring mailbox quotas, see Con-
273							# figure storage quotas for a mailbox.
274							['5.2.2', 0, 0, 'mailbox full'],
275							],
276							'networkerror' => [
277							# Exchange Server 2019 ----------------------------------------------------------------
278							# - There's a DNS or network adapter configuration issue on the Exchange server. Verify
279							# the internal and external DNS lookup settings for the Exchange by running this com-
280							# mand in the Exchange Management Shell:
281							# - Get-TransportService \| Format-List Name,ExternalDNS,InternalDNS;
282							# - Get-FrontEndTransportService \| Format-List Name,ExternalDNS,InternalDNS`
283							# You can configure these settings by using the InternalDNS* and ExternalDNS* parame-
284							# ters on the Set-TransportService and Set-FrontEndTransportService cmdlets.
285							# By default, these settings are used by Send connectors (the default value of the
286							# UseExternalDNSServersEnabled parameter value is $false). Check the priority (order)
287							# of the network adapters in the operating system of the Exchange server.
288							['5.4.4', 0, 0, 'smtpsend.dns.nonexistentdomain; nonexistent domain'],
289
290							# - A configuration error has caused an email loop. By default, after 20 iterations of
291							# an email loop, Exchange interrupts the loop and generates an NDR. Verify that Inbox
292							# rules for the recipient and sender, or forwarding rules on the recipient's mailbox
293							# aren't causing this (the message generates a message, which generates another mes-
294							# sage, and the process continues indefinitely).
295							# Verify the mailbox doesn't have a targetAddress property value in Active Directory
296							# (this property corresponds to the ExternalEmailAddress parameter for mail users in
297							# Exchange). If you remove Exchange servers, or modify settings related to mail rout-
298							# ing an mail flow, be sure to restart the Microsoft Exchange Transport and Exchange
299							# Frontend Transport services.
300							['5.4.6', 0, 0, 'hop count exceeded - possible mail loop'],
301
302							# Exchange Online ---------------------------------------------------------------------
303							# - Microsoft 365 or Office 365 is trying to send a message to an email server outside
304							# of Microsoft 365 or Office 365, but attempts to connect to it are failing due to a
305							# network connection issue at the external server's location.
306							# - This error almost always indicates an issue with the receiving server or network
307							# outside of Microsoft 365 or Office 365. The error should also include the IP ad-
308							# dress of the server or service that's generating the error, which you can use to
309							# identify the party responsible for fixing this.
310							['4.4.316', 0, 0, 'connection refused'], # [Message=Socket error code 10061]
311							['5.4.316', 0, 0, 'connection refused'], # [Message=Socket error code 10061]
312
313							# - A configuration error has caused an email loop. 5.4.6 is generated by on-premises
314							# Exchange server (you'll see this code in hybrid environments). 5.4.14 is generated
315							# by Exchange Online. By default, after 20 iterations of an email loop, Exchange in-
316							# terrupts the loop and generates an NDR to the sender of the message.
317							# - This error occurs when the delivery of a message generates another message in re-
318							# sponse. That message then generates a third message, and the process is repeated,
319							# creating a loop. To help protect against exhausting system resources, Exchange in-
320							# terrupts the mail loop after 20 iterations. Mail loops are typically created be-
321							# cause of a configuration error on the sending mail server, the receiving mail serv-
322							# er, or both. Check the sender's and the recipient's mailbox rules configuration to
323							# determine whether automatic message forwarding is enabled.
324							['5.4.4', 0, 0, 'invalid arguments'],
325							['5.4.6', 0, 0, 'routing loop detected'],
326							['5.4.14', 0, 0, 'routing loop detected'],
327
328							# Imported from Sisimai::Lhost::Office365
329							['4.4.312', 0, 0, 'dns query failed'], # [Message=InfoNoRecords]
330							['5.4.312', 0, 0, 'dns query failed'], # [Message=InfoNoRecords]
331							],
332							'norelaying' => [
333							# Exchange Server 2019 ----------------------------------------------------------------
334							# - You have an application server or device that's trying to relay messages through
335							# Exchange. For more information, see Allow anonymous relay on Exchange servers. The
336							# recipient is configured to only accept messages from authenticated (typically, in-
337							# ternal) senders. For more information, see Configure message delivery restrictions
338							# for a mailbox.
339							['5.7.1', 0, 0, 'unable to relay'],
340							['5.7.1', 0, 0, 'client was not authenticated'],
341
342							# Exchange Online ---------------------------------------------------------------------
343							# - The mail server that's generating the error doesn't accept mail for the recipient's
344							# domain. This error is caused by mail server or DNS misconfiguration.
345							['5.4.1', 0, 0, 'relay access denied'],
346
347							# - The sending email system isn't allowed to send a message to an email system where
348							# that email system isn't the final destination of the message.
349							# - This error occurs when the sending email system tries to send an anonymous message
350							# to a receiving email system, and the receiving email system doesn't accept messages
351							# for the domain or domains specified in one or more of the recipients. The following
352							# are the most common reasons for this error:
353							# - A third party tries to use a receiving email system to send spam, and the receiv-
354							# ing email system rejects the attempt. By the nature of spam, the sender's email
355							# address might have been forged, and the resulting NDR could have been sent to the
356							# unsuspecting sender's email address. It's difficult to avoid this situation.
357							# - An MX record for a domain points to a receiving email system where that domain is
358							# not accepted. The administrator responsible for the specific domain name must
359							# correct the MX record or configure the receiving email system to accept messages
360							# sent to that domain, or both.
361							# - A sending email system or client that should use the receiving email system to
362							# relay messages doesn't have the correct permissions to do this.
363							['5.7.1', 0, 0, 'unable to relay'],
364
365							# - You use an inbound connector to receive messages from your on-premises email envi-
366							# ronment, and something has changed in your on-premises environment that makes the
367							# inbound connector's configuration incorrect.
368							['5.7.64', 0, 0, 'tenantattribution; relay access denied'],
369
370							# Previous versions of Exchange Server ------------------------------------------------
371							['5.4.310', 0, 0, 'does not exist'], # DNS domain * does not exist
372							],
373							'notaccept' => [
374							['4.3.2', 0, 0, 'system not accepting network messages'],
375							['4.4.4', 0, 0, 'hosted tenant which has no mail-enabled subscriptions'],
376
377							# Exchange Server 2019 ----------------------------------------------------------------
378							# - You're using the ABP Routing agent, and the recipient isn't a member of the global
379							# address list that's specified in their address book policy (ABP). For more infor-
380							# mation, see Use the Exchange Management Shell to install and configure the Address
381							# Book Policy Routing Agent and Address book policies in Exchange Server.
382							['5.3.2', 0, 0, 'storedrv.deliver: missing or bad storedriver mdb properties'],
383							],
384							'policyviolation' => [
385							# - 5.0.350 is a generic catch-all error code for a wide variety of non-specific errors
386							# lfrom the recipient's email organization. The specific x-dg-ref header is too long
387							# message is related to Rich Text formatted messages. The specific Requested action
388							# not taken: policy violation detected (AS345) message is related to nested attach-
389							# ments.
390							['5.0.350', 0, 0, 'x-dg-ref header is too long'],
391							['5.0.350', 0, 0, 'requested action not taken: policy violation detected (as345)'],
392
393							# - The message was rejected by a mail flow rule (also known as a transport rule). This
394							# enhanced status code range is available when the rule is configured to reject mes-
395							# sages (otherwise, the default code that's used is 5.7.1). For more information, see
396							# Mail flow rule actions in Exchange Server.
397							['5.7.', 900, 999, 'delivery not authorized, message refused'],
398							],
399							'ratelimited' => [
400							# Exchange Server 2019 ----------------------------------------------------------------
401							# - The combined total of recipients on the To, Cc, and Bcc lines of the message ex-
402							# ceeds the total number of recipients allowed in a single message for the organiza-
403							# tion, Receive connector, or sender. For more information, see Message size and re-
404							# cipient limits in Exchange Server.
405							['5.5.3', 0, 0, 'too many recipients'],
406
407							# Exchange Online ---------------------------------------------------------------------
408							# - The recipient mailbox's ability to accept messages is being throttled because it's
409							# receiving too many messages too quickly. This is done so a single recipient's mail
410							# processing doesn't unfairly impact other recipients sharing the same mailbox data-
411							# base.
412							['4.3.2', 0, 0, 'storedrv.deliver; recipient thread limit exceeded'],
413
414							# - The message has more than 200 SMTP envelope recipients from the same domain.
415							# - An envelope recipient is the original, unexpanded recipient that's used in the RCPT
416							# TO command to transmit the message between SMTP servers. When this error is return-
417							# ed by Microsoft 365 or Office 365, the sending server must break up the number of
418							# envelope recipients into smaller chunks (chunking) and resend the message.
419							['4.5.3', 0, 0, 'too many recipients'],
420
421							# - The sender has exceeded the recipient rate limit as described in Sending limits.
422							# - This could indicate the account has been compromised and is being used to send
423							# spam.
424							['5.1.90', 0, 0, "reached your daily limit for message recipients"],
425
426							# - The sender has exceeded the recipient rate limit or the message rate limit as de-
427							# scribed in Sending limits.
428							# - This could indicate the account has been compromised and is being used to send
429							# spam.
430							['5.2.2', 0, 0, 'submission quota exceeded'],
431
432							# - The sender has exceeded the maximum number of messages they're allowed to send per
433							# hour to a specific recipient in Exchange Online.
434							# - The automated mailer or sender should try again later, and reduce the number of
435							# messages they send per hour to a specific recipient. This limit helps protect
436							# Microsoft 365 or Office 365 users from rapidly filling their inboxes with a large
437							# number of messages from errant automated notification systems or other single-send-
438							# er mail storms.
439							['5.2.121', 0, 0, "recipient's per hour message receive limit"],
440
441							# - The Microsoft 365 or Office 365 recipient has exceeded the number of messages they
442							# can receive per hour from all senders.
443							# - The automated mailer or sender should try again later, and reduce the number of
444							# messages they send per hour to a specific recipient. This limit helps protect
445							# Microsoft 365 and Office 365 users from rapidly filling their inboxes with a large
446							# number of messages from errant automated notification systems or other mail storms.
447							['5.2.122', 0, 0, "recipient's per hour message receive limit"],
448
449							# - Access denied, [$SenderIPAddress] has exceeded permitted limits within $range range
450							# - The sender's IPv6 range has attempted to send too many messages in too short a time
451							# period.
452							['5.7.508', 0, 0, 'has exceeded permitted limits within'],
453
454							# - The majority of traffic from this tenant has been detected as suspicious and has
455							# resulted in a ban on sending ability for the tenant.
456							# - Ensure that any compromises or open relays have been resolved, and then contact
457							# support through your regular channel. For more information, see Fix email delivery
458							# issues for error codes 5.7.700 through 5.7.750 in Exchange Online.
459							['5.7.', 700, 749, 'tenant has exceeded threshold'],
460							['5.7.', 700, 749, 'traffic not accepted from this ip'],
461
462							# - 451 4.7.652 The mail server [192.0.2.251] has exceeded the maximum number of
463							# connections. (S3115) [Name=Protocol Filter Agent][AGT=PFA][MxId=11BA9B3FA168ABBF]
464							# [BN3PEPF0000B370.namprd21.prod.outlook.com 2025-02-20T14:30:32.425Z 08DD4D9FD5AFF45C]
465							# (in reply to MAIL FROM command))
466							["4.7.652", 0, 0, "has exceeded the maximum number of connections"],
467
468							# Previous versions of Exchange Server ------------------------------------------------
469							['5.2.122', 0, 0, 'the recipient has exceeded their limit for'],
470							],
471							'rejected' => [
472							# Exchange Server 2019 ----------------------------------------------------------------
473							# - There's a problem with the sender's email address. Verify the sender's email ad-
474							# dress.
475							['5.1.7', 0, 0, 'invalid address'],
476							['5.1.7', 0, 0, 'unknown sender address'],
477
478							# - A common cause of this NDR is when you use Microsoft Outlook to save an email mes-
479							# sage as a file, and then someone opened the message offline and replied to it. The
480							# message property only preserves the legacyExchangeDN attribute when Outlook deliv-
481							# ers the message, and therefore the lookup could fail.
482							# - Either the recipient address is incorrectly formatted, or the recipient couldn't be
483							# correctly resolved. The first step in resolving this error is to check the recipi-
484							# ent address, and send the message again.
485							['5.1.0', 0, 0, 'sender denied'],
486
487							# - The account has been blocked for sending too much spam. Typically, this problem oc-
488							# curs because the account has been compromised (hacked) by phishing or malware.
489							['5.1.8', 0, 0, 'access denied, bad outbound sender'],
490
491							# Exchange Online ---------------------------------------------------------------------
492							# - The sender of the message isn't allowed to send messages to the recipient.
493							# - This error occurs when the sender tries to send a message to a recipient but the
494							# sender isn't authorized to do this. This frequently occurs when a sender tries to
495							# send messages to a distribution group that has been configured to accept messages
496							# only from members of that distribution group or other authorized senders. The send-
497							# er must request permission to send messages to the recipient. This error can also
498							# occur if an Exchange transport rule rejects a message because the message matched
499							# conditions that are configured on the transport rule.
500							['5.7.1', 0, 0, 'delivery not authorized'],
501
502							# - The sender's message is rejected because the recipient address is set up to reject
503							# messages sent from outside of its organization. Only an email admin for the recipi-
504							# ent's organization can change this.
505							['5.7.12', 0, 0, 'sender was not authenticated by organization'],
506
507							# - The sender doesn't have permission to send to the distribution group because the
508							# sender isn't in the group's allowed-senders list. Depending how the group is set
509							# up, even the group's owner might need to be added to the allowed sender list in or-
510							# der to send messages to the group.
511							['5.7.124', 0, 0, 'sender not in allowed-senders list'],
512
513							# - The recipient address is a group distribution list that is set up to reject mes-
514							# sages sent from outside of its organization. Only an email admin for the recipi-
515							# ent's organization or the group owner can change this.
516							['5.7.133', 0, 0, 'sender not authenticated for group'],
517
518							# - The recipient address is a mailbox that is set up to reject messages sent from out-
519							# side of its organization. Only an email admin for the recipient's organization can
520							# change this.
521							['5.7.134', 0, 0, 'sender was not authenticated for mailbox'],
522
523							# - The recipient address is a public folder that is set up to reject messages sent
524							# from outside of its organization. Only an email admin for the recipient's organiza-
525							# tion can change this.
526							['5.7.13', 0, 0, 'sender was not authenticated for public folder'],
527							['5.7.135', 0, 0, 'sender was not authenticated for public folder'],
528
529							# - The recipient address is a mail user that is set up to reject messages sent from
530							# outside of its organization. Only an email admin for the recipient's organization
531							# can change this.
532							['5.7.136', 0, 0, 'sender was not authenticated'],
533
534							# - The sending account has been banned due to detected spam activity.
535							# - For details, see Fix email delivery issues for error code 451 5.7.500-699 (ASxxx)
536							# in Exchange Online.
537							# - Verify that any account issues have been resolved, and reset its credentials. To
538							# restore this account's ability to send mail, contact support through your regular
539							# channel.
540							['5.7.', 501, 503, 'access denied, spam abuse detected'],
541
542							# - Message was sent without a valid "From" email address.
543							# - Office 365 only. Each message must contain a valid email address in the "From"
544							# header field. Proper formatting of this address includes angle brackets around the
545							# email address, for example, . Without this address Microsoft
546							# 365 or Office 365 will reject the message.
547							['5.7.512', 0, 0, 'access denied, message must be rfc 5322 section 3.6.2 compliant'],
548
549							# - A suspicious number of messages from unprovisioned domains is coming from this ten-
550							# ant.
551							# - Add and validate any and all domains that you use to send email from Microsoft 365
552							# or Office 365. For more information, see Fix email delivery issues for error codes
553							# 5.7.700 through 5.7.750 in Exchange Online.
554							['5.7.750', 0, 0, 'service unavailable. client blocked from sending from unregistered domains'],
555
556							# Previous versions of Exchange Server ------------------------------------------------
557							['5.7.', 501, 503, 'access denied, banned sender'],
558							],
559							'securityerror' => [
560							# Exchange Server 2019 ----------------------------------------------------------------
561							# - A firewall or other device is blocking the Extended SMTP command that's required
562							# for Exchange Server authentication (X-EXPS). Internal email traffic is flowing
563							# through connectors that aren't configured to use the Exchange Server authentication
564							# method . Verify the remote IP address ranges on any custom Receive connectors.
565							['5.7.3', 0, 0, 'cannot achieve exchange server authentication'],
566							['5.7.3', 0, 0, 'not authorized'],
567
568							# - The sending email system didn't authenticate with the receiving email system. The
569							# receiving email system requires authentication before message submission.
570							# - This error occurs when the receiving server must be authenticated before message
571							# submission, and the sending email system hasn't authenticated with the receiving e-
572							# mail system. The sending email system administrator must configure the sending e-
573							# mail system to authenticate with the receiving email system for delivery to be suc-
574							# cessful.
575							['5.7.1', 0, 0, 'client was not authenticated'],
576
577							# - You configured an application or device to send (relay) email messages in Microsoft
578							# 365 or Office 365 using the smtp.office365.com endpoint, and there's a problem with
579							# the configuration of the application or device.
580							['5.7.57', 0, 0, 'client was not authenticated to send anonymous mail during mail from'],
581							],
582							'spamdetected' => [
583							# Exchange Server 2019 ----------------------------------------------------------------
584							# - The message was quarantined by content filtering. To configure exceptions to con-
585							# tent filtering, see Use the Exchange Management Shell to configure recipient and
586							# sender exceptions for content filtering.
587							['5.2.1', 0, 0, 'content filter agent quarantined this message'],
588							],
589							'suspend' => [
590							# Exchange Online ---------------------------------------------------------------------
591							# - The recipient address that you're attempting to contact isn't valid.
592							# - Verify the recipient's email address, and try again.
593							# - If you feel this is in error, contact support.
594							['5.7.504', 0, 0, 'recipient address rejected: access denied'],
595							['5.7.505', 0, 0, 'access denied, banned recipient'],
596
597							# Previous versions of Exchange Server ------------------------------------------------
598							['5.2.1', 0, 0, 'mailbox cannot be accessed'],
599							],
600							'syntaxerror' => [
601							# Exchange Server 2019 ----------------------------------------------------------------
602							# - Receive connectors that are used for internal mail flow are missing the required
603							# Exchange Server authentication mechanism. For more information about authentication
604							# on Receive connectors, see Receive connector authentication mechanisms.
605							['5.3.3', 0, 0, 'unrecognized command'],
606
607							# - SMTP commands are sent out of sequence (for example, a server sends an SMTP command
608							# like AUTH or MAIL FROM before identifying itself with the EHLO command). After es-
609							# tablishing a connection to a messaging server, the first SMTP command must always
610							# be EHLO or HELO.
611							['5.5.2', 0, 0, 'send hello first'],
612							],
613							'systemerror' => [
614							# Exchange Server 2019 ----------------------------------------------------------------
615							# - You've configured a custom Receive connector in the Transport (Hub) service on a
616							# Mailbox server that listens on port 25. Typically, custom Receive connectors that
617							# listen on port 25 belong in the Front End Transport service on the Mailbox server.
618							# Important Exchange server components are inactive. You can confirm this by running
619							# the following command in the Exchange Management Shell:
620							# Get-ServerComponent -Identity .
621							# To restart all inactive components, run the following command:
622							# Set-ServerComponentState -Identity -Component ServerWideOffline
623							# -State Active -Requester Maintenance.
624							# Incompatible transport agents (in particular, after an Exchange update). After you
625							# identify the transport agent, disable it or uninstall it. For more information, see
626							# Troubleshoot transport agents.
627							['4.3.2', 0, 0, 'service not available'],
628							['4.3.2', 0, 0, 'service not active'],
629
630							# - A mail loop was detected. Verify that the FQDN property on the Receive connector
631							# doesn't match the FQDN of another server, service, or device that's used in mail
632							# flow in your organization (by default, the Receive connector uses the FQDN of the
633							# Exchange server).
634							['5.3.5', 0, 0, 'system incorrectly configured'],
635
636							# Exchange Online ---------------------------------------------------------------------
637							# - Journaling on-premises messages to Microsoft 365 or Office 365 isn't supported for
638							# this organization because they haven't turned on Journaling Archive in their set-
639							# tings.
640							# - A journaling rule is configured in the organization's on-premises environment to
641							# journal on-premises messages to Microsoft 365 or Office 365, but Journaling Archive
642							# is disabled. For this scenario to work, the organization's Office 365 administrator
643							# should either enable Journaling Archive or change the journaling rule to journal
644							# messages to a different location.
645							['5.3.190', 0, 0, 'when journaling archive is disabled'],
646
647							# Previous versions of Exchange Server ------------------------------------------------
648							['5.0.0', 0, 0, 'helo / ehlo requires domain address'],
649							['5.1.4', 0, 0, 'destination mailbox address ambiguous'],
650							['5.2.4', 0, 0, 'mailing list expansion problem'],
651							['5.2.14', 0, 0, 'misconfigured forwarding address'],
652
653							# Undocumented error messages ---------------------------------------------------------
654							# - 451 4.4.22 Message failed to be replicated: no healthy peers found ... (in reply to end of DATA command)
655							# - 451 4.4.23 Message failed to be replicated: No healthy secondary server available
656							# to accept replica at this time. ... (in reply to end of DATA command)
657							# - 451 4.4.28 Message failed to be replicated:
658							# Microsoft.Exchange.Transport.Net.Http.TransportHttpException(session Id: -1) ...(in reply to end of DATA command)
659							# - 451 4.4.28 Message failed to be replicated:
660							# System.Net.Http.HttpRequestException(session Id: ****) ... (in reply to end of DATA command)
661							["4.4.", 22, 28, "message failed to be replicated:"],
662							["4.4.3", 0, 0, "temporary server error. please try again later attr18"],
663							["4.7.0", 0, 0, "temporary server error. please try again later. prx4 nexthop:"],
664
665							# 550 5.4.318 Message expired, connection reset (SuspiciousRemoteServerError)
666							# 450 4.4.318 Connection was closed abruptly (SuspiciousRemoteServerError)
667							['4.4.318', 0, 0, '(suspiciousremoteservererror)'],
668							['5.4.318', 0, 0, '(suspiciousremoteservererror)'],
669
670							# - status=deferred (host hotmail-com.olc.protection.outlook.com[192.0.2.1] said:
671							# 451 4.7.500 Server busy. Please try again later from [192.0.2.2]. (AS761) (in reply
672							# to RCPT TO command))
673							['4.7.500', 0, 0, 'server busy. please try again later from '],
674
675							# - status=deferred (host apc.olc.protection.outlook.com[192.0.2.1] said:
676							# 451 4.7.700 PFA agent busy, please try again. [*.*.prod.protection.outlook.com]
677							# (in reply to MAIL FROM command))
678							['4.7.700', 0, 0, 'pfa agent busy, please try again.'],
679							],
680							'systemfull' => [
681							# Exchange Server 2019 ----------------------------------------------------------------
682							# - Free disk space is low (for example, the disk that holds the queue database doesn't
683							# have the required amount of free space). For more information, see Understanding
684							# back pressure. To move the queue database to a different disk, see Change the loca-
685							# tion of the queue database.
686							# - Available memory is low (for example, Exchange installed on a virtual machine that
687							# is configured to use dynamic memory). Always use static memory on Exchange virtual
688							# machines.
689							['4.3.1', 0, 0, 'insufficient system resources'],
690							],
691							'userunknown' => [
692							# Exchange Server 2019 ----------------------------------------------------------------
693							# - The recipient's email address is incorrect (the recipient doesn't exist in the des-
694							# tination messaging system). Verify the recipient's email address. You recreated a
695							# deleted mailbox, and internal users are addressing email messages in Outlook or
696							# Outlook on the web using old entries in their autocomplete cache (the X.500 values
697							# or LegacyExchangeDN values for the recipient are now different). Tell users to de-
698							# lete the entry from their autocomplete cache and select the recipient again.
699							['5.1.1', 0, 0, 'resolver.adr.exrecipnotfound; not found'],
700							['5.1.1', 0, 0, 'user unknown'],
701
702							# - The recipient's email address is incorrect (for example, it contains unsupported
703							# characters or invalid formatting).
704							['5.1.3', 0, 0, 'storedrv.submit; invalid recipient address'],
705
706							# - Receive connectors reject SMTP connections that contain the top level domains de-
707							# fined in RFC 2606 (.test, .example, .invalid, or .localhost), This behavior is con-
708							# trolled by the RejectReservedTopLevelRecipientDomains parameter on the New-Receive-
709							# Connector and Set-ReceiveConnector cmdlets.
710							['5.1.', 4, 5, 'recipient address reserved by rfc 2606'],
711
712							# - Receive connectors reject SMTP connections that contain single label domains (for
713							# example, chris@contoso instead of chris@contoso.com) This behavior is controlled by
714							# the RejectSingleLabelRecipientDomains parameter on the New-ReceiveConnector and
715							# Set-ReceiveConnector cmdlets.
716							['5.1.6', 0, 0, 'recipient addresses in single label domains not accepted'],
717
718							# Exchange Online ---------------------------------------------------------------------
719							# - This failure might be caused by the following conditions:
720							# - The recipient's email address was entered incorrectly by the sender.
721							# - No recipient's exists in the destination email system.
722							# - The recipient's mailbox has been moved and the Outlook recipient cache on the
723							# sender's computer hasn't updated.
724							# - An invalid legacy domain name (DN) exists for the recipient's mailbox Active Di-
725							# rectory Domain Service.
726							# - This error typically occurs when the sender of the message incorrectly enters the
727							# email address of the recipient. The sender should check the recipient's email ad-
728							# dress and send again. This error can also occur if the recipient email address was
729							# correct in the past but has changed or has been removed from the destination email
730							# system. If the sender of the message is in the same organization as the recipient,
731							# and the recipient's mailbox still exists, determine whether the recipient's mailbox
732							# has been relocated to a new email server. If this is the case, Outlook might not
733							# have updated the recipient cache correctly. Instruct the sender to remove the re-
734							# cipient's address from sender's Outlook recipient cache and then create a new mes-
735							# sage. Resending the original message will result in the same failure.
736							['5.1.1', 0, 0, 'bad destination mailbox address'],
737
738							# - The recipient's wasn't found by SMTP address lookup.
739							['5.1.10', 0, 0, 'recipient not found'],
740
741							# - The recipient's address doesn't exist.
742							['5.4.1', 0, 0, 'recipient address rejected: access denied'],
743
744							# - The recipient's domain is @hotmail.com or @outlook.com and it wasn't
745							# found by SMTP address lookup.
746							# - Similar to 550 5.1.10.
747							['5.5.0', 0, 0, 'requested action not taken: mailbox unavailable'],
748
749							# Previous versions of Exchange Server ------------------------------------------------
750							['5.1.2', 0, 0, 'invalid x.400 address'],
751
752							# Imported from Sisimai::/Lhost::Office365
753							['5.1.351', 0, 0, 'remote server returned unknown recipient or mailbox unavailable'],
754							],
755							};
756	118					406	state $errorcodes = {
757							# The mail server IP connecting to Outlook.com server has exceeded the rate limit allowed.
758							# Reason for rate limitation is related to IP/domain reputation.
759							"RP-001" => ["421", "badreputation"],
760
761							# The mail server IP connecting to Outlook.com server has exceeded the rate limit allowed
762							# on this connection. Reason for rate limitation is related to IP/domain reputation.
763							"RP-002" => ["421", "badreputation"],
764
765							# The mail server IP connecting to Outlook.com server has exceeded the connection limit
766							# allowed. Reason for limitation is related to IP/domain reputation.
767							"RP-003" => ["421", "badreputation"],
768
769							# Mail rejected by Outlook.com for policy reasons. Reasons for rejection may be related
770							# to content with spam-like characteristics or IP/domain reputation.
771							"SC-001" => ["550", "badreputation"],
772
773							# Mail rejected by Outlook.com for policy reasons. The mail server IP connecting to
774							# Outlook.com has exhibited namespace mining behavior.
775							"SC-002" => ["550", "policyviolation"],
776
777							# Mail rejected by Outlook.com for policy reasons. Your IP address appears to be an
778							# open proxy/relay.
779							"SC-003" => ["550", "blocked"],
780
781							# Mail rejected by Outlook.com for policy reasons. A block has been placed against your
782							# IP address because we have received complaints concerning mail coming from that IP
783							# address. We recommend enrolling in our Junk Email Reporting Program (JMRP), a free
784							# program intended to help senders remove unwanted recipients from their email list
785							"SC-004" => ["550", "blocked"],
786
787							# Mail rejected by Outlook.com for policy reasons. We generally do not accept email
788							# from dynamic IP's as they are not typically used to deliver unauthenticated SMTP email
789							# to an Internet mail server. (Spamhaus)
790							"DY-001" => ["550", "blocked"],
791
792							# Mail rejected by Outlook.com for policy reasons. The likely cause is a compromised or
793							# virus infected server/personal computer.
794							"DY-002" => ["550", "virusdetected"],
795
796							# Mail rejected by Outlook.com for policy reasons. If you are not an email/network admin
797							# please contact your Email/Internet Service Provider for help. For more information
798							# about this block and to request removal please go to: Spamhaus.
799							"OU-001" => ["550", "blocked"],
800
801							# Mail rejected by Outlook.com for policy reasons. Reasons for rejection may be related
802							# to content with spam-like characteristics or IP/domain reputation.
803							"OU-002" => ["550", "badreputation"],
804							};
805
806	118					498	my $statuscode = $argvs->{'deliverystatus'};
807	118					631	my $thirddigit = int [split /[.]/, $statuscode]->[-1];
808	118					616	my $issuedcode = lc $argvs->{'diagnosticcode'};
809
810	118					998	for my $e ( keys %$messagesof ) {
811							# Each key is a reason name
812	1773					2861	for my $f ( $messagesof->{ $e }->@* ) {
813							# ["status-code", min, max, "error message"]
814	10004	100				15633	if( $f->[1] == $f->[2] ) {
815							# This error code have no range
816	9230	100				20891	next unless $statuscode eq $f->[0];
817
818							} else {
819							# This error code has a range
820	774	100				1913	next if index($statuscode, $f->[0]) < 0;
821	188	100				479	next if $thirddigit < $f->[1];
822	105	100				295	next if $thirddigit > $f->[2];
823							}
824	147	100				1123	return $e if index($issuedcode, $f->[3]) > -1;
825							}
826							}
827	15					92	for my $e ( keys %$errorcodes ) {
828							# The key name is an error code described at Outlook.com Postmaster/Troubleshooting
829							# https://substrate.office.com/ip-domain-management-snds/postmaster/troubleshooting
830	165	50				274	next if index($argvs->{'diagnosticcode'}, $e) < 0;
831	0	0				0	return $errorcodes->{ $e }->[1] if $argvs->{'replycode'} eq $errorcodes->{ $e }->[0];
832							}
833	15					83	return "";
834							}
835
836							1;
837							__END__