SMTP response codes fall within three main brackets:

SMTP 200 -> Positive acceptance code. eg: SMTP 250
SMTP 400 -> Temporary delivery fault (delivery will be retried) eg:450
SMTP 500 -> Permanent delivery failure (Non-delivery report (NDR) will be provided to the original sender eg: 550


Reason Definition Action
450 4.1.1 rejection when relay check is enabled Blocked
450 4.1.8 sender address rejected : domain not found Blocked
450 4.5.5 early spam detection (temporarily blocked) Blocked
450 4.5.6 temporary failure in MTA - please retry Blocked
450 4.5.7 temporary failure in MTA - please retry Blocked
504 5.5.2 recipient address rejected : fully - qualified adress is needed Blocked
504 5.5.2 sender adress rejected: fully - qualified address is needed Blocked
550 5.1.1 unknown recipient (SMTP check) Blocked
550 5.2.2 explicit blocking of sender or recipient address Blocked
550 5.5.3 recipient address rejected: multi-recipient bounce Blocked
552 5.5.2 message size (content filter) Blocked
554 5.5.3 email rejected due to Content Filter Size Limit Blocked
554 5.5.4 IP sender address with a negative reputation Blocked
554 5.5.5 email rejection due to Spam Blocked
554 5.5.6 loop detection Blocked
554 5.5.7 email rejected due to content of attachment Blocked
554 5.6.1 signature of spam in mail header resp. subject Blocked
554 5.6.2 spam link signature detected Blocked
554 5.6.3 spam text signature detected Blocked
554 5.6.4 virus email blocked Blocked
554 5.6.5 TLS encryption required by customer rule Blocked
554 5.7.1 unknown domain or unknown recipient (LDAP check) Blocked
admin-bl blacklist controlled by admin Quarantined
ase-bl individual blacklist controlled by support dep. Quarantined
ase-recap1 diffuse spam fingerprint Quarantined
ase-rep1 IP reputation list 1 Quarantined
ase-rep2 IP reputation list 2 Quarantined
ase-recap4 diffuse spam fingerprint Quarantined
asespf7-1 SPF filter variant 1 Quarantined
asespf7-2 SPF filter variant 2 Quarantined
bodytag spam signature in mail text Quarantined
bouncetag bounce mail management Quarantined
dirtyip reputation filter on IP basis Quarantined
fingerprint re - captured spam mail by hash Quarantined
header spam signature in mail header Quarantined
link ad link Quarantined
rbl50 pre-stage to 554 5.5.4 but not blocking yet Quarantined
sameip signature recognition through spam engines Quarantined
score dynamic content evaluation Quarantined
Score Tag dynamic content evaluation Quarantined
spam reputation filter based on sender server Quarantined
spamip-net IP range of servers with poor reputation Quarantined
spam-sum spam fingerprint Quarantined
subjecttag spam signature in subject line Quarantined
user-bl blacklist controlled by the user Quarantined
wc spam pattern recognition Quarantined
xarg bounce attack or individual customer rule Quarantined
zombie botnet computer Quarantined
Virus-scan01 Found identical attributes of classified virus emails in metadata Virus
Virus-scan01-XARG-V Found known virus structure in multiple attributes of the email Virus
Virus-scan02-Header-V Found virus signature in email header Virus
Virus-scan03-Link-Va Linking of a compromised URL Virus
Virus-scan04-Body-V Found virus signature in email body Virus
Virus-scan05-<VirusName> Virus found – known, classified virus Virus
virus-scan07-doubleextension Found a file with veiled or faked file type in an archive Virus
Virus-scan07-archive-in.archive Found nested archives in an archive Virus
virus-scan07-heur-exploit Found minimum one unknown and potentially dangerous file in an archive Virus
Virus-scan07-fakeoffice2003 Found macro code of office 2007 in an office 2003 file Virus
virus-scan07-potential-fake-archive Found an archive with wrong declaration of content type (MIME-Content-Type) Virus
Virus-scan06-<VirusName> Virus scanner 2 found a virus Virus
Virus-scan08-executable Found potentially dangerous file in attachment Virus
Virus-scan09-ASEzipHeuristics Evidence of phishing and suspicious attachment found Virus
Virus-scan09-asehtmlheuristics Evidence of phishing and suspicious attachment found Virus
Virus-scan09-ASEurl 0xHeuristics Evidence of phishing and suspicious link found Virus
Virus-scan10-<VirusName> Indistinct virus message through Heuristic intend analysis Virus
Virus-scan12-AttachmentV Found virus signature in attachment Virus
Virus-scan13-ASE-PhishingHeuristics Evidencce of phishing and suspicious email header found Virus
Virus-scan14-Short-URL-obfuscation Links are veiled through nested URL shortening Virus
Virus-scan15-ASE-Phishing Direct link to malware or phishing website Virus
Virus-scan16-ASE-Phishing-heur Evidence of phishing and inconsistent sender address Virus
Virus-scan17-ASE-office-macro-exploit Found evidence of malware and office file with macros, OLE-object or VBS code as attachment Virus
Virus-scan17-office-webarchive-exploit-heur Evidence of malware and attachment with suspicious content found Virus
virus-scan17-office-rtf-exploit-heur Evidence of malware and attachment with suspicious content found Virus
virus-scan17-Macro Evidence of malware and attachment with suspicious content found Virus
Virus-scan17-office-macro Evidence of malware and attachment with suspicious content found Virus
Virus-scan18 Evidence of malware and the email was sent by different senders or email servers Virus
Virus-scan21-<Virusname> Virus message by optional virus scanner 3 Virus
Virus-scan22-<Virusname> Virus message by optional virus scanner 4 Virus
Contentfilter Customer defined forbidden attachment Content
atp-url-archive ATP URL Archive Attack Detection
Detection of links, that download archives in delay with malicious content, as they are often used in Blended Attacks.
Virus-ATP
atp-phish-domain ATP Phishing Domains
Identification of domains, that were recently related to phishing, for example, through hacked websites.
Virus-ATP
atp-sandbox ATP Sandbox Analyses
Attachments are executed in a variety of system environments and their behavior is analyzed. Protects against ransomware and blended attacks.
Virus-ATP
atp-ff-spy-out ATP Fraud Forensics: Spy Out Detection
Counter-espionage against attacks trying to obtain sensitive information.
Virus-ATP
atp-ff-identity ATP Fraud Forensics: Identity Spoofing
Detection and blocking of forged sender identities.
Virus-ATP
atp-ff-fraud-attempt ATP Fraud Forensics: Fraud Attempt Analyses
Checks the authenticity and integrity of metadata and email contents.
Virus-ATP
ase-aorm Regular email correspondance Valid
asespf1 familiar sender, type 1 Valid
asespf2 familiar sender, type 2 Valid
asespf3 familiar sender, type3 Valid
ase-wl individual whitelist controlled by the support dep. Valid
big2 email size increased email reputation in multi-criterial scoring function Valid
bigmessage email size increased email reputation in multi-criterial scoring function Valid
body-wl whitelist signature in mail text, type 1 Valid
body-wl2 whitelist signature in mail text, type 2 Valid
customer-wl customer whitelist Valid
header-wl Whitelist signature in header, type 1 Valid
headerwl2 Whitelist signature in header, type 2 Valid
knownsender sender address with positive reputation, type 1 Valid
noreason unevaluated email Valid
qsender2 sender address with positive reputation, type 2 Valid
realbounce sent via bounce management Valid
score dynamic contents evaluation Valid
scorewl2 dynamic contents evaluation, type 2 Valid
sender-ip IP sender address with positive reputation Valid
subject-wl whitelist signature in subject line, type 1 Valid
subject-wl2 whitelist signature in subject line, type 2 Valid
user-wl whitelist controlled by user Valid
xarg-wl bounce mail or individual customer rule Valid